© Copyright IBM Corp. 2011
341
Chapter 30. Port Mirroring
The IBM Networking OS port mirroring feature allows you to mirror (copy) the
packets of a target port, and forward them to a monitoring port. Port mirroring
functions for all layer 2 and layer 3 traffic on a port. This feature can be used as a
troubleshooting tool or to enhance the security of your network. For example, an
IDS server or other traffic sniffer device or analyzer can be connected to the
monitoring port to detect intruders attacking the network.
The G8000 supports a “many to one” mirroring model. As shown in
,
selected traffic for ports 1 and 2 is being monitored by port 3. In the example, both
ingress traffic and egress traffic on port 2 are copied and forwarded to the monitor.
However, port 1 mirroring is configured so that only ingress traffic is copied and
forwarded to the monitor. A device attached to port 3 can analyze the resulting
mirrored traffic.
Figure 41. Mirroring Ports
The G8000 supports three monitor ports in stand-alone (non-stacking) mode. Only
one monitor port is supported in stacking mode. Each monitor port can receive
mirrored traffic from any number of target ports.
IBM N/OS does not support “one to many” or “many to many” mirroring models
where traffic from a specific port traffic is copied to multiple monitor ports. For
example, port 1 traffic cannot be monitored by both port 3 and 4 at the same time,
nor can port 2 ingress traffic be monitored by a different port than its egress traffic.
Ingress and egress traffic is duplicated and sent to the monitor port after processing.
Configuring Port Mirroring
The following procedure may be used to configure port mirroring for the example
:
1. Specify the monitoring port, the mirroring port(s), and the port-mirror direction.
2. Enable port mirroring.
Monitor Port
Specified traffic is copied
and forwarded to Monitor Port
Mirrored Ports
Ingress
Traffic
Both
Connected to
sniffer device
1
2
3
4
RS G8000(config)#
port-mirroring monitor-port 3 mirroring-port 1 in
RS G8000(config)#
port-mirroring monitor-port 3 mirroring-port 2 both
RS G8000(config)#
port-mirroring enable
Summary of Contents for RackSwitch G8000
Page 1: ...RackSwitch G8000 Application Guide...
Page 2: ......
Page 3: ...RackSwitch G8000 Application Guide...
Page 16: ...16 RackSwitch G8000 Application Guide...
Page 22: ...20 RackSwitch G8000 Application Guide...
Page 23: ...Copyright IBM Corp 2011 21 Part 1 Getting Started...
Page 24: ...22 RackSwitch G8000 Application Guide...
Page 54: ...52 RackSwitch G8000 Application Guide...
Page 55: ...Copyright IBM Corp 2011 53 Part 2 Securing the Switch...
Page 56: ...54 RackSwitch G8000 Application Guide...
Page 92: ...90 RackSwitch G8000 Application Guide...
Page 94: ...92 RackSwitch G8000 Application Guide...
Page 144: ...142 RackSwitch G8000 Application Guide...
Page 145: ...Copyright IBM Corp 2011 143 Part 4 Advanced Switch ing Features...
Page 146: ...144 RackSwitch G8000 Application Guide...
Page 148: ...146 RackSwitch G8000 Application Guide...
Page 182: ...180 RackSwitch G8000 Application Guide...
Page 184: ...182 RackSwitch G8000 Application Guide...
Page 212: ...210 RackSwitch G8000 Application Guide...
Page 258: ...256 RackSwitch G8000 Application Guide...
Page 286: ...284 RackSwitch G8000 Application Guide...
Page 294: ...292 RackSwitch G8000 Application Guide...
Page 298: ...296 RackSwitch G8000 Application Guide...
Page 310: ...308 RackSwitch G8000 Application Guide...
Page 311: ...Copyright IBM Corp 2011 309 Part 7 Network Management...
Page 312: ...310 RackSwitch G8000 Application Guide...
Page 320: ...318 RackSwitch G8000 Application Guide...
Page 332: ...330 RackSwitch G8000 Application Guide...
Page 334: ...332 RackSwitch G8000 Application Guide...
Page 345: ...Copyright IBM Corp 2011 343 Part 9 Appendices...
Page 346: ...344 RackSwitch G8000 Application Guide...
Page 357: ...Copyright IBM Corp 2011 Appendix C Notices 355 Taiwan Class A compliance statement...