Reference Guide

Port Monitoring | 635

Port Monitoring

Port Monitoring is supported on the following platforms: s z

Port Monitoring, also known as Port Mirroring, is a feature that copies all incoming or outgoing packets on

one port and forwards (mirrors) them to another port. The source port is the monitored port (MD) and the

destination port is the monitoring port (MG). Port Monitoring functionality is different between platforms,

but the behavior is the same, with highlighted exceptions.

This chapter is divided into the following sections:

• Important Points to Remember

• Port Monitoring on S-Series, and Z-Series

• Configuring Port Monitoring

• Port Monitoring Example

Important Points to Remember

• Port Monitoring is supported on physical ports only; VLAN and port-channel interfaces do not support

port monitoring.

• The Monitored (source, “MD”) and Monitoring ports (destination, “MG”) must be on the same switch.

• In general, a monitoring port should have

no ip address and no shutdown as the only configuration;

FTOS permits a limited set of commands for monitoring ports; display them using the command

?. A

monitoring port also may not be a member of a VLAN.

• There may only be one destination port in a monitoring session.

• A source port (MD) can only be monitored by one destination port (MG). The following error is

displayed if you try to assign a monitored port to more than one monitoring port.

FTOS(conf)#mon ses 1

FTOS(conf-mon-sess-1)#$te 0/0 destination te 0/60 direction both

FTOS(conf-mon-sess-1)#do show mon ses

SessionID Source Destination Direction Mode Type

--------- ------ ----------- --------- ---- ----

1 Te 0/0 Te 0/60 both interface Port-based

FTOS(conf-mon-sess-1)#mon ses 2

FTOS(conf-mon-sess-2)#source te 0/0 destination te 0/61 direction both

% Error: MD port is already being monitored.

• The S-Series may only have four destination ports per port-pipe. There is no limitation on the total

number of monitoring sessions.