Reference Guide
Session and VLAN requirements
Remote port mirroring requires a source session (monitored ports on dierent source devices), a reserved tagged VLAN for transporting
mirrored trac (congured on source, intermediate, and destination devices), and a destination session (destination ports connected to
analyzers on destination devices).
• Congure any network device with source ports and destination ports and enable it to function in an intermediate transport session for
a reserved VLAN at the same time for multiple remote-port mirroring sessions. Enable and disable individual mirroring sessions.
• BPDU monitoring is not required to use remote port mirroring.
• A remote port mirroring session mirrors monitored trac by prexing the reserved VLAN tag to monitored packets to copy to the
reserved VLAN.
• The source address, destination address, and original VLAN ID of the mirrored packet are prexed with the tagged VLAN header.
Untagged source packets are tagged with the reserved VLAN ID.
• The member port of the reserved VLAN must have the MTU and IPMTU value as MAX+4 (to hold the VLAN tag parameter).
• To associate with source session, the reserved VLAN can have a maximum of four member ports.
• To associate with destination session, the reserved VLAN can have multiple member ports.
• The reserved VLAN cannot have untagged ports.
Reserved L2 VLAN
• MAC address learning in the reserved VLAN is automatically disabled.
• You can automatically congure the reserved VLAN for remote port mirroring on intermediate devices by using GVRP.
• There is no restriction on the VLAN IDs used for the reserved remote-mirroring VLAN. Valid VLAN IDs are from 2 to 4094. The default
VLAN ID is not supported.
• In mirrored trac, packets that have the same destination MAC address as an intermediate or destination device in the path used by
the reserved VLAN to transport the mirrored trac are dropped by the device that receives the trac if the device has a L3 VLAN
congured.
Source session
• Congure physical ports and port-channels as sources in remote port mirroring and use them in the same source session. You can use
both L2 (congured with the switchport command) and L3 ports as source ports. Optionally congure one or more source VLANs
to congure the VLAN trac to be mirrored on source ports.
188
Layer 2