Mirroring is a technique to copy traffic from one switch port (source port) to another (destination port), mostly for the purpose of capturing traces.
In selective (aka intelligent) mirroring, specific traffic can be selected to be mirrored to the destination port instead of all traffic at the source port. Below are two examples on how to configure classifier-based mirroring for a local session and for a remote session.
Classifier-based mirroring for local session:
In this example, all Echo Reply ICMP messages (Type 0) coming into Port C1 will be mirrored to Port B3:
mirror 1 port B3
class ipv4 EchoReplyClass
10 match icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 0
exit
policy mirror EchoReplyPolicy
10 class ipv4 EchoReplyClass action mirror 1
interface C1
service-policy EchoReplyPolicy in
exit
Classifier-based mirroring, remote session:
In the example below, traffic from subnet 10.28.31.0/24 coming into VLAN 10 at switch A (10.10.40.4) will be mirrored to Port A1 in switch B (10.10.50.5). In this case switch A is considered the source switch and switch B the destination switch.
The destination switch (switch B) must be configured first:
Switch-B (config) # mirror endpoint ip 10.10.40.4 9200 10.10.50.5 port a1
(9200 is the UDP port number to be used for the session on the source switch. It is recommended that the port number is in the range from 7933 to 65535)
The next step is to configure the source switch (Switch A) as follows:
mirror 1 remote ip 10.10.40.4 9200 10.10.50.5
class ipv4 ServerClass
match ip 10.28.31.0/24 any
exit
policy mirror ServerPolicy
class ipv4 ServerClass action mirror 1
exit
vlan 10 service-policy ServerPolicy in
No comments:
Post a Comment