Using the remote probe VLAN to enable local mirroring to support multiple monitor ports
In typical local port mirroring configuration, you can configure only one monitor port in a local mirroring group. As a result, you cannot monitor traffic of a local device on multiple data monitoring devices. To do that, take advantage of the remote probe VLAN used in Layer 2 remote mirroring.
In Layer 2 remote port mirroring, a remote probe VLAN is configured, and the mirrored packets are broadcast within the remote probe VLAN. By connecting multiple data monitoring devices to the remote probe VLAN's member ports, you can monitor the local device's traffic on multiple data monitoring devices.
Configure this feature by following these steps:
Configure a remote source mirroring group on the local device.
Configure the monitored ports on the device as source ports of this mirroring group.
Configure a remote probe VLAN for this mirroring group.
Assign the ports connecting the data monitoring devices to the remote probe VLAN.
In this way, when packets mirrored on the monitored ports are broadcast in the remote probe VLAN, they are sent out of the ports connecting the data monitoring devices, and all data monitoring devices can thus receive these mirrored packets.
Configuration restrictions and guidelines
The reflector port of a remote source mirroring group must be an access port and belong to the default VLAN, VLAN 1.
Hewlett Packard Enterprise recommends that you configure an unused port as the reflector port of a remote source mirroring group and disable spanning tree on it.
Do not configure a combo interface as a reflector port.
A mirroring group can contain multiple source ports.
To make sure that the port mirroring function works properly, do not assign a source port to the remote probe VLAN.
If you have already configured a reflector port for a remote source mirroring group, you can no longer configure an egress port for it.
A VLAN can serve as the remote probe VLAN for only one remote source mirroring group. Hewlett Packard Enterprise recommends that you use the remote probe VLAN for port mirroring exclusively. Do not create a VLAN interface for the VLAN or configure any other features for the VLAN.
A remote probe VLAN must be a static VLAN. To remove the VLAN configured as a remote probe VLAN, you must first remove the remote probe VLAN with the undo mirroring-group remote-probe vlan command.
If the remote probe VLAN of a remote mirroring group is removed, the remote mirroring group will become invalid.
The link type of monitor ports configured for port mirroring must be access.
Configuration procedure
To configure local port mirroring with multiple monitor ports:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Create a remote source mirroring group. | mirroring-group group-id remote-source | By default, no mirroring group exists on a device. |
3. Configure source ports for the remote source mirroring group. |
| Use either approach. By default, no source port is configured for a mirroring group. |
4. Configure the reflector port for the remote source mirroring group. | mirroring-group group-id reflector-port reflector-port | By default, no reflector port is configured for a mirroring group. |
5. Create the remote probe VLAN and enter VLAN view. | vlan vlan-id | By default, no remote probe VLAN is configured for a mirroring group. |
6. Assign monitor ports to the remote probe VLAN. | port interface-list | By default, a newly-created VLAN does not have any member port. |
7. Return to system view. | quit | N/A |
8. Configure the remote probe VLAN for the remote source mirroring group. | mirroring-group group-id remote-probe vlan rprobe-vlan-id | By default, no remote probe VLAN is configured for a mirroring group. |