KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

341

342

343

344

345

346

347

348

349

350

Mirroring destinations

Traffic mirroring supports destination devices that are connected to the local switch or to a remote

switch:

• Traffic can be copied to a destination (host) device connected to the same switch as the

mirroring source in a local mirroring session. You can configure up to four exit ports to which

destination devices are connected.

• Traffic can be bridged or routed to a destination device connected to a different switch in a

remote mirroring session. You can configure up to 32 remote mirroring endpoints (IP address

and exit port) to which destination devices are connected.

Mirroring sources and sessions

Traffic mirroring supports the configuration of port and VLAN interfaces as mirroring sources in up

to four mirroring sessions on a switch. Each session can have one or more sources (ports and/or

static trunks, a mesh, or a VLAN interface) that monitor traffic entering and/or leaving the switch.

NOTE: Using the CLI, you can make full use of the switch's local and remote mirroring capabilities.

Using the Menu interface, you can configure only local mirroring for either a single VLAN or a

group of ports, static trunks, or both.

In remote mirroring, a 54-byte remote mirroring tunnel header is added to the front of each mirrored

frame for transport from the source switch to the destination switch. This may cause some frames

that were close to the MTU size to exceed the MTU size. Mirrored frames exceeding the allowed

MTU size are dropped, unless the optional [truncation] parameter is set in the mirror

command.

Mirroring sessions

A mirroring session consists of a mirroring source and destination (endpoint.) Although a mirroring

source can be one of several interfaces, as mentioned above, for any session, the destination must

be a single (exit) port. The exit port cannot be a trunk, VLAN, or mesh interface.

You can map multiple mirroring sessions to the same exit port, which provides flexibility in

distributing hosts, such as traffic analyzers or an IDS. In a remote mirroring endpoint, the IP address

of the exit port and the remote destination switch can belong to different VLANs.

Mirroring sessions can have the same or a different destination. You can configure an exit port on

the local (source) switch and/or on a remote switch as the destination in a mirroring session. When

configuring a mirroring destination, consider the following options:

• Mirrored traffic belonging to different sessions can be directed to the same destination or to

different destinations.

• You can reduce the risk of oversubscribing a single exit port by:

Directing traffic from different session sources to multiple exit ports.•

• Configuring an exit port with a higher bandwidth than the monitored source port.

• You can segregate traffic by type, direction, or source.

Mirroring session limits

A switch running software release K.12.xx or greater supports the following:

• A maximum of four mirroring (local and remote) sessions.

• A maximum of 32 remote mirroring endpoints (exit ports connected to a destination device

that receive mirrored traffic originating from monitored interfaces on a different switch.)

342 Monitoring and Analyzing Switch Operation