CHAPTER 38
Configuring Port, VLAN, and Flow Mirroring
•
Port, VLAN, and Flow Mirroring Overview on page 1385
•
Port, VLAN, and Flow Mirroring on ACX5000 Series Routers on page 1386
•
Configuring Port, VLAN, and Flow Mirroring on ACX5000 Series Routers on page 1388
Port, VLAN, and Flow Mirroring Overview
Mirroring and analyzers enable you to mirror a copy of a packet to a configured destination,
in addition to the normal processing and forwarding of the packet. Mirroring enables you
to mirror a copy of a packet and an analyzer helps in mirroring a packet based on VLANs.
Mirroring and analyzers are useful for debugging network problems and to prevent attacks
on a network.
Mirroring as a functionality has two components:
•
Source—This is the source port or VLAN (based on bridge domain) from where the
packets are mirrored.
•
Destination—This is the destination port or VLAN (based on bridge domain) to which
the mirrored packets are sent.
NOTE: The ACX5000 line of routers supports egress mirroring (mirroring of
packets going out through an egress port) only for port-based mirroring.
The ACX5000 line of routers supports the following mirroring modes:
•
Port mirroring—Support for both ingress and egress based port mirroring using analyzer
where input to mirror is through a list of ports configured through logical interface. You
need to include the analyzer CLI statement at the [edit forwarding-options] hierarchy
level
•
VLAN mirroring—In this mode, packets entering a VLAN (based on bridge domain) are
mirrored. You need to include the analyzer CLI statement at the [edit forwarding-options]
hierarchy level, where input to a mirror is a VLAN (based on bridge domain).
•
Flow mirroring—In this mode, input parameters for mirroring are specified through a
firewall filter. You need to include the port-mirror CLI statement at the [edit
forwarding-options] hierarchy level. The ACX5000 line of routers supports only family
1385Copyright © 2017, Juniper Networks, Inc.
To Next Page
Loading...
Need help?
General
