Port mirroring and monitoring configuration – Brocade FastIron Ethernet Switch Platform and Layer 2 Switching Configuration Guide User Manual
Page 236
Port mirroring can be used as a diagnostic tool or debugging feature, especially for preventing attacks.
Port mirroring can be managed locally or remotely.
You can configure port mirroring, by assigning a port (known as the Monitor port), from which the
packets are copied and sent to a destination port (known as the Mirror port). All packets received on
the Monitor port or issued from it, are forwarded to the second port. You next attach a protocol
analyzer on the mirror port to monitor each segment separately. The analyzer captures and evaluates
the data without affecting the client on the original port.
The mirror port may be a port on the same switch with an attached RMON probe, a port on a different
switch in the same hub, or the switch processor.
Port mirroring and monitoring configuration
To configure port monitoring, first specify the mirror port, then enable monitoring on the monitored
port.
The mirror port is the port to which the monitored traffic is copied. Attach your protocol analyzer to the
mirror port. The monitored port is the port with the traffic you want to monitor.
The following table lists the number of mirror and monitor ports supported on the Brocade devices. For
more information about port regions, refer to
on page 19.
Number of mirror and monitored ports supported
TABLE 39
Maximum number supported
Port Type
FastIron X Series
FCX
ICX (6450, 6430, 6610,
6650)
Ingress mirror ports
1 per port region
1 per port region
1 per port region
Egress mirror ports
1 per port region
1 per port region
1 per port region
Ingress monitored ports
No limit
No limit
No limit
Egress monitored ports
8
8
8
NOTE
FastIron X Series devices support multiple ingress and egress mirror ports. For 1 Gbps ports, ports in
groups of 12 share one ingress mirror port and one egress mirror port. Therefore, ports 1 and 2 cannot
have different mirror ports, but ports 1 and 13 can (port 25, for third-generation modules). Each 10
Gbps port (or each third-generation 10 GbE module) can have one ingress mirror port and one egress
mirror port.
NOTE
For devices other than the FastIron X Series, it is possible to configure more than eight egress ports,
although only the first eight are operational. This is also true for mirrored VLANs - more than eight can
be configured, but only the first eight are operational.
Port mirroring and monitoring configuration
236
FastIron Ethernet Switch Platform and Layer 2 Switching Configuration Guide
53-1003086-04