Configuring Port Mirroring (NSM Procedure)
On all M Series, T Series, and MX Series routers, you
can send a copy of an IPv4 or IPv6 packet from the routers to an external
host address or a packet analyzer for analysis. This is known as port
mirroring. In addition, on the M7i, M10i, M120, M320 and MX Series
routers only, you can configure port mirroring for VPLS traffic. VPLS
port mirroring is supported only on M7i and M10i routers with Enhanced
CFEB (CFEB-E). In addition, on M320 routers, VPLS port mirroring is
supported only on Enhanced III Flexible PIC Concentrators (FPCs).
To configure port mirroring in NSM:
- In the NSM navigation tree, select Device Manager
> Devices.
- Click the Device Tree tab, and then double-click
the device to select it.
- Click the Configuration tab. In the configuration
tree, expand Forwarding Options > Port Mirroring.
- Add or modify settings as specified in Table 1.
- Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.
Table 1: Port Mirroring Configuration
Details
| Task | Your Action |
|---|
Configure the address
type family to sample for port mirroring. | - In the Comment box, enter the comment for the
port mirroring.
- Select the Mirror Once check box to configure
the router to mirror packets only once.
- Click Family next to Port Mirroring.
- Expand Family.
- Click Inet or Inet6 next to Family.
- Click Output.
- In the Comment box, enter the comment.
- Select the No Filter Check check box to disable
filter checking on the port-mirroring interface.
- Click Interface next to Output.
- Click Add new entry next to Interface.
- Expand Interface.
- In the Name box, enter the name of the interface.
- In the Comment box, enter the comment.
- Click Next Hop next to interface.
- Click Add new entry next to Next Hop.
- In the Name box, enter the IP address of the
next-hop router.
- In the Comment box, enter the comment.
- Click Vpls next to Family.
- In the Comment box, enter the comment.
- Click Output next to Vpls.
- In the Comment box, enter the comment.
- In the Interface box, enter the name of the
interface.
- Select the No Filter Check check box to disable
filter checking on the port-mirroring interface.
|
Configure input packet properties for port mirroring. | - In the Comment box, enter the comment for input.
- From the Rate list, select the ratio of the
number of packets to be sampled. For example, if you specify a rate
of 10, every tenth packet (1 packet out of 10) is sampled.
Range: 1 through 65,535 - From the Run Length list, select the number
of samples following the initial trigger event. This allows you to
sample packets following those already being sampled.
Range: 0 through 20 Default: 0
|
Configure a port-mirroring instance. | - Click Instance next to Port Mirroring.
- Click Add new entry next to Instance.
- In the Name box, enter the name of the port-mirroring
instance.
- To configure the address type family to sample for port
mirroring, refer Table 1.
- To configure input packet properties for port mirroring,
refer Table 1.
|
Configure traffic sampling tracing operations. | - In the Comment box, enter the comment for traceoptions.
- Click File next to Traceoptions.
- In the Comment box, enter the comment for the
file.
- In the Filename box, enter the name of the
file containing the trace information.
Default: /var/log/sampled - In the Size box, enter the maximum size of
each traffic sampling file or trace log file, in kilobytes (KB), megabytes
(MB), or gigabytes (GB).
Syntax: xk to specify KB, xm to specify MB, or xg to specify
GB Range: 10 KB through the maximum file size supported on your
router Default: 1 MB for sampling data; 128 KB for log information - From the Files list, select the maximum number
of traffic sampling or trace log files.
Range: 1 through 100 files Default: 5 files for sampling output; 10 files for trace log
information - Select one of the following:
- world-readable—To enable unrestricted
file access.
- no-world-readable—To restrict file access
to owner.
|
Published: 2013-01-06
