Table 4: Application Of Layer 2 Port Mirroring Firewall Filters On Pe Devices - Juniper EX9200 Features Manual
Port mirroring feature guide ex series
Hide thumbs
Also See for EX9200:
- Features manual (342 pages) ,
- Manual (118 pages) ,
- Overview manual (72 pages)
Table of Contents
Advertisement
Port Mirroring Feature Guide for EX9200 Switches
Table 4: Application of Layer 2 Port Mirroring Firewall Filters on PE Devices
Point of Application
Ingress Customer-Facing
Logical Interface
Egress Customer-Facing
Logical Interface
Input to a VLAN
Forwarding Table or
Flood Table
Input to a
VPLS Routing Instance
Forwarding Table or
Flood Table
Related
Documentation
14
Scope of Mirroring
Packets originating within a
service provider customer's
network, sent first to a CE
device, and sent next to the
PE device.
Unicast packets being
forwarded by the PE device to
another PE device.
NOTE:
If you apply a
port-mirroring filter to the
output for a logical interface,
only unicast packets are
mirrored. To mirror multicast,
unknown unicast, and
broadcast packets, apply a
filter to the input to the flood
table of a VLAN or VPLS
routing instance.
Forwarding traffic or flood
traffic sent to the VLAN from
a CE device.
Forwarding traffic or flood
traffic sent to the VPLS
routing instance from a CE
device.
Understanding Layer 2 Port Mirroring on page 3
Layer 2 Port Mirroring Firewall Filters
Defining a Layer 2 Port-Mirroring Firewall Filter
Example: Layer 2 Port Mirroring at a Logical Interface
Notes
You can also configure
aggregated Ethernet
interfaces between CE
devices and PE devices for
VPLS routing instances.
Traffic is load-balanced
across all of the links in the
aggregated interface.
Traffic received on an
aggregated Ethernet interface
is forwarded over a different
interface based on a lookup
of the destination MAC
(DMAC) address:
Packets destined for a local
site are sent out of the
load-balanced child
interface.
Packets destined for the
remote site are
encapsulated and
forwarded over a
label-switched path (LSP).
Forwarding and flood traffic
typically consists of
broadcast packets, multicast
packets, unicast packets with
an unknown destination MAC
address, or packets with a
MAC entry in the DMAC
routing table.
Copyright © 2016, Juniper Networks, Inc.
Configuration Details
See Applying Layer 2 Port
Mirroring to a Logical Interface.
For more information about
VPLS routing instances, see
Configuring a VPLS Routing
Instance and Configuring
VLAN Identifiers for Bridge
Domains and VPLS Routing
Instances.
See Applying Layer 2 Port
Mirroring to a Logical Interface.
See Applying Layer 2 Port
Mirroring to Traffic Forwarded
or Flooded to a Bridge Domain.
For information about
flooding behavior in VPLS, see
the Junos OS VPNs Library for
Routing Devices.
See Applying Layer 2 Port
Mirroring to Traffic Forwarded
or Flooded to a VPLS Routing
Instance. For information
about flooding behavior in
VPLS, see the Junos OS VPNs
Library for Routing Devices.
Advertisement
Table of Contents
