Reference Guide
Port Monitoring | 621
30
Port Monitoring
Port Monitoring is supported on platforms: e c s z
Port Monitoring, also known as Port Mirroring, is a feature that copies all incoming or outgoing packets on
one port and forwards (mirrors) them to another port. The source port is the monitored port (MD) and the
destination port is the monitoring port (MG). Port Monitoring functionality is different between platforms,
but the behavior is the same, with highlighted exceptions.
This chapter is divided into the following sections:
• Important Points to Remember on page 621
• Port Monitoring on E-Series on page 622
• Port Monitoring on C-Series, S-Series, and Z-Series on page 623
• Configuring Port Monitoring on page 626
• Flow-based Monitoring on page 628
Important Points to Remember
• Port Monitoring is supported on physical ports only; VLAN and port-channel interfaces do not support
port monitoring.
• A SONET port may only be a monitored port.
• The Monitored (source, “MD”) and Monitoring ports (destination, “MG”) must be on the same switch.
• In general, a monitoring port should have
no ip address and no shutdown as the only configuration;
FTOS permits a limited set of commands for monitoring ports; display them using the command
?. A
monitoring port also may not be a member of a VLAN.
• There may only be one destination port in a monitoring session.
• A source port (MD) can only be monitored by one destination port (MG). The following error is
displayed if you try to assign a monitored port to more than one monitoring port.
FTOS(conf)#mon ses 1
FTOS(conf-mon-sess-1)#$gig 0/0 destination gig 0/60 direction both
FTOS(conf-mon-sess-1)#do show mon ses
SessionID Source Destination Direction Mode Type
--------- ------ ----------- --------- ---- ----
1 Gi 0/0 Gi 0/60 both interface Port-based
FTOS(conf-mon-sess-1)#mon ses 2
FTOS(conf-mon-sess-2)#source gig 0/0 destination gig 0/61 direction both
% Error: MD port is already being monitored.