Article ID: 5595
Products
C5, C3, C2-Series
B5, B3, B2-Series
A4, A2-Series
Goals
Send traffic into network from mirrored destination port
Changes
Enabled Port Mirroring
Symptoms
Port mirroring target port will not pass unmirrored user traffic
Mirroring destination port does not support two-way traffic
Cannot access network when in Port Redirect "Destination Port"
'set port mirroring create'
"Destination port not correct"
Cause
The SecureStack family supports one mirroring instance of many-ports-to-one-port, wherein a single destination (monitor) port can monitor bi-directional traffic replicated from up to eight ethernet-linked source ports, with all ports being located anywhere in the stack. LAG ports (
5531) and their underlying physical ports cannot be mirrored.
Mirroring of discontiguous ports would be configured by issuing a separate command for each set of contiguous (adjacent) source ports, all with the same destination port referenced; for example:set port mirroring create fe.1.5-6 fe.1.48
set port mirroring create fe.1.8-10 fe.1.48
set port mirroring create fe.1.12 fe.1.48
set port mirroring create fe.1.45 fe.1.48
set port mirroring create fe.1.47 fe.1.48If the user attempts to configure all of these source ports in a single command containing a complex port string, error message "Invalid Port in [port-string]." will result.
After configuring a destination port, it may not be used for any other purpose. For instance, it is not possible to operate, over the network, a remote sniffer attached to that port.
If the user attempts to configure a second destination port, error message "Destination port not correct" will result.
As of C5 any, C3 f/w 1.01.01.0047+, C2 f/w 5.01.01.0047+, B5 any, B3 f/w 1.01.01.0047+, and B2 f/w 4.01.01.0047+; it is possible to use the SMON MIB for management (including configuration) of Port Mirroring. See release notes (for example,
C2 f/w 5.01.01.0049) for details.
Solution
FAD (Functions as Designed)
Contact Enterasys Networks Technical Services for an update, as necessary.
