Troubleshooting tools, Introduction, Port mirroring – NEC INTELLIGENT L2 SWITCH N8406-022A User Manual

Troubleshooting tools 90

Troubleshooting tools

Introduction

This appendix discusses some tools to help you use the Port Mirroring feature to troubleshoot common network
problems on the switch.

Port Mirroring

The Port Mirroring feature on the switch is very useful for troubleshooting any connection-oriented problem. Any
traffic in or out of one or more ports can be mirrored to a single monitoring port to which a network monitor can be
attached.

Port Mirroring can be used as a troubleshooting tool or to enhance the security of your network. For example, an
Intrusion Detection Service (IDS) server can be connected to the monitor port to detect intruders attacking the
network.

As shown in the following figure, port 20 is monitoring ingress traffic (traffic entering the switch) on port 23 and
egress traffic (traffic leaving the switch) on port 1. You can attach a device to port 20 to monitor the traffic on ports
23 and 1.

Figure 11 Port Mirroring

Egress traffic

Mirrored traffic

Ingress traffic

Egress traffic

Legend

Interconnect

Switch A

18
17

16
15

4
3

2
1

18
17

16
15

4
3

2
1

Server 2

Server 1

10/100/1000 X-Connects

Interconnect
Switch B

20 21 22 23 24

20 21 22 23 24

Monitoring

port 20

This figure shows two mirrored ports monitored by a single port. Similarly, you can have one mirrored port to one
monitored port, or many mirrored ports to one monitored port. The switch does not support a single port being
monitored by multiple ports because it supports only one monitored port configured at a time.

Ingress traffic is duplicated and sent to the mirrored port before processing, and egress traffic is duplicated and
sent to the mirrored port after processing.