beautypg.com

Acl-based inbound mirroring, Support with acl cam sharing enabled – Brocade Multi-Service IronWare Switching Configuration Guide (Supporting R05.6.00) User Manual

Page 46

background image

16

Multi-Service IronWare Switching Configuration Guide

53-1003036-02

ACL-based inbound mirroring

1

This output displays the output traffic mirrored to mirror port 1/1 from port 3/1 and input traffic
mirrored to mirror port 1/2 from port 4/1, which are explicitly configured.

ACL-based inbound mirroring

The Multi-Service IronWare software supports using an ACL to select traffic for mirroring from one
port to another. Using this feature, you can monitor traffic in the mirrored port by attaching a
protocol analyzer to it.

Considerations when configuring ACL-based
inbound mirroring

The following must be considered when configuring ACL-based inbound mirroring:

Configuring a common destination ACL mirror port for all ports of a PPCR (see below)

Support with ACL CAM sharing enabled (see below)

The mirror and copy-sflow keywords are mutually exclusive on a per-ACL clause basis.

ACL-based inbound mirroring and port-based inbound mirroring are mutually exclusive on a
per-port basis.

ACL-based mirroring must be configured at the LAG level for individual LAG member ports.

Configuring ACL-based mirroring at the port level on the primary port of a LAG mirrors all traffic
on that LAG to the monitor port.

Configuring a Common Destination ACL mirror port for
all ports of a PPCR

All ports using the same PPCR must have a common destination ACL mirror port when configuring
ACL-based inbound mirroring. For Example, where ports 4/1 and 4/2 belong to the same PPCR, the
following configuration that configures them with different destination ACL mirror ports will fail and
generate an error message as shown.

Brocade(config)# interface ethernet 4/1

Brocade(config-if-e10000-4/1)# acl-mirror-port ethernet 6/1

Brocade(config-if-e10000-4/1)# interface ethernet 4/2

Brocade(config-if-e10000-4/2)# acl-mirror-port ethernet 6/2

Error: 4/2 and 4/1 should have the same ACL mirror port

Support with ACL CAM sharing enabled

For ACL CAM sharing to function, either one of the following conditions must be true:

All ports that belong to a PPCR have the acl-mirror-port command configured to direct mirrored
traffic to the same port.

None of the ports that belong to the PPCR have the acl-mirror-port command configured.

ACL CAM sharing cannot function with the configuration shown in the following example because
port 4/1 has ACL port mirroring configured and port 4/2 does not.

See also other documents in the category Brocade Computer Accessories: