Reset Search
 

 

Article

How to configure remote mirroring

« Go Back

Information

 
TitleHow to configure remote mirroring
Objective
Mirror ports from one switch to a device on another switch.
Environment
  • Summit
  • Black Diamond
  • EXOS
Procedure
On the switch you would like to collect traffic, and send it to a remote port:
  • configure mirror to port <UPLINK PORT> remote-tag <VID TAG>
  • configure mirror add <PORT or VLAN> <PORT LIST or VLAN NAME> (The VLAN name should not be the remote VLAN)
  • enable mirror
If there are multiple switches leading up to the Server then you have to repeat the steps above except add both uplink ports as tagged:
  • create vlan <VLAN NAME> (This vlan is only used for the mirrored traffic)
  • configure vlan <VLAN NAME> tag <VID TAG> remote-mirroring (The VID tag needs to stay consistent and is referenced on the other switch(es))
  • configure vlan <VLAN NAME> add port <UPLINK PORT> tagged (The Uplink port is the port number leading to the other switch)
  • configure vlan <VLAN NAME> add port <UPLINK PORT> tagged (The Uplink port is the port number leading towards the Server switch)

On the switch/port you would like the mirrored traffic to egress your network for a Network Analyser:
  • create vlan <VLAN NAME> (This vlan is only used for the mirrored traffic)
  • configure vlan <VLAN NAME> tag <VID TAG> remote-mirroring (The VID tag needs to stay consistent and is referenced on the other switch(es))
  • configure vlan <VLAN NAME> add port <UPLINK PORT> tagged (The Uplink port is the port number leading to the other switch)
  • configure vlan <VLAN NAME> add port <SERVER PORT> untagged (The Server port is the port number you would like to mirror the traffic to) 
Below I have created an example scenario:

In this example we are collecting all ingress traffic from the PC on SW1 port 5, and sending it out of SW2 port 5.  SW2 port 2 is where you would connect your Network Analyser.

PC1 <==> (P5) SW1 (P1) <==>(P1) SW2 (P2) <==> (P2) SW3 (P5) <==> Network Analyser

User-added image

SW1 (Mirror Switch):

configure mirror to port 1 remote-tag 1000
configure mirror add port 5 ingress
enable mirror


SW2 (Intermediate Switch):

create vlan remote_mirror
configure vlan remote_mirror tag 1000 remote-mirroring
configure vlan remote_mirror add port 1 tagged
configure vlan remote_mirror add port 2 tagged


SW3 (Capture Switch):

create vlan remote_mirror
configure vlan remote_mirror tag 1000 remote-mirroring
configure vlan remote_mirror add port 2 tagged
configure vlan remote_mirror add port 5 untagged

 
Additional notes
Note: Adding the remote-mirroring option to the VLAN disables learning, and disabled igmp snooping so the mirror traffic will pass through the vlan without issues.

 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255