show security forwarding-options mirror-filter
Syntax
show security forwarding-options mirror-filter (all | filter-name)
Description
Displays status information about all configured mirror filters or that of a specific mirror filter. Each mirror filter contains a set of parameters against which traffic is matched. For each mirror filter, the output identifies the number of packets that were matched by the filter for mirroring and the number of packets that were sent to the packet analyzer. It also shows the parameters that were configured for the mirror filter.
Network operators need a way to monitor X2 traffic to debug any handover issues across eNodeBs. The mirror filter feature allows you to do that. To use the mirror filter feature to monitor X2 traffic, you configure mirror filters. Traffic coming out of an IPsec tunnel is decrypted, mirrored, and analyzed by a packet analyzer, and then encrypted again to go into the outbound IPsec tunnel.
The SRX Series mirror filter feature is bidirectional, much like a session. X2 traffic flowing through an IPSec VPN from devices that match the configured filter conditions is mirrored and analyzed.
Starting in Junos OS Release 18.4R1, if the output X2 interface of a mirror filter is configured for an st0 interface to filter traffic that you want to analyze, the packet is duplicated and encrypted by the IPsec tunnel bound to the st0 interface. This enhancement supports the SRX Series Firewalls to send traffic mirrored from a port on an IPsec tunnel.
You can configure up to 15 different mirror filters to be used concurrently.
Although there is no minimum required number of parameters for a mirror filter, please be mindful that if you specify too few criteria or accidentally commit an incomplete filter, an over-proportional amount of traffic flow through the system could be mirrored.
Options
| all | Display counters for all mirror filters. |
| filter-name | Name of the mirror filter for which the counters are displayed. |
Required Privilege Level
view
Output Fields
Lists
the output fields for the show security forward-options mirror-filter command. Output fields are listed in the approximate order in which
they appear in the output.
Field Name |
Field Description |
|---|---|
|
Name of the mirror filter configured on the device. |
|
Name of the incoming logical interface to be matched for mirroring. |
|
Name of the outgoing logical interface to be matched for mirroring. |
|
Networking protocol name or number to be matched for mirroring. |
|
Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) source port number to be matched for mirroring. |
|
Source IP prefix or address to be matched for mirroring. |
|
Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) destination port number to be matched for mirroring. |
|
Destination IP prefix or address to be matched for mirroring. |
|
Number of packets matched for mirroring. |
|
Number of packets sent to the packet analyzer. |
Sample Output
show security forward-options mirror-filter
user@host> show security forward-options mirror-filter traffic-https
Security mirror status
mirror-filter-name: traffic-https
interface-in: st0.1
interface-out: st0.2
destination-port: 443
protocol: 132
source-prefix: 192.0.2.0
destination-prefix: 203.0.113.0
filter-counters: 2
output-counters: 2Release Information
Command introduced in Junos OS Release 12.1X46-D10.