Juniper EX9200 Features Manual page 58

Port Mirroring Analyzers Feature Guide for EX9200 Switches
Mirroring All Employee Traffic to Multiple VLAN Member Interfaces for Remote Analysis
CLI Quick
Configuration
44
In this example:
Interfaces ge-0/0/0 and ge-0/0/1 are Layer 2 interfaces (both interfaces on the source
switch) that serve as connections for employee computers.
Interfaces ge-0/0/10 and ge-0/0/11 are Layer 2 interfaces that are connected to
different destination switches.
Interface ge-0/0/12 is a Layer 2 interface that connects the Destination 1 switch to the
remote monitoring station.
Interface ge-0/0/13 is a Layer 2 interface that connects the Destination 2 switch to
the remote monitoring station.
VLAN is configured on all switches in the topology to carry the mirrored
remote-analyzer
traffic.
To configure mirroring to multiple VLAN member interfaces for remote traffic analysis
for all incoming and outgoing employee traffic, perform these tasks:
To quickly configure mirroring for remote traffic analysis forincoming and outgoing
employee traffic, copy the following commands and paste them into the switchterminal
window:
In the source switchterminal window, copy and paste the following commands:
[edit]
set vlans remote-analyzer vlan-id 999
set interfaces ge-0/0/10 unit 0 family ethernet-switching interface-mode access
set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members 999
set interfaces ge-0/0/11 unit 0 family ethernet-switching interface-mode access
set interfaces ge-0/0/11 unit 0 family ethernet-switching vlan members 999
set forwarding-options analyzer employee-monitor input ingress interface ge-0/0/0.0
set forwarding-options analyzer employee-monitor input ingress interface ge-0/0/1.0
set forwarding-options analyzer employee-monitor input egress interface ge-0/0/0.0
set forwarding-options analyzer employee-monitor input egress interface ge-0/0/1.0
set forwarding-options analyzer employee-monitor output next-hop-group remote-analyzer-nhg
set forwarding-options next-hop-group remote-analyzer-nhg interface ge-0/0/10.0
set forwarding-options next-hop-group remote-analyzer-nhg interface ge-0/0/11.0
set forwarding-options next-hop-group remote-analyzer-nhg group-type layer-2
In the Destination 1 switchterminal window, copy and paste the following commands:
[edit]
set vlans remote-analyzer vlan-id 999
set interfaces ge-0/0/10 unit 0 family ethernet-switching interface-mode acess
set interfaces ge-0/0/12 unit 0 family ethernet-switching interface-mode access
set forwarding-options analyzer employee-monitor input ingress vlan remote-analyzer
set forwarding-options analyzer employee-monitor loss-priority high output interface
ge-0/0/12.0
In the Destination 2 switchterminal window, copy and paste the following commands:
[edit]
set vlans remote-analyzer vlan-id 999
set interfaces ge-0/0/11 unit 0 family ethernet-switching interface-mode access
set interfaces ge-0/0/13 unit 0 family ethernet-switching interface-mode access
set forwarding-options analyzer employee-monitor input ingress vlan remote-analyzer
Copyright © 2016, Juniper Networks, Inc.