I basically have the layout that was discussed in https://community.extremenetworks.com/extreme/topics/remote-mirroring-trunk-lacp
, but I was looking for an "official" confirmation.
Let's say I have an edge switch (460) with multiple vlans, tagged to a shared uplink port 55 (grouped 55-58) to two BD8800s (55/56 going to BD8800-1, 57/58 to BD8800-2) with an ISC/MLAG between the 8800s.
I need to remote mirror, let's say "Port 1" on the 460, which is an untagged port in a vlan, meaning I need to see the traffic that happens on the 460-Port-1
My Network Analyzer is plugged into port 5:20 on BD8800-1
Naive me goes ahead and says on the 460:
configure mirror add port 1 ingress-and-egress
configure mirror to port 55 remote-tag 1234
So far, so good. But as soon as I say:
I get the dreaded "Error: Port mirroring cannot be enabled on a trunk member port 55"
I created a vlan 1234 and added port 55 tagged to it - makes no difference
I just wanted a confirmation that it's really not possible to use existing shared uplink ports to carry remote mirrors. As much as I hate it, I can understand that there might be technical limitations with shared ports and mirrors - like packet sequences getting out of order perhaps, or some such thing.
Would I be right to assume that remote mirroring only works over single unshared "uplink" ports - which in my case pretty much means "if you want to remote mirror, fling a new cable from the 8800 with the analyzer to the 460s where you want to monitor ports?
Yes, I tried to read the documentation, but may have missed that part
At least that way I found the "capture locally to memory, tftp, then analyze" trick that I will be eternally grateful for - just have to be careful to not accidentally use up all the memory!