User`s guide

Chapter 6 Virtual Network Interface Cards (vNICs) 97

traffic flow on “vn1.pubstest” is copied and sent to output vNIC “vn6.pubstest”,

which is connected to another server. When traffic is carried on vn1.pubstest,” the

server “Raynor” gets a copy of all packets.

Hardware Support

vNIC Mirroring is supported on all versions of GE module. vNIC Mirroring is

supported for intra-module traffic, so traffic received on an I/O Module is copied to

a destination on the same module only. You cannot configure vNIC Mirroring to

span multiple I/O modules or Oracle Fabric Interconnects.

Mirror Traffic

The mirror traffic is left in its original state just as it appears on the wire:

■ traffic is copied exactly from the input vNIC to the output vNIC or port.

■ the Oracle Fabric Interconnect does not encrypt or decrypt data packets when

copying them to the output mirror

■ the Oracle Fabric Interconnect does not change or tag traffic in any way before or

after it is sent to the mirror.

■ if QoS causes packets to be dropped as they ingress or egress the I/O module, the

same affect applies to the mirror. So, if traffic is dropped before transmission,

those packets are not copied to the mirror.

Mirroring to vNIC

When you mirror to an output vNIC, the traffic is copied to another vNIC that is in

either the same Server Profile or a different one. Typically, the output vNIC is hosted

on a separate server that is dedicated to auditing and security, but this is not a

requirement. One or more input vNICs can be mirrored to a single output vNIC.

The mirrored traffic is copied to the vNIC regardless of where the vNIC is

terminated. When mirroring to a vNIC, the Oracle Fabric Interconnect places no

restriction on the type of host where the output vNIC resides. So, for example, you

could have the input vNIC on a Windows host, and the mirror vNIC could be hosted

on a Linux host. The Oracle Fabric Interconnect would not prevent this

configuration.