Header Only - DO NOT REMOVE - Extreme Networks

Port Mirroring capability of the SecureStack family


Userlevel 3
Article ID: 5595

Products
C5, C3, C2-Series
B5, B3, B2-Series
A4, A2-Series

Goals
Send traffic into network from mirrored destination port

Changes
Enabled Port Mirroring

Symptoms
Port mirroring target port will not pass unmirrored user traffic
Mirroring destination port does not support two-way traffic
Cannot access network when in Port Redirect "Destination Port"
'set port mirroring create'
"Destination port not correct"

Cause
The SecureStack family supports one mirroring instance of many-ports-to-one-port, wherein a single destination (monitor) port can monitor bi-directional traffic replicated from up to eight ethernet-linked source ports, with all ports being located anywhere in the stack. LAG ports (5531) and their underlying physical ports cannot be mirrored.

Mirroring of discontiguous ports would be configured by issuing a separate command for each set of contiguous (adjacent) source ports, all with the same destination port referenced; for example:set port mirroring create fe.1.5-6 fe.1.48
set port mirroring create fe.1.8-10 fe.1.48
set port mirroring create fe.1.12 fe.1.48
set port mirroring create fe.1.45 fe.1.48
set port mirroring create fe.1.47 fe.1.48[/code]If the user attempts to configure all of these source ports in a single command containing a complex port string, error message "Invalid Port in [port-string]." will result.

After configuring a destination port, it may not be used for any other purpose. For instance, it is not possible to operate, over the network, a remote sniffer attached to that port.
If the user attempts to configure a second destination port, error message "Destination port not correct" will result.

As of C5 any, C3 f/w 1.01.01.0047+, C2 f/w 5.01.01.0047+, B5 any, B3 f/w 1.01.01.0047+, and B2 f/w 4.01.01.0047+; it is possible to use the SMON MIB for management (including configuration) of Port Mirroring. See release notes (for example, C2 f/w 5.01.01.0049) for details.

Solution
FAD (Functions as Designed)
Contact Enterasys Networks Technical Services for an update, as necessary.

0 replies

Be the first to reply!

Reply