Chapter 14
| Port Mirroring Commands
Local Port Mirroring Commands
– 475 –
â—† You can create multiple mirror sessions, but all sessions must share the same
destination port.
â—† The destination port cannot be a trunk or trunk member port.
â—† ACL-based mirroring is only used for ingress traffic. To mirror an ACL, follow
these steps:
1. Use the access-list command to add an ACL.
2. Use the access-group command to add a mirrored port to access control
list.
3. Use the port monitor access-list command to specify the destination port
to which traffic matching the ACL will be mirrored.
Example
The following example configures the switch to mirror all packets from port 6 to 5:
Console(config)#interface ethernet 1/5
Console(config-if)#port monitor ethernet 1/6 both
Console(config-if)#
This example configures port 2 to monitor packets matching the MAC address 00-
12-CF-XX-XX-XX received by port 1:
Console(config)#access-list mac m1
Console(config-mac-acl)#permit 00-12-cf-00-00-00 ff-ff-ff-00-00-00 any
Console(config-mac-acl)#exit
Console(config)#interface ethernet 1/1
Console(config-if)#mac access-group m1 in
Console(config-if)#interface ethernet 1/2
Console(config-if)#port monitor access-list m1
Console(config-if)#
show port monitor This command displays mirror information.
Syntax
show port monitor [interface | vlan vlan-id | mac-address mac-address |
access-list acl-name]
interface - ethernet unit/port (source port)
unit - Unit identifier. (Range: 1-8)
port - Port number. (Range: 1-28/52)
vlan-id - VLAN ID (Range: 1-4094)
mac-address - MAC address in the form of xx-xx-xx-xx-xx-xx or
xxxxxxxxxxxx.
To Next Page
Loading...
Need help?
General