To configure a local mirroring session in which
the mirroring source and destination are on the same switch, follow
these general steps:
Procedure
- Determine the session and
local destination port:
- Session number (1-4)
and (optional) alphanumeric name
- Exit port (any port
on the switch except a monitored interface used to mirror traffic)
IMPORTANT: Hewlett Packard Enterprise strongly discourages
connecting a mirroring exit port to a network because doing so can
result in serious network performance problems. Only connect an exit
port to a network analyzer, IDS, or other network edge device that
has no connection to other network resources.
- Enter the
mirror
session-# [name session-name ] port port-#
command to
configure the session.
- Determine the traffic to
be selected for mirroring by any of the following methods and the
appropriate configuration level (VLAN, port, mesh, trunk, switch):
Direction: inbound,
outbound, or both
Classifier-based mirroring
policy: inbound only for IPv4 or IPv6 traffic
MAC source and/or destination
address: inbound, outbound, or both
- Enter the
monitor command to assign one or more source interfaces to the session.
After you complete step 4, the switch begins
mirroring traffic to the configured exit port.
The following commands configure mirroring for
a local session in which the mirroring source and destination are
on the same switch.
The mirror command identifies the destination in a mirroring session.
The interface and vlan commands identify the mirroring source,
including source interface, traffic direction, and traffic-selection
criteria for a specified session.
NOTE: With no
allow-v2-modules specified in the configuration of a switch with V3 modules on KB
firmware, Egress VLAN ACLs do not filter mirrored traffic. You must
use a port ACL to filter mirrored traffic.