Juniper EX9200 Features Manual page 63
Port mirroring feature guide ex series
Hide thumbs
Also See for EX9200:
- Features manual (342 pages) ,
- Manual (118 pages) ,
- Overview manual (72 pages)
Table of Contents
Advertisement
Copyright © 2016, Juniper Networks, Inc.
Specify Layer 2 port mirroring or a next-hop group as the
7.
To reference the Layer 2 port mirroring properties currently in effect for the Packet
Forwarding Engine or PIC associated with the underlying physical interface, use the
statement:
port-mirror
[edit firewall family family filter pm-filter-name term pm-filter-term-name then]
user@host# set port-mirror
To reference the Layer 2 port mirroring properties configured in a specific named
instance, use the
port-mirror-instance pm-instance-name
[edit firewall family family filter pm-filter-name term pm-filter-term-name then]
user@host# set port-mirror-instance pm-instance-name
If the underlying physical interface is not bound to a named instance of Layer 2 port
mirroring but instead is implicitly bound to the global instance of Layer 2 port
mirroring, then traffic at the logical interface is mirrored according to the properties
specified in the named instance referenced by the
modifier.
To reference a next-hop group that specifies the next-hop addresses (for sending
additional copies of packets to an analyzer), use the
next-hop-group pm-next-hop-group-name
[edit firewall family family filter pm-filter-name term pm-filter-term-name then]
user@host# set next-hop-group pm-next-hop-group-name
For configuration information about next-hop groups, see
Group for Layer 2 Port Mirroring" on page
Layer 2 port mirroring, the firewall filter term applies to the tunnel interface input
only.
Verify the minimum configuration of the Layer 2 port-mirroring firewall filter:
8.
[edit firewall ... ]
user@host# top
[edit]
user@host# show firewall
family (ethernet-switching | ccc | vpls) { # Type of packets to mirror
filter pm-filter-name { # Firewall filter name
term pm-filter-term-name {
from { # Do not specify match conditions based on route source address
}
then {
action; # Recommended action is 'accept'
action-modifier; # Three options for Layer 2 port mirroring
}
}
}
}
In the firewall filter term
port-mirror-instance pm-instance-name
Chapter 7: Port Mirroring for Logical interfaces
action modifier:
72. If you specify a next-hop group for
then
statement, the action-modifier can be
, or
next-hop-group pm-next-hop-group-name
:
action-modifier
action modifier:
action
port-mirror-instance
"Defining a Next-Hop
port-mirror
,
.
47
Advertisement
Table of Contents
