Juniper EX9200 Features Manual

Port mirroring analyzers feature guide ex series

Hide thumbs Also See for EX9200:

Features manual (448 pages)

Manual (118 pages)

Overview manual (72 pages)

Table Of Contents

Table of Contents

Quick Links

Download this manual See also: Feature Manual

Port Mirroring Analyzers Feature Guide for EX9200

Switches

Release

16.2

Modified: 2016-11-03

Table of Contents

Summary of Contents for Juniper EX9200

Page 2 END USER LICENSE AGREEMENT The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at http://www.juniper.net/support/eula.html.
Page 3: Table Of Contents
Copy Packets to a Local Interface for Local Monitoring ....13 Configuring Mirroring on EX9200 Switches to Analyze Traffic (CLI Procedure) ........... . . 13 Configuring an Analyzer for Local Traffic Analysis .
Page 4 Example: Configuring Mirroring to Multiple Interfaces for Remote Monitoring of Employee Resource Use on EX9200 Switches ......41 Example: Configuring Mirroring for Remote Monitoring of Employee Resource Use Through a Transit Switch on EX9200 Switches .
Page 9: About The Documentation
® To obtain the most current version of all Juniper Networks technical documentation, see the product documentation page on the Juniper Networks website at http://www.juniper.net/techpubs/ If the information in the latest release notes differs from the information in the documentation, follow the product Release Notes.
Page 10: Merging A Full Example
Port Mirroring Analyzers Feature Guide for EX9200 Switches If the example configuration does not start at the top level of the hierarchy, the example is a snippet. In this case, use the command. These procedures are load merge relative described in the following sections.
Page 11: Documentation Conventions
Table 2: Text and Syntax Conventions Convention Description Examples Bold text like this Represents text that you type. To enter configuration mode, type the configure command: user@host> configure Copyright © 2016, Juniper Networks, Inc.
Page 12 Port Mirroring Analyzers Feature Guide for EX9200 Switches Table 2: Text and Syntax Conventions (continued) Convention Description Examples Fixed-width text like this Represents output that appears on the user@host> show chassis alarms terminal screen. No alarms currently active Italic text like this...
Page 13: Documentation Feedback
We encourage you to provide feedback, comments, and suggestions so that we can improve the documentation. You can provide feedback by using either of the following methods: Online feedback rating system—On any page of the Juniper Networks TechLibrary site , simply click the stars to rate the content, http://www.juniper.net/techpubs/index.html and use the pop-up form to provide us with information about your experience.
Page 14: Opening A Case With Jtac
Port Mirroring Analyzers Feature Guide for EX9200 Switches Download the latest versions of software and review release notes: http://www.juniper.net/customers/csc/software/ Search technical bulletins for relevant hardware and software notifications: http://kb.juniper.net/InfoCenter/ Join and participate in the Juniper Networks Community Forum: http://www.juniper.net/company/communities/ Open a case online in the CSC Case Management tool: http://www.juniper.net/cm/...
Page 18: Analyzer Overview
Port Mirroring Analyzers Feature Guide for EX9200 Switches Understanding Port Mirroring Analyzers Port mirroring can be used for traffic analysis on routers and switches that, unlike hubs, do not broadcast packets to every port on the destination device. Port mirroring sends copies of all packets or policy-based sample packets to local or remote analyzers where you can monitor and analyze the data.
Page 19: Default Analyzer Overview
Table 3: Analyzer Terminology Term Description Analyzer In a mirroring configuration, the analyzer includes: The name of the analyzer Source (input) ports, VLANs, or bridge domains Copyright © 2016, Juniper Networks, Inc.
Page 20 Port Mirroring Analyzers Feature Guide for EX9200 Switches Table 3: Analyzer Terminology (continued) Term Description A destination for mirrored packets (either a monitor port, VLAN, or bridge domain) Analyzer output interface Interface to which mirrored traffic is sent and to which a protocol analyzer application is connected.
Page 21: Table 4: Configuration Guidelines For Port Mirroring Analyzers
FPCs in the system. Therefore, when you explicitly bind a second statistical analyzer on the FPC, the default analyzer properties are overridden. Number of interfaces, VLANs, or bridge – domains that you can use as ingress input to an analyzer. Copyright © 2016, Juniper Networks, Inc.
Page 22 Port Mirroring Analyzers Feature Guide for EX9200 Switches Table 4: Configuration Guidelines for Port Mirroring Analyzers (continued) Value or Support Guideline Information Comment Types of ports on which you cannot mirror Virtual Chassis ports traffic. (VCPs) Management Ethernet ports (me0 or vme0)
Page 23 Example: Configuring Port Mirroring Analyzers for Local Monitoring of Employee Documentation Resource Use on page 19 Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use on page 31 Configuring Mirroring on EX9200 Switches to Analyze Traffic (CLI Procedure) on page 13 Copyright © 2016, Juniper Networks, Inc.
Page 25: Configuring Analyzers
PART 2 Configuring Analyzers Copy Packets to a Local Interface for Local Monitoring on page 13 Copy Packets to a VLAN or Bridge Domain for Remote Monitoring on page 25 Copyright © 2016, Juniper Networks, Inc.
Page 27: Copy Packets To A Local Interface For Local Monitoring
Resource Use on page 19 Configuring Mirroring on EX9200 Switches to Analyze Traffic (CLI Procedure) EX9200 switchesenable you to configure mirroring to send copies of packets to either a local interface for local monitoring or to a VLAN for remote monitoring. You can use...
Page 28: Configuring An Analyzer For Local Traffic Analysis
Port Mirroring Analyzers Feature Guide for EX9200 Switches NOTE: Interfaces used as output for an analyzer must be configured under , and must be associated to a VLAN. ethernet-switching family Configuring an Analyzer for Local Traffic Analysis on page 14...
Page 29: Copy Packets To A Local Interface For Local Monitoring
[edit forwarding-options] user@switch# set analyzer (Port Mirroring) employee-monitor input ingress interface ge–0/0/0.0 [edit forwarding-options] user@switch# set analyzer employee-monitor input ingress interface ge–0/0/1.0 Configure the destination interface for the mirrored packets: [edit forwarding-options] Copyright © 2016, Juniper Networks, Inc.
Page 30 Port Mirroring Analyzers Feature Guide for EX9200 Switches user@switch# set analyzer employee-monitor output interface interface-name For example, configure ge-0/0/10.0 as the destination interface for the mirrored packets: [edit forwarding-options] user@switch# set analyzer employee-monitor output interface ge-0/0/10.0 Specify mirroring properties. a. Specify the mirroring rate—that is, the number of packets to be mirrored per second:...
Page 31: Binding Statistical Analyzers To Ports Grouped At The Fpc Level
Verify the minimum configuration of the binding: [edit chassis fpc slot-number port-mirror-instance analyzer_name] user@switch# top [edit] user@switch# show chassis chassis { fpc slot-number { # Bind two statistical analyzers or port mirroring named instances at the FPC level. Copyright © 2016, Juniper Networks, Inc.
Page 32: Groups
Configuring an Analyzer with Multiple Destinations by Using Next-Hop Groups On EX9200 switches, you can mirror traffic to multiple destinations by configuring next-hop groups as analyzer output. The mirroring of packets to multiple destinations is also known as multipacket port mirroring.
Page 33: Example: Configuring Port Mirroring Analyzers For Local Monitoring Of Employee
Example: Configuring Port Mirroring Analyzers for Local Monitoring of Employee Resource Use Juniper Networks devices allow you to configure port mirroring to send copies of packets to either a local interface for local monitoring or to a VLAN or bridge domain for remote monitoring.
Page 34 Requirements Use either one of the following hardware and software components: One EX9200 switch with Junos OS Release 13.2 or later One MX Series router with Junos OS Release 14.1 or later Before you configure port mirroring, be sure you have an understanding of mirroring concepts.
Page 35: Figure 1: Network Topology For Local Port Mirroring Example
Configure each interface you are to use in the analyzer configuration. Use the family protocol that is correct for your platform. EX Series [edit] set interfaces ge-0/0/0 unit 0 family ethernet-switching set interfaces ge-0/0/1 unit 0 family ethernet-switching Copyright © 2016, Juniper Networks, Inc.
Page 36 Port Mirroring Analyzers Feature Guide for EX9200 Switches MX Series To configure on an interface, you need to configure family bridge interface-mode as well. You also must configure access interface-mode trunk vlan-id [edit] set interfaces ge-0/0/0 unit 0 family bridge interface-mode access vlan-id 99...
Page 37 Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use Documentation on page 31 Configuring Mirroring on EX9200 Switches to Analyze Traffic (CLI Procedure) on page 13 Understanding Port Mirroring Analyzers on page 4 Copyright © 2016, Juniper Networks, Inc.
Page 39: Copy Packets To A Vlan Or Bridge Domain For Remote Monitoring
Through a Transit Switch on EX9200 Switches on page 50 Configuring Mirroring on EX9200 Switches to Analyze Traffic (CLI Procedure) EX9200 switchesenable you to configure mirroring to send copies of packets to either a local interface for local monitoring or to a VLAN for remote monitoring. You can use...
Page 40: Configuring An Analyzer For Local Traffic Analysis
Port Mirroring Analyzers Feature Guide for EX9200 Switches NOTE: If you want to create additional analyzers without deleting the existing analyzers, then disable the existing analyzers by using the disable analyzer analyzer-name statement from the command-line-interface (CLI) or from the J-Web configuration page for mirroring.
Page 41 Configuring a Statistical Analyzer for Local Traffic Analysis To mirror interface traffic or VLAN traffic on the switchto an interface on the switchby using a statistical analyzer: Choose a name for the analyzer and specify the input interfaces: [edit forwarding-options] Copyright © 2016, Juniper Networks, Inc.
Page 42 Port Mirroring Analyzers Feature Guide for EX9200 Switches user@switch# set analyzer (Port Mirroring) analyzer-name input ingress interface interface-name [edit forwarding-options] user@switch# set analyzer employee-monitor input ingress interface ge–0/0/1.0 For example, specify an analyzer called and specify the input employee-monitor interfaces ge-0/0/0 and ge-0/0/1:...
Page 43 To bind a named instance of Layer 2 analyzer to an FPC: Enable configuration of switch chassis properties: [edit] user@switch# edit chassis Enable configuration of an FPC (and its installed PICs): [edit chassis] user@switch# edit fpc slot-number Bind a statistical analyzer instance to the FPC: Copyright © 2016, Juniper Networks, Inc.
Page 44 Configuring an Analyzer with Multiple Destinations by Using Next-Hop Groups On EX9200 switches, you can mirror traffic to multiple destinations by configuring next-hop groups as analyzer output. The mirroring of packets to multiple destinations is also known as multipacket port mirroring.
Page 45: Defining A Next-Hop Group For Layer 2 Mirroring
Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use Juniper Networks devices allow you to configure port mirroring to send copies of packets to either a local interface for local monitoring or to a VLAN or bridge domain for remote monitoring.
Page 46 Requirements This example uses one of the following pairs of hardware and software components: One EX9200 switch connected to another EX9200 switch, both running Junos OS Release 13.2 or later One MX Series router connected to another MX Series router, both running Junos OS Release 14.1 or later...
Page 47: Figure 2: Network Topology For Remote Port Mirroring And Analysis
To quickly configure a statistical analyzer for remote traffic analysis of incoming and Configuration outgoing employee traffic, copy the following commands for EX Series switches and paste them into the correct switching device’s terminal window. Copyright © 2016, Juniper Networks, Inc.
Page 48 Port Mirroring Analyzers Feature Guide for EX9200 Switches Copy and paste the following commands in the source switching device’s terminal window: EX Series [edit] set vlans remote-analyzer vlan-id 999 set interfaces ge-0/0/10 unit 0 family ethernet-switching interface-mode access set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members 999 set forwarding-options analyzer employee-monitor input ingress interface ge-0/0/0.0...
Page 49 0 port-mirror-instance employee-monitor Results Check the results of the configuration on the source switching device: [edit] user@device# show forwarding-options { analyzer employee-monitor { input { ingress { interface ge-0/0/0.0; interface ge-0/0/1.0; egress { Copyright © 2016, Juniper Networks, Inc.
Page 50 Port Mirroring Analyzers Feature Guide for EX9200 Switches interface ge-0/0/0.0; interface ge-0/0/1.0; maximum-packet-length 128; rate 2; output { vlan { remote-analyzer; interfaces { ge-0/0/10 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 999; vlans { remote-analyzer { vlan-id 999;...
Page 51 MX Series [edit] set bridge-domains remote-analyzer vlan-id 999 set interfaces ge-0/0/10 unit 0 family bridge interface-mode access set interfaces ge-0/0/10 unit 0 family bridge vlan-id 999 set interfaces ge-0/0/5 unit 0 family bridge interface-mode access Copyright © 2016, Juniper Networks, Inc.
Page 52 Port Mirroring Analyzers Feature Guide for EX9200 Switches set forwarding-options analyzer employee-monitor input ingress bridge-domain remote-analyzer set forwarding-options analyzer employee-monitor output interface ge-0/0/5.0 Step-by-Step To configure basic remote mirroring using MX Series routers: Procedure On the source switching device, do the following: Configure the VLAN ID for the bridge domain.
Page 53 { interface ge-0/0/0.0; interface ge-0/0/1.0; egress { interface ge-0/0/0.0; interface ge-0/0/1.0; maximum-packet-length 128; rate 2; output { bridge-domain { remote-analyzer; interfaces { ge-0/0/0 { unit 0 { family bridge { interface-mode access; vlan-id 99; Copyright © 2016, Juniper Networks, Inc.
Page 54 Port Mirroring Analyzers Feature Guide for EX9200 Switches ge-0/0/1 { unit 0 { family bridge { interface-mode access; vlan-id 98; ge-0/0/10 { unit 0 { family bridge { interface-mode access; vlan-id 999; Check the results of the configuration on the destination switching device.
Page 55: Example: Configuring Mirroring To Multiple Interfaces For Remote Monitoring Of Employee Resource Use On Ex9200 Switches
Example: Configuring Mirroring to Multiple Interfaces for Remote Monitoring of Employee Resource Use on EX9200 Switches EX9200 switchesallow you to configure mirroring to send copies of packets to either a local interface for local monitoring or to a VLAN for remote monitoring. You can use...
Page 56 Port Mirroring Analyzers Feature Guide for EX9200 Switches Packets entering or exiting a VLAN on You can analyze the mirrored traffic using a protocol analyzer application running on a remote monitoring station if you are sending mirrored traffic to an analyzer VLAN.
Page 57: Figure 3: Remote Mirroring Example Network Topology Using Multiple Vlan Member Interfaces In The Next-Hop Group
Figure 3 on page 43 shows the network topology for this example. Figure 3: Remote Mirroring Example Network Topology Using Multiple VLAN Member Interfaces in the Next-Hop Group Copyright © 2016, Juniper Networks, Inc.
Page 58 Port Mirroring Analyzers Feature Guide for EX9200 Switches In this example: Interfaces ge-0/0/0 and ge-0/0/1 are Layer 2 interfaces (both interfaces on the source switch) that serve as connections for employee computers. Interfaces ge-0/0/10 and ge-0/0/11 are Layer 2 interfaces that are connected to different destination switches.
Page 59 [edit interfaces] user@switch# set ge-0/0/12 unit 0 family ethernet-switching interface-mode access Configure the analyzer: employee-monitor [edit forwarding-options] user@switch# set analyzer employee-monitor input ingress vlan remote-analyzer user@switch# set analyzer employee-monitor loss-priority high output interface ge-0/0/12.0 Copyright © 2016, Juniper Networks, Inc.
Page 60 Port Mirroring Analyzers Feature Guide for EX9200 Switches On the Destination 2 switch: Configure the VLAN ID for the VLAN: remote-analyzer [edit vlans] user@switch# set remote-analyzer vlan-id 999 Configure the ge-0/0/11 interface on the Destination 2 switch for access mode:...
Page 61 { interface-mode access; forwarding-options { analyzer employee-monitor { input { ingress { vlan remote-analyzer; loss-priority high; output { interface { ge-0/0/12.0; Check the results of the configuration on the Destination 2 switch: Copyright © 2016, Juniper Networks, Inc.
Page 62 Port Mirroring Analyzers Feature Guide for EX9200 Switches [edit] user@switch# show vlans { remote-analyzer { vlan-id 999; interface { ge-0/0/11.0 interfaces { ge-0/0/11 { unit 0 { family ethernet-switching { interface-mode access; ge-0/0/13 { unit 0 { family ethernet-switching { interface-mode access;...
Page 63: Example: Configuring Mirroring For Remote Monitoring Of Employee Resource
Example: Configuring Mirroring for Remote Monitoring of Employee Resource Use Through a Transit Switch on EX9200 Switches on page 50 Configuring Mirroring on EX9200 Switches to Analyze Traffic (CLI Procedure) on page 13 Understanding Port Mirroring Analyzers on page 4...
Page 64: Example: Configuring Mirroring For Remote Monitoring Of Employee Resource Use Through A Transit Switch On Ex9200 Switches
Example: Configuring Mirroring for Remote Monitoring of Employee Resource Use Through a Transit Switch on EX9200 Switches EX9200 switchesenable you to configure mirroring to send copies of packets to either a local interface for local monitoring or to a VLAN for remote monitoring. You can use...
Page 65: Figure 4: Network Monitoring For Remote Mirroring Through A Transit Switch
Interface ge-0/0/11 is a Layer 2 interface on the transit switch. d. Interface ge-0/0/12 is a Layer 2 interface on the transit switch and connects to the destination switch. e. Interface ge-0/0/13 is a Layer 2 interface on the destination switch. Copyright © 2016, Juniper Networks, Inc.
Page 66 Port Mirroring Analyzers Feature Guide for EX9200 Switches f. Interface ge-0/0/14 is a Layer 2 interface on the destination switch and connects to the remote monitoring station. g. VLAN is configured on all switches in the topology to carry the mirrored remote-analyzer traffic.
Page 67 Results Check the results of the configuration on the source switch: [edit] user@switch> show forwarding-options { analyzer employee-monitor { input { ingress { interface ge-0/0/0.0; Copyright © 2016, Juniper Networks, Inc.
Page 68 Port Mirroring Analyzers Feature Guide for EX9200 Switches interface ge-0/0/1.0; egress { interface ge-0/0/0.0; interface ge-0/0/1.0; output { vlan { remote-analyzer; vlans { remote-analyzer { vlan-id 999; interfaces { ge-0/0/10 { unit 0 { family ethernet-switching { interface-mode access; vlan { member 999;...
Page 69 0 { family ethernet-switching { interface-mode access; ge-0/0/14 { unit 0 { family ethernet-switching { interface-mode access; forwarding-options { analyzer employee-monitor { input { ingress { vlan remote-analyzer; output { interface { ge-0/0/14.0; Copyright © 2016, Juniper Networks, Inc.
Page 70 Resource Use on EX9200 Switches on page 41 Example: Configuring Port Mirroring Analyzers for Local Monitoring of Employee Resource Use on page 19 Configuring Mirroring on EX9200 Switches to Analyze Traffic (CLI Procedure) on page 13 Understanding Port Mirroring Analyzers on page 4...
Page 71: Configuration Statements And Operational Commands
PART 3 Configuration Statements and Operational Commands Configuration Statements on page 59 Operational Commands on page 67 Copyright © 2016, Juniper Networks, Inc.
Page 73: Configuration Statements
Level system-control—To add this statement to the configuration. Related Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use Documentation Through a Transit Switch on EX Series Switches Copyright © 2016, Juniper Networks, Inc.
Page 74: Egress (Analyzer)
Level interface-control—To add this statement to the configuration. Related Example: Configuring Mirroring for Remote Monitoring of Employee Resource Use Documentation Through a Transit Switch on EX9200 Switches on page 50 ingress (vlans) Syntax ingress; Hierarchy Level [edit vlans vlan-name vlan-id number interface interface-name] Release Information Statement introduced in Junos OS Release 10.0 for EX Series switches.
Page 75: Ingress (Analyzer)
Level interface-control—To add this statement to the configuration. Related Example: Configuring Mirroring for Remote Monitoring of Employee Resource Use Documentation Through a Transit Switch on EX9200 Switches on page 50 Copyright © 2016, Juniper Networks, Inc.
Page 76: Input (Analyzer)
Port Mirroring Analyzers Feature Guide for EX9200 Switches input (Analyzer) Syntax input { egress bridge-domain bridge-domain-name; interface (all | interface-name); routing-instance { instance-name { bridge-domain bridge-domain-name; ingress bridge-domain bridge-domain-name; interface (all | interface-name); routing-instance { instance-name { bridge-domain bridge-domain-name; vlan (vlan-id | vlan-name);...
Page 77: Interface (Analyzer)
Example: Configuring Port Mirroring Analyzers for Local Monitoring of Employee Documentation Resource Use on page 19 Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use on page 31 Understanding Port Mirroring Analyzers on page 4 Copyright © 2016, Juniper Networks, Inc.
Page 78: No-Tag
Port Mirroring Analyzers Feature Guide for EX9200 Switches no-tag Syntax no-tag; Hierarchy Level [edit [edit forwarding-options analyzer] Configuration Statement Hierarchy analyzer-name output vlan (vlan-id | vlan-name)] Release Information Statement introduced in Junos OS Release 11.3 for EX Series switches. Hierarchy level [edit forwarding-options] introduced in Junos OS Release 13.2X50-D10...
Page 79: Output (Mirroring)
Related Example: Configuring Port Mirroring Analyzers for Local Monitoring of Employee Documentation Resource Use on page 19 Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use on page 31 Copyright © 2016, Juniper Networks, Inc.
Page 80: Vlan (Mirroring)
Related Example: Configuring Mirroring for Remote Monitoring of Employee Resource Use Documentation Through a Transit Switch on EX9200 Switches on page 50 Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use on page 31 Copyright © 2016, Juniper Networks, Inc.
Page 82: Show Forwarding-Options Analyzer
Port Mirroring Analyzers Feature Guide for EX9200 Switches show forwarding-options analyzer Syntax show forwarding-options analyzer analyzer-name Release Information Hierarchy level [edit forwarding-options] introduced in Junos OS Release 13.2X50-D10 (ELS). Description Display information about analyzers configured for mirroring. Options analyzer-name —(Optional) Displays the status of a specific analyzer on the switch.

Juniper EX9200 Features Manual

Chapter 1 Understanding Port Mirroring Analyzers

Chapter 2 Copy Packets to a Local Interface for Local Monitoring

Chapter 3 Copy Packets to a VLAN or Bridge Domain for Remote Monitoring

Chapter 4 Configuration Statements

Chapter 5 Operational Commands

Quick Links

Related Manuals for Juniper EX9200

Summary of Contents for Juniper EX9200

Table of Contents