You can use the CLI can configure sessions 1 to 4 for local or remote mirroring in any combination, and override a
Menu configuration of session 1.
You can also use SNMP configure sessions 1 to 4 for local or remote mirroring in any combination and override a
Menu configuration of session 1,
except
that SNMP cannot be used to configure a classifier-based mirroring
policy.
Remote mirroring endpoint and intermediate devices
The remote mirroring endpoint that is used in a remote mirroring session must be an switch that supports the
mirroring functions described in this chapter. (A remote mirroring endpoint consists of the remote switch and exit
port connected to a destination device.) Because remote mirroring on an switch uses IPv4 to encapsulate
mirrored traffic sent to a remote endpoint switch, the intermediate switches and routers in a layer 2/3 domain can
be from any vendor if they support IPv4.
The following restrictions apply to remote endpoint switches and intermediate devices in a network configured for
traffic mirroring:
• The exit port for a mirroring destination must be an individual port and
not
a trunk, mesh, or VLAN interface.
• A switch mirrors traffic on static trunks, but not on dynamic LACP trunks.
• A switch mirrors traffic at line rate. When mirroring multiple interfaces in networks with high-traffic levels, it is
possible to copy more traffic to a mirroring destination than the link supports. However, some mirrored traffic
may not reach the destination. If you are mirroring a high-traffic volume, you can reduce the risk of
oversubscribing a single exit port by:
◦ Directing traffic from different session sources to multiple exit ports.
◦ Configuring an exit port with a higher bandwidth than the monitored source port.
Remote mirroring overview
To configure a remote mirroring session in which the mirroring source and destination are on different switches,
follow these general steps:
on page 430, the switch begins mirroring traffic to the remote destination (endpoint)
configured for the session.
1.
Determine the IP addressing, UDP port number, and destination (exit) port number for the remote session:
a.
Source VLAN or subnet IP address on the source switch.
b.
Destination VLAN or subnet IP address on the destination switch.
c.
Random UDP port number for the session (7933-65535.)
d.
Remote mirroring endpoint: Exit port and IP address of the remote destination switch (In a remote mirroring
endpoint, the IP address of the exit port and remote switch can belong to different VLANs. Any loopback IP
address can be used except the default loopback address 127.0.0.1.)
Requirement: For remote mirroring, the same IP addressing and UDP port number must be configured on both
the source and destination switches.
2.
On the remote destination (endpoint) switch, enter the
mirror endpoint
command with the information
on page 429 to configure a mirroring session for a specific exit port.
3.
Determine the session (1 to 4) and (optional) alphanumeric name to use on the
source
switch.
4.
Determine the traffic to be filtered by any of the following selection methods and the appropriate configuration
level (VLAN, port, mesh, trunk, global):
Chapter 12 Monitoring and Analyzing Switch Operation
429