Administrator Guide
Figure 118. Remote Port Mirroring
Configuring Remote Port Mirroring
Remote port mirroring requires a source session (monitored ports on different source switches), a reserved tagged VLAN for transporting
mirrored traffic (configured on source, intermediate, and destination switches), and a destination session (destination ports connected to
analyzers on destination switches).
Configuration Notes
When you configure remote port mirroring, the following conditions apply:
• You can configure any switch in the network with source ports and destination ports, and allow it to function in an intermediate
transport session for a reserved VLAN at the same time for multiple remote-port mirroring sessions. You can enable and disable
individual mirroring sessions.
• BPDU monitoring is not required to use remote port mirroring.
• A remote port mirroring session mirrors monitored traffic by prefixing the reserved VLAN tag to monitored packets so that they are
copied to the reserve VLAN.
• Mirrored traffic is transported across the network using 802.1Q-in-802.1Q tunneling. The source address, destination address and
original VLAN ID of the mirrored packet are preserved with the tagged VLAN header. Untagged source packets are tagged with the
reserve VLAN ID.
• You cannot configure a private VLAN or a GVRP VLAN as the reserved RPM VLAN.
• The L3 interface configuration should be blocked for the reserved VLAN.
• The member port of the reserved VLAN should have MTU and IPMTU value as MAX+4 (to hold the VLAN tag parameter).
• To associate with a source session, the reserved VLAN can have a maximum of 4 member ports.
• To associate with a destination session, the reserved VLAN can have multiple member ports.
• The reserved VLAN cannot have untagged ports.
In the reserved L2 VLAN used for remote port mirroring:
• MAC address learning in the reserved VLAN is automatically disabled.
• The reserved VLAN for remote port mirroring can be automatically configured in intermediate switches by using GVRP.
Port Monitoring
709