Layer 2 Port Mirroring Firewall Filters
This topic describes the following information:
•
Layer 2 Port Mirroring Firewall Filters Overview on page 43
•
Mirroring of Packets Received or Sent on a Logical Interface on page 44
•
Mirroring of Packets Forwarded or Flooded to a VLAN on page 44
•
Mirroring of Packets Forwarded or Flooded to a VPLS Routing Instance on page 45
Layer 2 Port Mirroring Firewall Filters Overview
On an MX Series router and on an EX Series switch, you can configure a firewall filter term
to specify that Layer 2 port mirroring is to be applied to all packets at the interface to
which the firewall filter is applied.
You can apply a Layer 2 port-mirroring firewall filter to the input or output logical interfaces
(including aggregated Ethernet logical interfaces), to traffic forwarded or flooded to a
VLAN, or traffic forwarded or flooded to a VPLS routing instance.
MX Series routers and EX Series switches support Layer 2 port mirroring of VPLS (family
ethernet-switching or family vpls) traffic and Layer 2 VPN traffic with family ccc n a Layer 2
environment
Within a firewall filter term, you can specify the Layer 2 port-mirroring properties under
the then statement in either of the following ways:
•
Implicitly reference the Layer 2 port mirroring properties in effect on the port.
•
Explicitly reference a particular named instance of Layer 2 port mirroring.
NOTE: When configuring a Layer 2 port-mirroring firewall filter, do not include
the optional from statement that specifies match conditions based on the
route source address. Omit this statement so that all packets are considered
to match and all actions and action-modifiers specified in the then statement
are taken.
If you want to mirror all incoming packets, then you must not use the from
statement; /* comment: one configure filter terms with from if they are
interested in mirroring only a subset of packet.
For a general description of Layer 2 port-mirroring properties, see “Understanding Layer
2 Port Mirroring Properties” on page 4. For a comparison of the types of Layer 2 port
mirroring available on an MX Series router and on an EX Series switch, see Application of
Layer 2 Port Mirroring Types.
43Copyright © 2016, Juniper Networks, Inc.
Chapter 7: Port Mirroring for Logical interfaces
To Next Page
Loading...
