Mirroring Of Packets Received Or Sent On A Logical Interface; Mirroring Of Packets Forwarded Or Flooded To A Vlan - Juniper EX9200 Features Manual

Port Mirroring Feature Guide for EX9200 Switches

Mirroring of Packets Received or Sent on a Logical Interface

Mirroring of Packets Forwarded or Flooded to a VLAN

44
NOTE: If you associate integrated routing and bridging (IRB) with the VLAN
(or VPLS routing instance), and also configure within the VLAN (or VPLS
routing instance) a forwarding table filter with the
port-mirror-instance
You can disable this behavior by configuring the no-irb-layer-2-copy statement
in the VLAN (or VPLS routing instance).
For a detailed description of how to configure a Layer 2 port-mirroring firewall filter, see
Defining a Layer 2 Port-Mirroring Firewall Filter.
For detailed information about how you can use Layer 2 port-mirroring firewall filters
with MX Routers and EX Series switches configured as provider edge (PE) routers or PE
switches, see "Understanding Layer 2 Port Mirroring of PE Router Logical Interfaces" on
page 41. For detailed information about configuring firewall filters in general (including
in a Layer 3 environment), see the Routing Policies, Firewall Filters, and Traffic Policers
Feature Guide.
To mirror Layer 2 traffic received or sent on a logical interface, apply a port-mirroring
firewall filter to the input or output of the interface.
A port-mirroring firewall filter can also be applied to an aggregated-Ethernet logical
interface. For details, see Understanding Layer 2 Port Mirroring of PE Router Aggregated
Ethernet Interfaces.
NOTE: If port-mirroring firewall filters are applied at both the input and output
of a logical interface, two copies of each packet are mirrored. To prevent the
router or switch from forwarding duplicate packets to the same destination,
you can enable the "mirror-once" option for Layer 2 port mirroring in the global
instance for the Layer 2 packet address family.
To mirror Layer 2 traffic forwarded to or flooded to a VLAN, apply a port-mirroring firewall
filter to the input to the forwarding table or flood table. Any packet received for the VLAN
forwarding or flood table and that matches the filter conditions is mirrored.
For more information about VLANs, see Understanding Layer 2 Bridge Domains . For
information about flooding behavior in a VLAN, see Understanding Layer 2 Learning and
Forwarding for Bridge Domains .
NOTE: When you configure port mirroring on any interface under one VLAN,
the mirrored packet can move to an external analyzer located under different
VLANs.
action, then the IRB packet is mirrored as a Layer 2 packet.
Copyright © 2016, Juniper Networks, Inc.
or
port-mirror