Configuring Port Mirroring

This chapter describes the Port Mirroring feature, which can serve as a diagnostic tool, debugging tool, or means of fending off attacks.

Port mirroring selects network traffic from specific ports for analysis by a network analyzer, while allowing the same traffic to be switched to its destination. You can configure many switch ports as source ports and one switch port as a destination port. You can also configure how traffic is mirrored on a source port. Packets received on the source port, transmitted on a port, or both received and transmitted, can be mirrored to the destination port.

Configuring Port Mirroring via CLI

Example 1: Set Up a Port Mirroring Session

The following command sequence enables port mirroring and specifies a source and destination ports.

CODE EXAMPLE 9-1 Setting Up a Port Mirroring Session
(DTI SWITCH) #config (DTI SWITCH) (Config)#monitor session 1 mode (DTI SWITCH) (Config)#monitor session 1 source interface 0/7 ? <cr> Press Enter to execute the command. rx Monitor ingress packets only. tx Monitor egress packets only. (DTI SWITCH) (Config)#monitor session 1 source interface 0/7 (DTI SWITCH) (Config)#monitor session 1 destination interface 0/8 (DTI SWITCH) (Config)#exit

CODE EXAMPLE 9-1 Setting Up a Port Mirroring Session

(DTI SWITCH) #config
 
(DTI SWITCH) (Config)#monitor session 1 mode
 
(DTI SWITCH) (Config)#monitor session 1 source interface 0/7 ?
 
<cr>                     Press Enter to execute the command.
rx                       Monitor ingress packets only.
tx                       Monitor egress packets only.
 
(DTI SWITCH) (Config)#monitor session 1 source interface 0/7
 
(DTI SWITCH) (Config)#monitor session 1 destination interface 0/8
 
(DTI SWITCH) (Config)#exit

Example 2: Show the Port Mirroring Session

CODE EXAMPLE 9-2 Showing the Port Mirroring Session
(DTI SWITCH) #show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port Type ---------- ---------- ---------- ------------- ----- 1 Enable 1/0/8 01/0/7 Rx,Tx

Example 4: Show Status of Source and Destination Ports

Use this command for a specific port. The output shows whether the port is the mirror or the probe port, what is enabled or disabled on the port, etc.

CODE EXAMPLE 9-3 Showing Status of Source and Destination Ports
(DTI SWITCH) #show port 0/7 Admin Physical Physical Link Link LACP Intf Type Mode Mode Status Status Trap Mode ---- ---- ------ -------- -------- ------ ---- ---- 1/0/7 Mirror Enable Auto Down Enable Enable (DTI SWITCH) #show port 0/8 Admin Physical Physical Link Link LACP Intf Type Mode Mode Status Status Trap Mode ---- ---- ------ -------- -------- ------ ---- ---- 1/0/8 Probe Enable Auto Down Enable Enable

CODE EXAMPLE 9-3 Showing Status of Source and Destination Ports

(DTI SWITCH) #show port 0/7
 
                  Admin    Physical  Physical  Link     Link     LACP
Intf    Type      Mode     Mode      Status    Status   Trap     Mode
----    ----      ------   --------  --------  ------   ----     ----
1/0/7   Mirror    Enable   Auto                Down     Enable   Enable
 
 
(DTI SWITCH) #show port 0/8
 
                   Admin    Physical  Physical  Link     Link     LACP
Intf     Type      Mode     Mode      Status    Status   Trap     Mode
----     ----      ------   --------  --------  ------   ----     ----
1/0/8    Probe     Enable   Auto                Down     Enable   Enable