Campus Switching and Routing

Reply
Contributor I

Port Mirroring Limit on 5412R and 3810M

Hi there,

I saw from the ArubaOS-Switch 16.05 guide that:

Traffic mirroring supports the configuration of port and VLAN interfaces as mirroring sources in up to four mirroring sessions on a switch. Each session can have one or more sources (ports and/or static trunks, a mesh, or a VLAN interface) that monitor traffic entering and/or leaving the switch.

 

Question 1:

What is the hard limit for a 24/48 ports port mirroring to a single port? Is it 4 ports only?

 

Question 2:

Does it mean for 5406 and 5412 zl2 series also allows only 4 sessions per chassis? Even though all the line cards are inserted?

 

Thanks.

Re: Port Mirroring Limit on 5412R and 3810M

Hi,

 

Thank you for your question. Would be great if you can provide some additional details on the use model? Do you think 4 destinations is not enough? Below I've copied the question and try to provide an answer. 

 

Question 1:

What is the hard limit for a 24/48 ports port mirroring to a single port? Is it 4 ports only?

 

The 4 ports are related to exit ports. To be honest I don't think there is a hard limit and you're able to add all ports. The only limit you of course always have is the bandwidth of the exit port.  If you want to monitor all ports on certain traffic this is also possible with policies. Or you can better monitor uplinks / VLAN's. 

 

Question 2:

Does it mean for 5406 and 5412 zl2 series also allows only 4 sessions per chassis? Even though all the line cards are inserted?

 

You have 4 mirror session that can provide as an exit port. There is also an option to set-up remote mirror sessions which can be very nice since you just copy traffic from one switch to another. 

 

Let me know if there are any questions / comments. 

 

New Contributor

Re: Port Mirroring Limit on 5412R and 3810M

Is i want to monitor traffic from 2 VLANs on all Ports of the switch and mirror it to 1 mirror port. How can i do that?

 

I have configured the following but it is not working:

 

class ipv4 "all-traffic"

     10 match ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255

   exit

mirror 1 name "Forescout" port A24

policy mirror "Forescout"

     10 class ipv4 "all-traffic" action mirror 1

   exit

interface A24

   name "FFMFSC02-MirrorPort"

   exit

 

vlan 100

   name "LAN"

   untagged A2-A20,C1-C20,E1-E20

   tagged A1,A21-A24,B21-B24,C21-C24,D21-D24,E21-E24,F21-F24

   ip address 192.168.89.200 255.255.255.0

   service-policy "Forescout" in

   exit

vlan 200

   name "VOIP"

   untagged B1-B20,D1-D20,F1-F20

   tagged A1,A21-A24,B21-B24,C21-C24,D21-D24,E21-E24,F21-F24

   no ip address

   service-policy "Forescout" in

   exit

 

FFMCoreSW200(vlan-100)# show monitor 1

Network Monitoring

 

   Session: 1    Session Name: Forescout

      Mirror Destination:  A24   (Port)

 

      Monitoring Sources  Direction Truncation Mirror Policy

      ------------------  --------- ---------- -------------

      VLAN: 100           In         No         Forescout

      VLAN: 200           In         No         Forescout

 

 

Can some advise how to do make it working?

 

Many Thanks

Philip

Re: Port Mirroring Limit on 5412R and 3810M

Hi Philip,

 

If you just want to monitor all traffic on these VLANS and have local mirror (exit) port you can simply use these commands without all the classifications. 

 

Let's say VLAN 10 and 20 you need to monitor and port 24 on the switch is the port where all the traffic is send to. 

 

- Configure mirror session (exit):

mirror 1 port 24

- Configure monitor on VLANs

vlan 10

   monitor all both mirror 1

vlan 20

  monitor all both mirror 1

 

If I'm correct then this is it. You're done and ready to start monitoring traffic. Be aware when you monitor complete VLAN's that are really busy or have lots of ports on the same switch and send all of this traffic to one port you can potentially overload the mirror port. 

 

Regards, Dobias

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: