flexible-vlan-tagging;
encapsulation extended-vlan-bridge;
unit 2 {
vlan-tags outer 10 inner 20;
family ethernet-switching;
}
}
}
Packets received at logical interface ge-2/0/6.0 on VLAN example-bd-with-traffic are
evaluated by the port-mirroring firewall filter example-bridge-pm-filter. The firewall
filter acts on the input traffic according to the filter actions configured in the firewall
filter itself plus the input packet-sampling properties and mirror destination properties
configured in the global port-mirroring instance:
•
All packets received at ge-2/0/6.0 are forwarded to their (assumed) normal
destination at logical interface ge-3/0/1.2.
•
For every ten input packets, copies of the first five packets in that selection are
forwarded to the external analyzer at logical interface ge-0/0/0.0 in the other VLAN,
example-bd-with-analyzer.
If you configure the port-mirroring firewall filter example-bridge-pm-filter to take the
discard action instead of the accept action, all original packets are discarded while
copies of the packets selected using the global port-mirroring input properties are
sent to the external analyzer.
Related
Documentation
Understanding Layer 2 Port Mirroring on page 3•
• Layer 2 Port Mirroring Firewall Filters
• Defining a Layer 2 Port-Mirroring Firewall Filter
Example: Layer 2 Port Mirroring for a Layer 2 VPN
The following example is not a complete configuration, but shows all the steps needed
to configure port mirroring on an L2VPN using family ccc.
1.
Configure the VLAN port-mirror-bd, which contains the external packet analyzer:
[edit]
vlans {
port-mirror-vlan { # Contains an external traffic analyzer
interface ge-2/2/9.0; # External analyzer
}
}
2.
Configure the Layer 2 VPN CCC to connect logical interface ge-2/0/1.0 and logical
interface ge-2/0/1.1:
[edit]
protocols {
mpls {
interface all;
Copyright © 2016, Juniper Networks, Inc.58
Port Mirroring Feature Guide for EX9200 Switches
To Next Page
Loading...
Need help?
General
