Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

show security forwarding-options mirror-filter

Syntax

Description

Displays status information about all configured mirror filters or that of a specific mirror filter. Each mirror filter contains a set of parameters against which traffic is matched. For each mirror filter, the output identifies the number of packets that were matched by the filter for mirroring and the number of packets that were sent to the packet analyzer. It also shows the parameters that were configured for the mirror filter.

Network operators need a way to monitor X2 traffic to debug any handover issues across eNodeBs. The mirror filter feature allows you to do that. To use the mirror filter feature to monitor X2 traffic, you configure mirror filters. Traffic coming out of an IPsec tunnel is decrypted, mirrored, and analyzed by a packet analyzer, and then encrypted again to go into the outbound IPsec tunnel.

Note:

The SRX Series mirror filter feature is bidirectional, much like a session. X2 traffic flowing through an IPSec VPN from devices that match the configured filter conditions is mirrored and analyzed.

Starting in Junos OS Release 18.4R1, if the output X2 interface of a mirror filter is configured for an st0 interface to filter traffic that you want to analyze, the packet is duplicated and encrypted by the IPsec tunnel bound to the st0 interface. This enhancement supports the SRX Series Firewalls to send traffic mirrored from a port on an IPsec tunnel.

You can configure up to 15 different mirror filters to be used concurrently.

Note:

Although there is no minimum required number of parameters for a mirror filter, please be mindful that if you specify too few criteria or accidentally commit an incomplete filter, an over-proportional amount of traffic flow through the system could be mirrored.

Options

all

Display counters for all mirror filters.

filter-name

Name of the mirror filter for which the counters are displayed.

Required Privilege Level

view

Output Fields

Lists the output fields for the show security forward-options mirror-filter command. Output fields are listed in the approximate order in which they appear in the output.

Table 1: show security forward-options mirror-filter

Field Name

Field Description

mirror-filter-name

Name of the mirror filter configured on the device.

interface-in

Name of the incoming logical interface to be matched for mirroring.

interface-out

Name of the outgoing logical interface to be matched for mirroring.

protocol

Networking protocol name or number to be matched for mirroring.

source-port

Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) source port number to be matched for mirroring.

source-prefix

Source IP prefix or address to be matched for mirroring.

destination-port

Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) destination port number to be matched for mirroring.

destination-prefix

Destination IP prefix or address to be matched for mirroring.

filter-counters

Number of packets matched for mirroring.

output-counter

Number of packets sent to the packet analyzer.

Sample Output

show security forward-options mirror-filter

Release Information

Command introduced in Junos OS Release 12.1X46-D10.