Inline Port Mirroring; Configuring Inline Port Mirroring - Juniper EX9200 Features Manual

CHAPTER 10

Inline Port Mirroring

Configuring Inline Port Mirroring

Copyright © 2016, Juniper Networks, Inc.
Configuring Inline Port Mirroring on page 91
Inline port mirroring provides you with the ability to specify instances that are not bound
to the flexible PIC concentrator (FPC) in the firewall filter's
action. This way, you are not limited to only two port-mirror instances per FPC. Inline port
mirroring decouples the port-mirror destination from the input parameters like
the input parameters are programmed in the switch interface board, the next-hop
destination of the mirrored packet is available in the packet itself. Inline port mirroring is
supported only on Trio-based modular port concentrators (MPCs).
Using inline port mirroring, a port-mirror instance will have an option to inherit input
parameters from another instance that specifies it, as shown in the following CLI
configuration example:
instance pm2 {
+ input-parameters-instance pm1;
family inet {
output {
interface ge-1/2/3.0 {
next-hop 192.0.2.10;
}
}
}
}
Multiple levels of inheritance are not allowed. One instance can be referred by multiple
instances. An instance can refer to another instance that is defined before it. Forward
references are not allowed and an instance cannot refer to itself, doing so will cause an
error during configuration parsing.
The user can specify an instance that is not bound to the FPC in the firewall filter. The
specified filter should inherit one of the two instances that have been bound to the FPC.
If it does not, the packet is not marked for port-mirroring. If it does, then the packet will
be sampled using the input parameters specified by the referred instance but the copy
will be sent to the its own destination.
then port-mirror-instance
. While
rate
91