Users Guide
1 Enable the MAC control-plane egress ACL.
mac control-plane egress-acl
2 Create an extended MAC access list and add a deny rule for (0x0180c2xxxxxx) packets using the following commands:
mac access-list extended mac2
seq 5 deny any 01:80:c2:00:00:00 00:00:00:ff:ff:ff count
3 Apply the extended MAC ACL on the RPM VLAN (VLAN 10 in the following example).
Dell#show running-config interface vlan 10
!
interface Vlan 10
no ip address
mode remote-port-mirroring
tagged Port-channel 2
mac access-group mac2 out
no shutdown
4 Create an RPM session (In the following example, port-channels 1 and 2 are LACP).
Dell(conf)#monitor session 1 type rpm
Dell(conf-mon-sess-1)#source port-channel 1 destination remote-vlan 10 dir rx
Dell(conf-mon-sess-1)#no disable
5 Verify the port-channel conguration.
Dell#show interfaces port-channel brief
Codes: L - LACP Port-channel
O - OpenFlow Controller Port-channel
LAG Mode Status Uptime Ports
L1 L3 up 00:01:17 Te 0/44 (Up)
L2 L2 up 00:00:58 Te 0/45 (Up)
Dell#
Encapsulated Remote-Port Monitoring
Encapsulated Remote Port Monitoring (ERPM) copies trac from source ports/port-channels or source VLANs and forwards the trac
using routable GRE-encapsulated packets to the destination IP address specied in the session.
NOTE
:
When conguring ERPM, follow these guidelines:
• The Dell Networking OS supports ERPM source sessions only. Encapsulated packets terminate at the destination IP address or at
the analyzer.
• You can congure up to four ERPM source sessions on the switch.
• You can congure any port as a source port in an ERPM session.
• The maximum number of source ports that can be dened in a session is 128.
• Make sure that the destination IP address is reachable via the congured IP route (static or dynamic)
• The system MTU should be congured properly to accommodate the increased size of the ERPM mirrored packet.
• The system encapsulates the complete ingress or egress data under GRE header, IP header and outer MAC header and sends it
out at the next hop interface as pointed by the routing table.
• The source IP address can be any port's ip address dened in the box but it should be unique and should not be assigned to any
other system in the network.
• You must specify the keyword monitor in the ACL rules used on a source interface (as shown in one of the examples following the
conguration procedure).
• ERPM sessions do not copy locally sourced remote-VLAN trac from source trunk ports that carry RPM VLANs. ERPM sessions
do not copy locally sourced ERPM GRE-encapsulated trac from source ports.
• A ow-based source VLAN can be monitored only for ingress trac (not egress trac).
• You can congure the port extender as source either as a physical interface or as a VLAN, whose memebers are PEX ports or as
VP lAGg.
To congure an ERPM session:
790
Port Monitoring