Monitoring and Analyzing Switch Operation
Traffic Mirroring
Switch-D(config)# mirror endpoint 10.10.10.119 9300 10.10.30.2 port a15
Switch-D(config)# mirror endpoint 10.10.20.145 9300 10.10.30.2 port a15
Mirror Session Identity from
the Source Switch (Session
1 on Both Switches)
Mirror Session Destination
IP Address
Mirror Session
Exit Port
Figure B-30. Example of Configuring Remote Mirroring from Switches A and B on the Destination Switch
Switch-A(config)# mirror 1 remote ip 10.10.10.119 9300 10.10.30.2
Caution: Please configure destination switch first.
Do you want to continue [y/n]? y
Switch-A(config)# access-list 100 permit tcp any host 10.10.30.153
eq telnet
Switch-A(config)# vlan 10 monitor ip access-group 100 in mirror 1
Configures an ACL with a permit entry (ACE) that mirrors Telnet traffic entering switch 1
on VLAN 10 if their destination is the server at 10.10.30.153. (The implicit deny included in
all ACLs prevents all other inbound traffic from being mirrored.)
Configures VLAN 10 as the source of traffic to mirror, and the ACL as the selection criteria
for inbound traffic on VLAN 10 for mirror session 1.
Uses the source IP address and random UDP port number to identify session 1 mirrored
traffic from VLAN 10, and specifies the destination IP address for this traffic. (The mirror
exit port for this traffic is a member of the VLAN identified by the destination IP address.)
1
2
3
1
2
3
Name of ACL
Criteria for Traffic Selection
ACL Applied to this Mirror Session
Mirror Session
Mirror Session 1 Identity
Mirror Session Destination
Figure B-31. Example of Configuring Remote Mirroring of Inbound Traffic on Source Switch 1
B-65
To Next Page
Loading...
Need help?
General