Configuration notes – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 458
424
Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Configuring port mirroring and monitoring
Configuration notes
Refer to the following rules when configuring port mirroring and monitoring:
•
Port monitoring and sFlow support:
•
Devices support sFlow and port monitoring together on the same port.
•
If you configure both ACL mirroring and ACL based rate limiting on the same port, then all
packets that match are mirrored, including the packets that exceed the rate limit.
•
lists the number of mirror and monitor ports supported on the devices.
.
•
You can configure a mirror port specifically as an ingress port, an egress port, or both.
•
Mirror ports can run at any speed and are not related to the speed of the ingress or egress
monitored ports.
•
The same port cannot be both a monitored port and the mirror port.
•
The same port can be monitored by one mirror port for ingress traffic and another mirror port
for egress traffic.
•
The mirror port cannot be a trunk port.
•
The monitored port and its mirror port do not need to belong to the same port-based VLAN:
•
If the mirror port is in a different VLAN from the monitored port,
•
Ingress mirrored packets are sent unmodified (as packets are received on wire).
•
Egress mirrored packets are tagged.
•
If the mirror port is in the same VLAN as the monitored port, both switched and mirrored
copy are allowed to be received at the mirror port.
•
Switched packets are tagged or untagged, depending on the mirror port’s VLAN
configuration.
•
For mirrored packets, ingress mirrored packets are sent unmodified (as the packets
are recieved on wire), and egress mirrored packets are tagged.
•
More than one monitored port can be assigned to the same mirror port.
•
If the primary interface of a trunk is enabled for monitoring, the entire trunk will be monitored.
You can also enable an individual trunk port for monitoring using the config-trunk-ind
command.
•
For ingress ACL mirroring, the previous ingress rule also applies. The analyzer port setting
command acl-mirror-port must be specified for each port, even though the hardware only
supports one port per device. This applies whether the analyzer port is on the local device or
on a remote device. For example, when port mirroring is set to a remote device, any mirroring
(ACL, MAC filter, or VLAN) enabled ports are globally set to a single analyzer port, as shown in
the following example.
TABLE 69
Number of mirror and monitored ports supported
Port type
Maximum ports supported
TurboIron X Series
Ingress mirror ports
1
Egress mirror ports
1
Ingress monitored ports
no limit
Egress monitored ports
no limit