Configuring the Global Instance of Layer 2 Port Mirroring
On an MX Series router, you can configure a set of Layer 2 port-mirroring properties that implicitly apply to packets received on all ports in the router chassis.
To configure the global instance of Layer 2 port mirroring on an MX Series router:
Enable configuration of the Layer 2 port mirroring:
[edit]user@host# edit forwarding-options port-mirroringEnable configuration of the packet-selection properties:
[edit forwarding-options port-mirroring]user@host# edit inputSpecify global-level packet-selection properties.
- The valid range is 1 through 65535.
Specify the number of packets to select:
[edit forwarding-options port-mirroring input]user@host# set rate number - The valid range is 0 through 20. The default value is 0.
Specify the number of packets to mirror from each selection:
[edit forwarding-options port-mirroring input]user@host# set run-length number - The valid range is 0 through 9216. The default value is 0, which means the mirrored packets are not truncated.
Specify the length to which mirrored packets are to be truncated:
[edit forwarding-options port-mirroring input]user@host# set maximum-packet-length number
- The value of the family option can be bridge, ccc, or vpls.
Specify the global-level Layer 2 address-type family from which traffic is to be selected for mirroring:
[edit forwarding-options port-mirroring input]user@host# up[edit forwarding-options port-mirroring]user@host# edit family family
Note: Under the [edit forwarding-options port-mirroring] hierarchy level, the protocol family statement family bridge is an alias for family vpls. The command-line interface (CLI) displays Layer 2 port-mirroring configurations as family vpls, even for Layer 2 port-mirroring configured as family bridge. Use family bridge when the physical interface is configured with encapsulation ethernet-bridge.
Enable configuration of global-level mirror destination properties for this address family:
[edit forwarding-options port-mirroring family family]user@host# edit outputSpecify global-level mirror destination properties for this address family.
- You can also specify an integrated routing and bridging (IRB) interface as the output interface.
Specify the physical interface on which to send the mirrored packets:
[edit forwarding-options port-mirroring family family output]user@host# set interface interface-name (Optional) Allow configuration of filters on the destination interface for the named port-mirroring instance:
[edit forwarding-options port-mirroring family family output]user@host# set no-filter-check
(Optional) Specify that any packets selected for mirroring are to be mirrored only once to any mirroring destination:
[edit forwarding-options port-mirroring family family output]user@host# up 2[edit forwarding-options port-mirroring]user@host# set mirror-once
Tip: Enable the mirror-once option when an MX Series router is configured to perform Layer 2 port mirroring at both ingress and egress interfaces, which could result in sending duplicate packets to the same destination (which would complicate the analysis of the mirrored traffic).
Verify the minimum configuration of the global instance of Layer 2 port mirroring:
[edit forwarding-options ... ]user@host# top[edit]user@host# show forwarding-optionsforwarding-options {port-mirroring {input { # Global packet-selection properties.maximum-packet-length number; # Default is 0.rate number; run-length number; } family (ccc | vpls) { # Address- type ’bridge’ displays as ’vpls’.output { # Global mirror destination properties.interface interface-name; no-filter-check; # Optional. Allow filters on interface.} }mirror-once; # Optional. Mirror destinations do not receive duplicate packets.}}
