Mirroring Traffic
CHAPTERS
3. Appendix: Default Parameters
|
|
This guide applies to: T1500G-8T v2 or above, T1500G-10PS v2 or above, T1500G-10MPS v2 or above, T1500-28PCT v3 or above, T1600G-18TS v2 or above, T1600G-28TS v3 or above, T1600G-28PS v3 or above, T1600G-52TS v3 or above, T1600G-52PS v3 or above, T1700X-16TS v3 or above, T1700G-28TQ v3 or above, T2500G-10TS v2 or above, T2600G-18TS v2 or above, T2600G-28TS v3 or above, T2600G-28MPS v3 or above, T2600G-28SQ v1 or above, T2600G-52TS v3 or above. |
You can analyze network traffic and troubleshoot network problems using Mirroring. Mirroring allows the switch to send a copy of the traffic that passes through specified sources (ports, LAGs or the CPU) to a destination port. It does not affect the switching of network traffic on source ports, LAGs or the CPU.
1.1Using the GUI
Choose the menu MAINTENANCE > Mirroring to load the following page.
Figure 1-1 Port Mirroring Session List
The above page displays a mirroring session, and no more session can be created. Click Edit to configure this mirroring session on the following page.
Figure 1-2 Configure the Mirroring Session
Follow these steps to configure the mirroring session:
1)In the Destination Port Config section, specify a destination port for the mirroring session, and click Apply.
2)In the Source Interfaces Config section, specify the source interfaces and click Apply. Traffic passing through the source interfaces will be mirrored to the destination port. There are three source interface types: port, LAG, and CPU. Choose one or more types according to your need.
|
UNIT1 |
Select the desired ports as the source interfaces. The switch will send a copy of traffic passing through the port to the destination port. |
|
LAGS |
Select the desired LAGs as the source interfaces. The switch will send a copy of traffic passing through the LAG members to the destination port. |
|
CPU |
When selected, the switch will send a copy of traffic passing through the CPU to the destination port. |
|
Ingress |
With this option enabled, the packets received by the corresponding interface (port, LAG or CPU) will be copied to the destination port. By default, it is disabled. |
|
Egress |
With this option enabled, the packets sent by the corresponding interface (port, LAG or CPU) will be copied to the destination port. By default, it is disabled. |
|
|
Note: The member ports of an LAG cannot be set as a destination port or source port. A port cannot be set as the destination port and source port at the same time. |
1.2Using the CLI
Follow these steps to configure Mirroring.
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
monitor session session_num destination interface { fastEthernet port | gigabitEthernet port | ten-gigabitEthernet port} Enable the port mirror function and set the destination port. session_num: The monitor session number. It can only be specified as 1. port: The destination port number. You can specify only one destination port for the mirror session. |
|
Step 3 |
monitor session session_num source { cpu cpu_numbr | interface { fastEthernet port-list | gigabitEthernet port-list | ten-gigabitEthernet port-list | port-channel port-channel-id }} mode Configure ports or LAGs as the monitored interfaces. session_num: The monitor session number. It can only be specified as 1. cpu_number: The CPU number. It can only be specified as 1. port-list: List of source ports. It is multi-optional. mode: The monitor mode. There are three options: rx, tx and both: rx: The incoming packets of the source port will be copied to the destination port. tx: The outgoing packets of the source port will be copied to the destination port. both: Both of the incoming and outgoing packets on source port can be copied to the destination port. Note: You can configure one or more source interface types (ports, LAGs and the CPU) according to your needs. |
|
Step 4 |
show monitor session Verify the Port Mirror configuration. |
|
Step 5 |
end Return to privileged EXEC mode. |
|
Step 6 |
copy running-config startup-config Save the settings in the configuration file. |
The following example shows how to copy the received and transmitted packets on port 1/0/1,2,3 and the CPU to port 1/0/10.
Switch#configure
Switch(config)#monitor session 1 destination interface gigabitEthernet 1/0/10
Switch(config)#monitor session 1 source interface gigabitEthernet 1/0/1-3 both
Switch(config)#monitor session 1 source cpu 1 both
Switch(config)#show monitor session
Monitor Session: 1
Destination Port: Gi1/0/10
Source Ports(Ingress): Gi1/0/1-3
Source Ports(Egress): Gi1/0/1-3
Source CPU(Ingress): cpu1
Source CPU(Egress): cpu1
Switch(config-if)#end
Switch#copy running-config startup-config
2.1Network Requirements
As shown below, several hosts and a network analyzer are directly connected to the switch. For network security and troubleshooting, the network manager needs to use the network analyzer to monitor the data packets from the end hosts.
Figure 2-1 Network Topology
2.2Configuration Scheme
To implement this requirement, you can use Mirroring feature to copy the packets from ports 1/0/2-5 to port 1/0/1. The overview of configuration is as follows:
1)Specify ports 1/0/2-5 as the source ports, allowing the switch to copy the packets from the hosts.
2)Specify port 1/0/1 as the destination port so that the network analyzer can receive mirrored packets from the hosts.
Demonstrated with T2600G-28TS, the following sections provide configuration procedure in two ways: using the GUI and using the CLI.
2.3Using the GUI
1)Choose the menu MAINTENANCE > Mirroring to load the following page. It displays the information of the mirroring session.
Figure 2-2 Mirror Session List
2)Click Edit on the above page to load the following page. In the Destination Port Config section, select port 1/0/1 as the destination port and click Apply.
Figure 2-3 Destination Port Configuration
3)In the Source Interfaces Config section, select ports 1/0/2-5 as the source ports, and enable Ingress and Egress to allow the received and sent packets to be copied to the destination port. Then click Apply.
Figure 2-4 Source Port Configuration
4)Click 
to save the settings.
2.4Using the CLI
Switch#configure
Switch(config)#monitor session 1 destination interface gigabitEthernet 1/0/1
Switch(config)#monitor session 1 source interface gigabitEthernet 1/0/2-5 both
Switch(config)#end
Switch#copy running-config startup-config
Verify the Configuration
Switch#show monitor session 1
Monitor Session: 1
Destination Port: Gi1/0/1
Source Ports(Ingress): Gi1/0/2-5
Source Ports(Egress): Gi1/0/2-5
Default settings of Switching are listed in th following tables.
Table 3-1Configurations for Ports
|
Parameter |
Default Setting |
|
Ingress |
Disabled |
|
Egress |
Disabled |