beautypg.com

Specifying the destination mirror port – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 461

background image

Brocade TurboIron 24X Series Configuration Guide

427

53-1003053-01

ACL-based inbound mirroring

TurboIron(config)#access-list 101 permit ip any any mirror

At this point not all IP traffic will be mirrored to port 2, since the ACL has not yet been applied to
any port.

3. Apply the ACL inbound clause to the monitor port.

TurboIron(config)#int e 5

TurboIron(config-if-e10000-5)#ip access-group 101 in

4. Configure the monitor port to use the mirror port.

TurboIron(config-if-e10000-5)#acl-mirror-port ethernet 2

To display ACL mirror settings, enter the show access-list all command.

TurboIron#show access-list all

Extended IP access list 101

permit ip any any mirror

Specifying the destination mirror port

You can specify physical ports or a trunk to mirror traffic from. If you complete the rest of the
configuration but do not specify a destination mirror port, the port-mirroring ACL will be
non-operational. This can be useful if you want to be able to mirror traffic by a set criteria
on-demand. With this configuration, you just configure a destination mirror port whenever you want
the port-mirroring ACL to become operational.

The following sections describe how to specify a destination port for a port or a trunk as well as the
special considerations required when mirroring traffic from a virtual interface.

Specifying the destination mirror port for physical ports

When you want traffic that has been selected by ACL-based Inbound Mirroring to be mirrored, you
must configure a destination mirror port. This configuration is performed at the Interface
Configuration of the port whose traffic you are mirroring. The destination port must be the same for
all ports in a port region as described in

“Ports from a port region must be mirrored to the same

destination mirror port”

on page 427.

In the following example, ACL mirroring traffic from port 1 is mirrored to port 3.

TurboIron(config)#interface ethernet 1

TurboIron(config-if-e10000-1)#ACL-mirror-port ethernet 3

Syntax: [no] ACL-mirror-port ethernet

The variable specifies port to which ACL-mirror traffic from the configured interface will
be mirrored.

The parameter specifies the mirror port to which the monitored port traffic will be
copied.

Ports from a port region must be mirrored to the same destination mirror port
Port regions as described in

“Enabling or disabling the Spanning Tree Protocol (STP)”

on page 255

are important when defining a destination mirror port. This is because all traffic mirrored from any
single port in a port region will be mirrored to the same destination mirror port as traffic mirrored
from any other port in the same port region. For example, ports 1 to 12 are in the same port region.
If you configure ports 1 and 2 to mirror their traffic, they should use the same destination mirror
port as shown in the following configuration.

See also other documents in the category Brocade Computer Accessories: