KB.15.15

Example 111 Remote mirroring using traffic-direction criteria

In the network shown in Figure 190 (page 363), the administrator connects another traffic analyzer

to port B10 (in VLAN 40) on switch C to monitor all traffic entering switch A on port C12. For this

mirroring configuration, the administrator configures a mirroring destination (with a remote exit

port of B10) on switch C, and a remote mirroring session on switch A.

If the mirroring configuration in the proceeding example is enabled, it is necessary to use a different

session number (2) and UDP port number (9400.) (The IP address of the remote exit port

[10.10.40.7] connected to traffic analyzer 2 [exit port B10] can belong to a different VLAN than

the destination IP address of the VLAN used to reach remote switch C [10.20.40.1]).

Figure 190 Sample topology for remote mirroring from a port interface

To configure this remote mirroring session using a directional-based traffic selection on a port

interface, the operator must take the following steps:

1. On remote switch C, configure the remote mirroring endpoint using port B10 as the exit port

for a traffic analyzer (as described in “Configure a mirroring destination on a remote switch”

(page 349)):

Figure 191 Configuring a remote mirroring endpoint

2. On source switch A, configure session 2 to use UDP port 9400 to reach the remote mirroring

endpoint on switch C (10.10.40.1):

mirror 2 remote ip 10.10.10.119 9400 10.10.40.1

3. On source switch A, configure the local port C12 to select all inbound traffic to send to the

preconfigured mirroring destination for session 2:

interface c12 monitor all in mirror 2

Figure 192 Configuring a remote mirroring session for inbound port traffic

Classifier-based mirroring configuration 363