Specifying the, Destination mirror port for ip receive acls – Brocade BigIron RX Series Configuration Guide User Manual

Page 677

Advertising
background image

BigIron RX Series Configuration Guide

599

53-1002484-04

ACL-based inbound mirroring

22

The following considerations apply when configuring ACL-based mirroring with trunks:

You must configure ACL-mirroring for a trunk within the trunk configuration as shown in the
examples. Attempting to configure ACL-mirroring at the interface level for a port that is
contained within a trunk will fail and display the following message

Error: please use trunk config level to configure ACL based mirroring on trunk

port.

If an individual port is configured for ACL-based Mirroring, you cannot add it to a trunk. If you
want to add it to a trunk, you must remove it from ACL-based mirroring first. Then you can add it
to a trunk. It can then be configured for either ACL-based trunk mirroring or for Mirroring an
individual port within a trunk.

If you attempt to add a port that is configured for ACL-based Mirroring to a port, the following
message will display:

ACL port is configured on port 2/1, please remove it and try again.

Trunk transaction failed: Trunk Config Vetoed

Deleting a trunk with ACL-based Mirroring Configured: When a trunk is deleted, the ACL-based
Mirroring configuration is propagated to the individual ports that made up the trunk.

Example: If the trunk is configured as shown.

BigIron RX(config)# trunk switch ethernet 4/1 to 4/2

BigIron RX(config-trunk-4/1-4/2)# acl-mirror-port ethe-port-monitored 4/1 ethe

4/3

And then you delete the trunk as shown.

BigIron RX(config)# no trunk switch ethernet 4/1 to 4/2

The configuration for ACL-based mirroring will be propagated to ports 4/1 and 4/2 as shown in
the following.

interface ethernet 4/1

acl-mirror-port ethernet 4/3

interface ethernet 4/2

acl-mirror-port ethernet 4/3

Specifying the destination mirror port for IP receive ACLs

When specifying a destination port for IP Receive ACLs, you must configure the acl-mirror-port
command on all ports supported by the same PPCR. For example, if you are using mirroring traffic
for an rACL on a 4 x 10G interface module and you want to mirror traffic incoming on the first PPCR,
you have to configure the acl-mirror-port command on both ports 1 and 2. If you want to mirror IP
Receive ACL permit traffic incoming on all ports of the module, you have to configure the
acl-mirror-port command on all ports of the module.

Configuring ACL-based mirroring for ACLs bound to virtual
interfaces

For configurations that have an ACL bound to a virtual interface, you must configure the
acl-mirror-port command on a port for each PPCR that is a member of the virtual interface. For
example, in the following configuration ports 4/1 and 4/2 share the same PPCR while port 4/3
uses another PPCR.

Advertising
Popular Brands
Popular manuals