Packets passing through mirroring sources are copied to a port connecting to a data monitoring device for packet analysis. The copies are called mirrored packets.

Source device

The device where the mirroring sources reside is called a source device.

Mirroring destination

The mirroring destination connects to a data monitoring device and is the destination port (also known as the monitor port) of mirrored packets. Mirrored packets are sent out of the monitor port to the data monitoring device.

A monitor port might receive multiple copies of a packet when it monitors multiple mirroring sources. For example, two copies of a packet are received on Port 1 when the following conditions exist:

· Port 1 is monitoring bidirectional traffic of Port 2 and Port 3 on the same device.

· The packet travels from Port 2 to Port 3.

Destination device

The device where the monitor port resides is called the destination device.

Mirroring direction

The mirroring direction specifies the direction of the traffic that is copied on a mirroring source.

· Inbound—Copies packets received.

· Outbound—Copies packets sent.

· Bidirectional—Copies packets received and sent.

Mirroring group

Port mirroring is implemented through mirroring groups. The device supports only local mirroring groups. For more information about local mirroring groups, see "Local port mirroring implementation."

On port mirroring-enabled devices, all ports except the source ports and the destination port are called common ports.

Local port mirroring implementation

In local port mirroring, the following conditions exist:

· The source device is directly connected to a data monitoring device.

· The source device acts as the destination device to forward mirrored packets to the data monitoring device.

A local mirroring group is a mirroring group that contains the mirroring sources and the mirroring destination on the same device.

NOTE:

The local mirroring group does not support multicard or multichassis mirroring.

Figure 1 Local port mirroring implementation

As shown in Figure 1, the source port GigabitEthernet 1/0/1 and the monitor port GigabitEthernet 1/0/2 reside on the same device. Packets received on GigabitEthernet 1/0/1 are copied to GigabitEthernet 1/0/2. GigabitEthernet 1/0/2 then forwards the packets to the data monitoring device for analysis.

Feature and hardware compatibility

The following matrix shows the feature and hardware compatibility:

Hardware series	Model	Feature compatibility
WX1800H series	WX1804H WX1810H WX1820H	Yes
WX2500H series	WX2510H WX2540H WX2560H	Yes
WX3000H series	WX3010H WX3010H-L WX3010H-X WX3024H WX3024H-L	Yes
WX3500H series	WX3508H WX3510H WX3520H WX3540H	Yes
WX5500E series	WX5510E WX5540E	Yes
WX5500H series	WX5540H WX5560H WX5580H	Yes
Access controller modules	EWPXM1MAC0F EWPXM1WCME0 EWPXM2WCMD0F LSQM1WCMX20 LSQM1WCMX40 LSUM1WCME0 LSUM1WCMX20RT LSUM1WCMX40RT	No

Local port mirroring configuration task list

A local mirroring group takes effect only after you configure the monitor port and the source ports for it.

Tasks at a glance
1. (Required.) Creating a local mirroring group
2. (Required.) Configuring source ports for the local mirroring group
3. (Required.) Configuring the monitor port for the local mirroring group

Creating a local mirroring group

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Create a local mirroring group.	mirroring-group group-id local	By default, no local mirroring groups exist.

Configuring source ports for the local mirroring group

To configure source ports for a local mirroring group, use one of the following methods:

· Assign a list of source ports to the mirroring group in system view.

· Assign a port to the mirroring group as a source port in interface view.

To assign multiple ports to the mirroring group as source ports in interface view, repeat the operation.

Configuration restrictions and guidelines

When you configure source ports for a local mirroring group, follow these restrictions and guidelines:

· A Layer 2 aggregate interface cannot be configured as a source port for a mirroring group.

· A mirroring group can contain multiple source ports.

· A port can act as a source port for only one mirroring group.

· A source port cannot be configured as a monitor port.

Configuring source ports in system view

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure source ports for a local mirroring group.	mirroring-group group-id mirroring-port interface-list { both \| inbound \| outbound }	By default, no source port is configured for a local mirroring group.

Configuring source ports in interface view

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure the port as a source port for a local mirroring group.	mirroring-group group-id mirroring-port { both \| inbound \| outbound }	By default, a port does not act as a source port for any local mirroring groups.

Configuring the monitor port for the local mirroring group

To configure the monitor port for a mirroring group, use one of the following methods:

· Configure the monitor port for the mirroring group in system view.

· Assign a port to the mirroring group as the monitor port in interface view.

Configuration restrictions and guidelines

When you configure the monitor port for a local mirroring group, follow these restrictions and guidelines:

· Do not enable the spanning tree feature on the monitor port.

· For a Layer 2 aggregate interface configured as the monitor port of a mirroring group, do not configure its member ports as source ports of the mirroring group.

· Use a monitor port only for port mirroring, so the data monitoring device receives only the mirrored traffic.

Configuring the monitor port in system view

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the monitor port for a local mirroring group.	mirroring-group group-id monitor-port interface-list	By default, no monitor port is configured for a local mirroring group.

Configuring the monitor port in interface view

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure the port as the monitor port for a mirroring group.	mirroring-group group-id monitor-port	By default, a port does not act as the monitor port for any local mirroring groups.

Displaying and maintaining port mirroring

Execute display commands in any view.

Task	Command
Display mirroring group information.	display mirroring-group { group-id \| all \| local }

Local port mirroring configuration example

Network requirements

As shown in Figure 2, configure local port mirroring on the AC to enable the server to monitor the bidirectional traffic of the IP network.

Figure 2 Network diagram

Configuration procedure

# Create local mirroring group 1.

<AC> system-view

[AC] mirroring-group 1 local

# Configure local mirroring group 1 to monitor the bidirectional traffic of GigabitEthernet 1/0/1.

[AC] mirroring-group 1 mirroring-port gigabitethernet 1/0/1 both

# Configure GigabitEthernet 1/0/2 as the monitor port for local mirroring group 1.

[AC] mirroring-group 1 monitor-port gigabitethernet 1/0/2

Verifying the configuration

# Verify the mirroring group configuration.

[AC] display mirroring-group 1

Mirroring group 1:

Type: Local

Status: Active

Mirroring port:

GigabitEthernet1/0/1 both

Monitor port: GigabitEthernet1/0/2

12-Network Management and Monitoring

Configuring port mirroring

Terminology

Mirroring source

Source device

Mirroring destination

Destination device

Mirroring direction

Mirroring group

Creating a local mirroring group

Displaying and maintaining port mirroring

Local port mirroring configuration example

Network requirements

Configuration procedure

Verifying the configuration

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Service Business

News & Events

Contact Us