Brocade TurboIron 24X Series Configuration Guide User Manual

Page 462

Advertising
background image

428

Brocade TurboIron 24X Series Configuration Guide

53-1003053-01

ACL-based inbound mirroring

TurboIron(config)#interface ethernet 1

TurboIron(config-if-e10000-1)#ACL-mirror-port ethernet 3

TurboIron(config)#interface ethernet 2

TurboIron(config-if-e10000-2)#ACL-mirror-port ethernet 3

If ports within the same port region are mirrored to different destination ports, an error message
will be generated as shown in the following example, and the configuration will be disallowed.

TurboIron(config)#interface ethernet 1

TurboIron(config-if-e10000-1)#ACL-mirror-port ethernet 3

TurboIron(config)#interface ethernet 2

TurboIron(config-if-e10000-2)#ACL-mirror-port ethernet 7

Error - Inbound Mirror port 3 already configured for port region 1 - 12

When a destination port is configured for any port within a port region, traffic from any ACL with a
mirroring clause assigned to any port in that port region will be mirrored to that destination port.
This will occur even if a destination port is not explicitly configured for the port with the ACL
configured. In the following example, an ACL with a mirroring clause (101) is applied to a port (1).
Another port in the same region (2) has a destination port set (3). In this example, traffic generated
from operation of ACL 101 is mirrored to port 3 even though a destination port has not explicitly
been defined for traffic from port 1.

TurboIron(config)#interface ethernet 1

TurboIron(config-if-e10000-1)#ip access-group 101 in

TurboIron(config)#interface ethernet 2

TurboIron(config-if-e10000-2)#ACL-mirror-port ethernet 3

NOTE

If a destination mirror port is not configured for any ports within the port region where the
port-mirroring ACL is configured, the ACL will not mirror the traffic but the ACL will be applied to traffic
on the port.

Specifying the destination mirror port for trunk ports

You can mirror the traffic that has been selected by ACL-based Inbound Mirroring from a trunk by
configuring a destination port for the primary port within the trunk configuration as shown.

TurboIron(config)#trunk ethernet 1 to 4

TurboIron(config)#interface ethernet 1

TurboIron(config-if-e10000-1)#ACL-mirror-port ethernet 8

Using this configuration, all trunk traffic will be mirrored to port 8.

Limitations when configuring ACL-based mirroring with trunks
The config-trunk-ind option as described in

“Disabling or re-enabling a trunk port”

on page 339

cannot operate with ACL-Based Mirroring as described in the following:

If a trunk is configured with the config-trunk-ind option, ACL-Based Mirroring will not be
allowed.

If the config-trunk-ind option is added to a trunk, any ports that are configured for ACL-based
Mirroring will have monitoring removed and the following message will be displayed.

Trunk port monitoring, if any, has been removed.

If an individual port is configured for ACL-Based Mirroring, you cannot add it to a trunk. If you try to
add a port that is configured for ACL-Based Mirroring to a trunk, the following message appears.

Note - ACL-mirror-port configuration is removed from port 2 in new trunk.

Advertising
Popular Brands
Popular manuals