Flow mirroring is a type of action in traffic behaviors. When a traffic policy configured with
flow mirroring is applied to an interface, the S5700 copies the inbound data flow on this interface
that matches the traffic classifier and sends the copy to the observing port.
VLAN Mirroring
In the process of VLAN mirroring, the S5700 mirrors the packets passing through all active
interfaces in a specified VLAN to a specified observing port. Compared with interface mirroring,
VLAN mirroring mirrors packets in a wider range. You can monitor packets in one or more
VLANs.
MAC Address Mirroring
MAC address mirroring allows you to monitor the packets received by or sent from a specified
device on a network. The S5700 mirrors the packets matching a specified source or destination
MAC address in a VLAN to a specified observing port.
CPU Mirroring
CPU mirroring is used to mirror all the packets received by the CPU. CPU mirroring is
implemented as follows:
l If an ACL rule is specified, the packets that match the ACL rule are mirrored to a specified
observing port.
l If no ACL rule is specified, all the packets received by the CPU are mirrored to a specified
observing port.
CPU mirroring facilitates debugging and fault location.
RSPAN
A switch can copy incoming or outgoing packets on a mirrored port to an observing port. When
the observing port and the mirrored port are on different switches, packets can be copied to the
observing port through the RSPAN function, which is also called remote mirroring.
Figure 7-3 Networking diagram of RSPAN
Sniffer host
Mirror
port
Source
Switch
Intermediate Switch
Destination
Switch
Observe
port
Observe port
Port
Data flow
Copy of data flow
Quidway S5700 Series Ethernet Switches
Configuration Guide - Device Management 7 Mirroring
Issue 01 (2011-07-15) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
68
To Next Page
Loading...
