Monitoring and Analyzing Switch Operation > Interface monitoring features

 

 next

Interface monitoring features

You can designate monitoring of inbound and outbound traffic on ports and static trunks. This allows the monitoring of individual ports, groups of contiguous ports, and static port trunks.

The switch monitors network activity by copying all traffic inbound and outbound on the specified interfaces to the designated monitoring port, to which a network analyzer can be attached.

If a tagged packet arrives on a monitored port, the packet will remain tagged when it goes out a monitored port even if that port is configured as untagged. If the packet is untagged, it will remain untagged going out the monitor port. The monitor port state (tagged or untagged) does not affect the tagging of the packet. However, egress mirroring does not reflect the tagged or untagged characteristic to the mirror port, instead it reflects the tagged or untagged characteristic of the mirror port.

[NOTE: ]

NOTE: When both inbound and outbound monitoring is done, and IGMP is enabled on any VLAN, you may get two copies of IGMP packets on the monitored port.

[NOTE: ]

NOTE: VLANs and port trunks cannot be used as a monitoring port.

The switch can monitor static LACP trunks, but not dynamic LACP trunks.

It is possible, when monitoring multiple interfaces in networks with high traffic levels, to copy more traffic to a monitor port than the link can support. In this case, some packets may not be copied to the monitor port.

Configuring port and static trunk monitoring (Menu)

This procedure describes configuring the switch for monitoring when monitoring is disabled. (If monitoring has already been enabled, the screens will appear differently than shown in this procedure.)

  1. From the console Main Menu, select:

    2. Switch Configuration...

    3. Network Monitoring Port

  2. In the Actions menu, press [E] (for Edit).

  3. If monitoring is currently disabled (the default) then enable it by pressing the Space bar (or [Y]) to select Yes.

  4. Press the down arrow key to display a screen similar to the following and move the cursor to the Monitoring Port parameter.

  5. Use the Space bar to select the port to use for monitoring.

  6. Use the down arrow key to move the cursor to the Action column for the individual ports and position the cursor at a port you want to monitor.

  7. Press the Space bar to select Monitor for each port and trunk that you want monitored. (Use the down arrow key to move from one interface to the next in the Action column.)

  8. When you finish selecting ports to monitor, press [Enter], then press [S] (for Save) to save your changes and exit from the screen.

  9. Return to the Main Menu.

Configuring port and static trunk monitoring (CLI)

You must use the following configuration sequence to configure port and static trunk monitoring in the CLI:

  1. Assign a monitoring (mirror) port.

  2. Designate the port(s) and/or static trunk(s) to monitor.

Displaying the monitoring configuration

Syntax:

show monitor

This command lists the port assigned to receive monitored traffic and the ports and/or trunks being monitored.

For example, if you assign port 5 as the monitoring port and configure the switch to monitor ports 2-4, show monitor displays the following:

Monitored port listing

switch(config)# show monitor

 Network Monitoring Port

  Mirror Port: 41

  Monitoring sources 2
  ------------------
  2
  3
  4

1

Port receiving monitored traffic.

2

Monitored ports

Configuring the monitor port

Syntax:
[no] mirror-port [ <port-num> ]

This command assigns or removes a monitoring port, and must be executed from the global configuration level. Removing the monitor port disables port monitoring and resets the monitoring parameters to their factory-default settings.

For example, to assign port 6 as the monitoring port:

switch(config)# mirror-port 6

To turn off monitoring:

switch(config)# no mirror-port

Selecting or removing monitoring source interfaces

After you configure a monitor port you can use either the global configuration level or the interface context level to select ports or static trunks as monitoring sources. You can also use either level to remove monitoring sources.

Syntax:
[no] interface <monitor-list> monitor

<monitor-list>

Includes port numbers and static trunk names such as 4, 7, 5-8, trk1

Identifies the switch elements to monitor through the currently configured monitor port. You can monitor the ports and static trunks available on the switch.

Elements in the monitor list can include port numbers and static trunk names at the same time.

For example, with a port such as port 6 configured as the monitoring (mirror) port, you would use either of the following commands to select these interfaces for monitoring:

  • 1–3, and 5

  • Trunk 2

Selecting ports and static trunks as monitoring sources

switch(config)# int 1-3, 5, trk2, monitor

Disabling monitoring at the interface context and the global config level

switch(eth-1-3, 5)# no int 5 monitor 1
switch(eth-1-3, 5)# no monitor

switch(config)# no int 5 monitor 2
switch(config)# no int 1-3, 5 monitor

1

These two commands show how to disable monitoring at the interface context level for a single port or all ports in an interface context level.

2

These two commands show how to disable monitoring at the global config level for a single port or a group of ports.

prev

 

up

 next

Troubleshooting traffic mirroring 

home

 Troubleshooting

Copyright © 2016 Hewlett Packard Enterprise Development LP