Configuring Port Mirroring (NSM Procedure)
On all M Series, T Series, and MX Series routers, you
can send a copy of an IPv4 or IPv6 packet from the routers to an external
host address or a packet analyzer for analysis. This is known as port
mirroring. In addition, on the M7i, M10i, M120, M320 and MX Series
routers only, you can configure port mirroring for VPLS traffic. VPLS
port mirroring is supported only on M7i and M10i routers with Enhanced
CFEB (CFEB-E). In addition, on M320 routers, VPLS port mirroring is
supported only on Enhanced III Flexible PIC Concentrators (FPCs).
To configure port mirroring in NSM:
- In the NSM navigation tree, select Device Manager > Devices.
- Click the Device Tree tab,
and then double-click the device to select it.
- Click the Configuration tab.
In the configuration tree, expand Forwarding Options
> Port Mirroring.
- Add or modify settings as specified in Table 1.
- Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.
Table 1: Port Mirroring Configuration
Details
| Task |
Your Action |
Configure the address
type family to sample for port mirroring.
|
- In the Comment box, enter the comment
for the port mirroring.
- Select the Mirror Once check box
to configure the router to mirror packets only once.
- Click Family next to Port Mirroring.
- Expand Family.
- Click Inet or Inet6 next to Family.
- Click Output.
- In the Comment box, enter the comment.
- Select the No Filter Check check
box to disable filter checking on the port-mirroring interface.
- Click Interface next to Output.
- Click Add new entry next to Interface.
- Expand Interface.
- In the Name box, enter the name of
the interface.
- In the Comment box, enter the comment.
- Click Next Hop next to interface.
- Click Add new entry next to Next
Hop.
- In the Name box, enter the IP address
of the next-hop router.
- In the Comment box, enter the comment.
- Click Vpls next to Family.
- In the Comment box, enter the comment.
- Click Output next to Vpls.
- In the Comment box, enter the comment.
- In the Interface box, enter the name
of the interface.
- Select the No Filter Check check
box to disable filter checking on the port-mirroring interface.
|
Configure input packet properties for port mirroring.
|
- In the Comment box, enter the comment
for input.
- From the Rate list, select the ratio
of the number of packets to be sampled. For example, if you specify
a rate of 10, every tenth packet (1 packet out of 10) is sampled.
Range: 1 through 65,535
- From the Run Length list, select
the number of samples following the initial trigger event. This allows
you to sample packets following those already being sampled.
Range: 0 through 20
Default: 0
|
Configure a port-mirroring instance.
|
- Click Instance next to Port Mirroring.
- Click Add new entry next to Instance.
- In the Name box, enter the name of
the port-mirroring instance.
- To configure the address type family to sample for port
mirroring, refer Table 1.
- To configure input packet properties for port mirroring,
refer Table 1.
|
Configure traffic sampling tracing operations.
|
- In the Comment box, enter the comment
for traceoptions.
- Click File next to Traceoptions.
- In the Comment box, enter the comment
for the file.
- In the Filename box, enter the name
of the file containing the trace information.
Default: /var/log/sampled
- In the Size box, enter the maximum
size of each traffic sampling file or trace log file, in kilobytes
(KB), megabytes (MB), or gigabytes (GB).
Syntax: xk to specify KB, xm to specify MB, or xg to specify
GB
Range: 10 KB through the maximum file size supported on your
router
Default: 1 MB for sampling data; 128 KB for log information
- From the Files list, select the maximum
number of traffic sampling or trace log files.
Range: 1 through 100 files
Default: 5 files for sampling output; 10 files for trace log
information
- Select one of the following:
- world-readable—To enable unrestricted
file access.
- no-world-readable—To
restrict file access to owner.
|
Published: 2009-08-23
