Technical Documentation

Configuring the Global Instance of Layer 2 Port Mirroring

On an MX Series router, you can configure a set of Layer 2 port-mirroring properties that implicitly apply to packets received on all ports in the router chassis.

To configure the global instance of Layer 2 port mirroring on an MX Series router:

  1. Enable configuration of the Layer 2 port mirroring:

    [edit]user@host# edit forwarding-options port-mirroring
  2. Enable configuration of the packet-selection properties:

    [edit forwarding-options port-mirroring]user@host# edit input
  3. Specify global-level packet-selection properties.

    1. Specify the number of packets to select:

      [edit forwarding-options port-mirroring input]user@host# set rate number
      The valid range is 1 through 65535.
    2. Specify the number of packets to mirror from each selection:

      [edit forwarding-options port-mirroring input]user@host# set run-length number
      The valid range is 0 through 20. The default value is 0.
    3. Specify the length to which mirrored packets are to be truncated:

      [edit forwarding-options port-mirroring input]user@host# set maximum-packet-length number
      The valid range is 0 through 9216. The default value is 0, which means the mirrored packets are not truncated.
  4. Specify the global-level Layer 2 address-type family from which traffic is to be selected for mirroring:

    [edit forwarding-options port-mirroring input]user@host# up[edit forwarding-options port-mirroring]user@host# edit family family
    The value of the family option can be bridge, ccc, or vpls.

    Note: Under the [edit forwarding-options port-mirroring] hierarchy level, the protocol family statement family bridge is an alias for family vpls. The command-line interface (CLI) displays Layer 2 port-mirroring configurations as family vpls, even for Layer 2 port-mirroring configured as family bridge. Use family bridge when the physical interface is configured with encapsulation ethernet-bridge.

  5. Enable configuration of global-level mirror destination properties for this address family:

    [edit forwarding-options port-mirroring family family]user@host# edit output
  6. Specify global-level mirror destination properties for this address family.

    1. Specify the physical interface on which to send the mirrored packets:

      [edit forwarding-options port-mirroring family family output]user@host# set interface interface-name
    2. (Optional) Allow configuration of filters on the destination interface for the named port-mirroring instance:

      [edit forwarding-options port-mirroring family family output]user@host# set no-filter-check
  7. (Optional) Specify that any packets selected for mirroring are to be mirrored only once to any mirroring destination:

    [edit forwarding-options port-mirroring family family output]user@host# up 2[edit forwarding-options port-mirroring]user@host# set mirror-once

    Tip: Enable the mirror-once option when an MX Series router is configured to perform Layer 2 port mirroring at both ingress and egress interfaces, which could result in sending duplicate packets to the same destination (which would complicate the analysis of the mirrored traffic).

  8. Verify the minimum configuration of the global instance of Layer 2 port mirroring:

    [edit forwarding-options ... ]user@host# top[edit]user@host# show forwarding-options forwarding-options {port-mirroring {input { # Global packet-selection properties.maximum-packet-length number; # Default is 0.rate number; run-length number; } family (ccc | vpls) { # Address- type ’bridge’ displays as ’vpls’.output { # Global mirror destination properties.interface interface-name; no-filter-check; # Optional. Allow filters on interface.} }mirror-once; # Optional. Mirror destinations do not receive duplicate packets.}}

Published: 2010-05-11