Table of Contents
Advertisement
Foundry Configuration Guide for the FESX, FSX, and FWSX
Configuring Port Mirroring and Monitoring
FastIron devices support monitoring of both inbound and outbound traffic on individual ports. To configure port
monitoring, specify the mirror port, then enable monitoring on the monitored port.
•
The mirror port is the port to which the monitored traffic is copied. Attach your protocol analyzer to the mirror
port.
•
The monitored port is the port whose traffic you want to monitor.
Configuration Considerations
Refer to the following rules when configuring port mirroring and monitoring:
•
FESX and FWSX devices support sFlow and inbound port monitoring together on the same device, however,
these devices do not support port monitoring and sFlow together within the same port region. See the
section "About Port Regions" on page 4-2 for a list of valid port ranges on these devices.
•
FSX devices running software release 02.2.01 or later support sFlow and inbound port monitoring together on
the same device; however, both features cannot coexist within the same port region. See the section "About
Port Regions" on page 4-2 for a list of valid port ranges on FSX devices.
•
You can configure a mirror port specifically as an ingress port, an egress port, or both.
•
You can configure multiple ingress and egress mirror ports. For 1-Gigabit ports, ports in groups of 12 share
one ingress mirror port and one egress mirror port. So ports 1 and 2 cannot have different mirror ports, but
ports 1 and 13 can. Each 10-Gigabit port can have one ingress mirror port and one egress mirror port.
•
You can configure up to eight egress monitored ports.
•
You can configure any number of ingress monitored ports.
•
Mirror ports can run at any speed and are not related to the speed of the ingress or egress monitored ports.
•
The same port cannot be both a monitored port and the mirror port.
•
The same port can be monitored by one mirror port for ingress traffic and another mirror port for egress traffic.
•
The mirror port cannot be a trunk port.
•
The monitored port and its mirror port do not need to belong to the same port-based VLAN.
•
If the mirror port is in a different VLAN from the monitored port, the packets are tagged with the monitor
port's VLAN ID.
•
If the mirror port is in the same VLAN as the monitored port, the packets are tagged or untagged,
depending on the mirror port's configuration.
•
More than one monitored port can be assigned to the same mirror port.
•
If the primary interface of a trunk is enabled for monitoring, the entire trunk will be monitored. You can also
enable an individual trunk port for monitoring using the config-trunk-ind command.
Command Syntax
To configure port monitoring, enter commands such as the following:
FESX424 Switch(config)# mirror-port ethernet 4
FESX424 Switch(config)# interface ethernet 11
FESX424 Switch(config-if-e1000-11)# monitor ethernet 4 both|in|out
Syntax: [no] mirror-port ethernet [<slotnum>/]<portnum> [input | output]
Syntax: [no] monitor ethernet [<slotnum>/]<portnum> both | in | out
The <portnum> parameter specifies the mirror port to which the monitored port's traffic will be copied. If you are
configuring a chassis device, specify the slot number as well (<slotnum>/<portnum>).
4 - 12
© Foundry Networks, Inc.
December 2005
- Quick Links:
- Configuration Guide
- Web Access
Hide quick links:
Advertisement
Table of Contents
