Example: Layer 2 Port Mirroring At A Logical Interface - Juniper EX9200 Features Manual

Port Mirroring Feature Guide for EX9200 Switches

Example: Layer 2 Port Mirroring at a Logical Interface

56
The following steps describe an example in which the global port-mirroring instance and
a port-mirroring firewall filter are used to configure Layer 2 port mirroring for the input to
a logical interface.
Configure the VLAN
example-bd-with-analyzer
1.
analyzer, and the VLAN
destination of the Layer 2 traffic being mirrored:
[edit]
bridge-domains {
example-bd-with-analyzer { # Contains an external traffic analyzer
vlan-id 1000;
interface ge-2/0/0.0; # External analyzer
}
example-bd-with-traffic { # Contains traffic input and output interfaces
vlan-id 1000;
interface ge-2/0/6.0; # Traffic input port
interface ge-3/0/1.2; # Traffic output port
}
}
Assume that logical interface
that is to receive port-mirrored packets. Assume that logical interfaces
and will be traffic input and output ports, respectively.
ge-3/0/1.2
Configure Layer 2 port-mirroring for the global instance, with the port-mirroring
2.
destination being the VLAN interface associated with the external analyzer (logical
interface ge-2/0/0.0 on VLAN
that allows filters to be applied to this port-mirroring destination:
[edit]
forwarding-options {
port-mirroring {
input {
rate 10;
run-length 5;
}
family ethernet-switching {
output {
interface ge-2/0/0.0; # Mirror packets to the external analyzer
no-filter-check; # Allow filters on the mirror destination interface
}
}
}
}
The statement at the
input
specifies that sampling begins every tenth packet and that each of the first five packets
selected are to be mirrored.
, which contains the external packet
, which contains the source and
example-bd-with-traffic
ge-2/0/0.0 is associated with an external traffic analyzer
example-bd-with-analyzer
[edit forwarding-options port-mirroring]
ge-2/0/6.0
). Be sure to enable the option
hierarchy level
Copyright © 2016, Juniper Networks, Inc.