Port Mirror limitations
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎04-23-2015 03:12 PM
Hello, I need to know how many port mirroring can create in a Summit x440, I mean, I have a 48 ports, can create 46 Mirror and sen the traffic to one especific port?
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎04-23-2015 08:48 PM
Uber,
If you captured ingress and egress traffic in a VLAN you would end with duplicate traffic.
Suppose you have node A connected to port 1 and nobe B connected to port 2 and that both nodes are on the same vlan. When node A send a packet to node B the switch will mirror it when in enters the vlan (ingress) and when node B responds the switch will mirror it when the packet enters the vlan. If you mirrored traffic when it entered the vlan and when it egressed, you would have each packet mirrored twice.
Mirroring ingress and egress traffic makes sense when you apply it to a port.
Even then you have to be careful to avoid duplication of traffic. Using the previous example, if you mirrored ingress & egress in those two ports, any traffic exchanged between nodes A and B would be duplicate...
Remember that the mirrored traffic can be much higher than the capacity of the mirror port, so you want to avoid duplicate traffic.
If you captured ingress and egress traffic in a VLAN you would end with duplicate traffic.
Suppose you have node A connected to port 1 and nobe B connected to port 2 and that both nodes are on the same vlan. When node A send a packet to node B the switch will mirror it when in enters the vlan (ingress) and when node B responds the switch will mirror it when the packet enters the vlan. If you mirrored traffic when it entered the vlan and when it egressed, you would have each packet mirrored twice.
Mirroring ingress and egress traffic makes sense when you apply it to a port.
Even then you have to be careful to avoid duplication of traffic. Using the previous example, if you mirrored ingress & egress in those two ports, any traffic exchanged between nodes A and B would be duplicate...
Remember that the mirrored traffic can be much higher than the capacity of the mirror port, so you want to avoid duplicate traffic.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎04-23-2015 08:48 PM
Uber,
When mirroring a VLAN, you are limited to ingress only. If you need ingress and egress, you will need to mirror the ports. If multiple VLANs are present on the port, all VLANs will be mirrored.
When mirroring a VLAN, you are limited to ingress only. If you need ingress and egress, you will need to mirror the ports. If multiple VLANs are present on the port, all VLANs will be mirrored.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎04-23-2015 04:53 PM
Uber, you can also mirror an entire VLAN to a monitor port. Depending on the amount of traffic on the VLAN this could potentially saturate the monitor port.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎04-23-2015 03:28 PM
Thanks Brandon.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎04-23-2015 03:24 PM
Hi Uber,
You should be able to mirror ports 1-46 to port 48. After EXOS 15.3, up to four mirror instances are allowed, but this config would only use one mirror instance.
One thing to be aware of, however, is that since you are mirroring 46 ports, there is a potential for up to 92 gbps of traffic to be included in the mirror (1G ingress and egress on each mirrored port). Because of this, some traffic may not be seen on the monitor port due to bandwidth limitations.
You should be able to mirror ports 1-46 to port 48. After EXOS 15.3, up to four mirror instances are allowed, but this config would only use one mirror instance.
One thing to be aware of, however, is that since you are mirroring 46 ports, there is a potential for up to 92 gbps of traffic to be included in the mirror (1G ingress and egress on each mirrored port). Because of this, some traffic may not be seen on the monitor port due to bandwidth limitations.
