Table 4: Application of Layer 2 Port Mirroring Firewall Filters on PE Devices
Configuration DetailsNotesScope of MirroringPoint of Application
See Applying Layer 2 Port
Mirroring to a Logical Interface.
For more information about
VPLS routing instances, see
Configuring a VPLS Routing
Instance and Configuring
VLAN Identifiers for Bridge
Domains and VPLS Routing
Instances.
You can also configure
aggregated Ethernet
interfaces between CE
devices and PE devices for
VPLS routing instances.
Traffic is load-balanced
across all of the links in the
aggregated interface.
Traffic received on an
aggregated Ethernet interface
is forwarded over a different
interface based on a lookup
of the destination MAC
(DMAC) address:
•
Packets destined for a local
site are sent out of the
load-balanced child
interface.
•
Packets destined for the
remote site are
encapsulated and
forwarded over a
label-switched path (LSP).
Packets originating within a
service provider customer’s
network, sent first to a CE
device, and sent next to the
PE device.
Ingress Customer-Facing
Logical Interface
See Applying Layer 2 Port
Mirroring to a Logical Interface.
Unicast packets being
forwarded by the PE device to
another PE device.
NOTE: If you apply a
port-mirroring filter to the
output for a logical interface,
only unicast packets are
mirrored. To mirror multicast,
unknown unicast, and
broadcast packets, apply a
filter to the input to the flood
table of a VLAN or VPLS
routing instance.
Egress Customer-Facing
Logical Interface
See Applying Layer 2 Port
Mirroring to Traffic Forwarded
or Flooded to a Bridge Domain.
For information about
flooding behavior in VPLS, see
the Junos OS VPNs Library for
Routing Devices.
Forwarding and flood traffic
typically consists of
broadcast packets, multicast
packets, unicast packets with
an unknown destination MAC
address, or packets with a
MAC entry in the DMAC
routing table.
Forwarding traffic or flood
traffic sent to the VLAN from
a CE device.
Input to a VLAN
Forwarding Table or
Flood Table
See Applying Layer 2 Port
Mirroring to Traffic Forwarded
or Flooded to a VPLS Routing
Instance. For information
about flooding behavior in
VPLS, see the Junos OS VPNs
Library for Routing Devices.
Forwarding traffic or flood
traffic sent to the VPLS
routing instance from a CE
device.
Input to a
VPLS Routing Instance
Forwarding Table or
Flood Table
Related
Documentation
Understanding Layer 2 Port Mirroring on page 3•
• Layer 2 Port Mirroring Firewall Filters
• Defining a Layer 2 Port-Mirroring Firewall Filter
• Example: Layer 2 Port Mirroring at a Logical Interface
Copyright © 2016, Juniper Networks, Inc.14
Port Mirroring Feature Guide for EX9200 Switches
To Next Page
Loading...
Need help?
General
