Specifications

ManualsBrandsEnterasys ManualsComputer equipmentC2K122-24

161

162

163

164

165

166

167

168

169

170

Port Mirroring

SecureStack C3 Configuration Guide 4-33

Example

Thisexampleclearsthebroadcastthresholdlimitto14881ppsforports1through5:

C3(su)->clear port broadcast ge.1.1-5 threshold

Port Mirroring

TheSecureStackC3deviceallowsyoutomirror(orredirect)thetrafficbeingswitchedonaport

forthepurposesofnetworktrafficanalysisandconnectionassurance.Whenportmirroringis

enabled,oneportbecomesamonitorportforanotherportwithinthedevice.

Mirroring Features

TheSecureStackC3devicesupportsthefollowingmirroringfeatures:

• Mirroringcanbeconfiguredinamany‐to‐oneconfigurationsothatonetarget(destination)

portcanmonitortrafficonuptosourceports.Onlyonemirrordestinationportcanbe

configuredperstack.

•Bothtransmitandreceivetrafficwillbemirrored.

•A

mirroringsessionwhichisconfiguredtobeactive(enabled)willbeoperationallyactive

onlyifbothadestinat ionportandatleastonesourceporthavebeenconfigured.

•Adestinationportwillonlyactasamirroringportwhenthesessionisoperationallyactive.If

themirroringsessionisnotoperationally

active,thenthedestinationportwillactasanormal

portandparticipateinallnormaloperationwithrespecttotransmittingtrafficand

participatinginprotocols.

Remote Port Mirroring

Remoteportmirroringisanextensiontoportmirroringwhichfacilitatessimultaneousmirroring

ofmultiplesourceportsonmultipleswitchesacrossanetworktooneormoreremotedestination

ports.

Remoteportmirroringinvolvesconfigurationofthefollowingportmirroringrelatedparameters:

1. Configurationofnormalportmirroringsourceportsandone

destinationportonallswitches,

asdescribedabove.

2. ConfigurationofamirrorVLAN,whichisauniqueVLANonwhichmirroredpackets

traverseacrossthenetwork.ThemirrorVLANhastobeconfiguredonALLswitchesacross

thenetworkalongwhichmirroredtraffictraverses,fromtheswitchwherethesource

ports

residetotheswitchwherethemirroredpacketsaresniffedand/orcaptured.

Youmustensurethatswitchesinvolvedareproperlyconfiguredtofacilitatecorrectremoteport

mirroringoperation.Thefollowingpointsinparticularneedtobeobserved:

•Onthesourceswitch,thecorrectdestinationportmustbechosentoensure

thatthereisan

egresspathfromthatporttothedesiredremotedestination(s).

Caution: Port mirroring configuration should be performed only by personnel who are

knowledgeable about the effects of port mirroring and its impact on network operation.

Note: This functionality is not supported on SecureStack A2, B2, or C2 products.