For a Fast Ethernet, Gigabit Ethernet, or Aggregated Ethernet interface, bind an
802.1Q VLAN tag ID to the logical interface:
[edit interfaces interface-name unit logical-unit-number]
b.
user@host# set vlan-id number
3. Enable specification of an input or output filter to be applied to Layer 2 packets that
are part of bridging domain, Layer 2 switching cross-connects, or virtual private LAN
service (VPLS).
•
If the filter is to be evaluated when packets are received on the interface:
[edit interfaces interface-name unit logical-unit-number]
user@host# set family family filter input pm-filter-name-a
•
If the filter is to be evaluated when packets are sent on the interface:
[edit interfaces interface-name unit logical-unit-number]
user@host# set family family filter output pm-filter-name-b
The value of the family option can be ethernet-switching, ccc, or vpls.
NOTE: If port-mirroring firewall filters are applied at both the input and
output of a logical interface, two copies of each packet are mirrored. To
prevent the router or switch from forwarding duplicate packets to the
same destination, include the optional mirror-once statement at the [edit
forwarding-options] hierarchy level.
4.
Verify the minimum configuration for applying a named Layer 2 port mirroring firewall
filter to a logical interface:
[edit interfaces interface-name unit logical-unit-number family family filter ... ]
user@host# top
[edit]
user@host# show interfaces
interfaces {
interface-name {
vlan-tagging;
encapsulation extended-vlan-ethernet-switching;
unit number { # Apply a filter to the input of this interface
vlan-id number;
family (ethernet-switching | ccc | vpls) {
filter {
input pm-filter-for-logical-interface-input;
}
}
}
unit number { # Apply a filter to the output of this interface
vlan-id number;
family (ethernet-switching | ccc | vpls) {
filter {
output pm-filter-for-logical-interface-output;
}
}
Copyright © 2016, Juniper Networks, Inc.50
Port Mirroring Feature Guide for EX9200 Switches
To Next Page
Loading...
Need help?
General
