Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

221

222

223

224

225

226

227

228

229

230

Configuring Port Mirroring clear port broadcast

4-52 Port Configuration

Configuring Port Mirroring

TheMatrixdeviceallowsyoutomirror(orredirect)thetrafficbeingswitchedonaportorVLAN

forthepurposesofnetworktrafficanalysisandconnectionassurance.Whenportmirroringis

enabled,oneportbecomesamonitorportforanotherportorVLANwithinthedevice.

Supported Mirrors

ThefollowingtypesofportscanparticipateinmirroringontheMatrixSeriesdevice:

•Physicalports, includingfrontpanelandFTM‐1ports

•Virtualports,includingLinkAggregationGroup(LAG)andhostports.Fordetailson

configuringportsforlinkaggregation,referto“ConfiguringLACP”onpage 4 ‐56.

•VLANports.For 

detailsonconfiguring802.1QVLANs,refertoChapter 7.

•IDS(IntrusionDetectionSystem)portsconfiguredaspartofaLAG.

IDS Mirroring Considerations

AnIDSmirrorisaone‐to‐manyportmirrorthathasbeendesignedforusewithanIntrusion

DetectionSystem.ThefollowingconsiderationsmustbetakenintoaccountwhenconfiguringIDS

mirroringontheMatrixdevice:

•Asofrelease5.xx.xx,mirroringofmultiple(unlimitednumberof)sourceportstoan

IDS

destinationportissupported.

•EightdestinationportsmustbereservedforanIDSmirror.

•AllDIP/SIPpairswillbetransmittedoutthesamephysicalport.

•Allnon‐IPtrafficwillbemirroredoutthefirstphysicalportinaLAG.Thisportwillalsobe

usedforIPtraffic.

•Portfailureor

linkrecoveryinaLAGwillcauseanautomaticre‐distributionoftheDIP/SIP

conversations.

Active Destination Port Configurations

TheMatrixNSAdevicesupports64mirroringdestinationports.EachMatrixDFE‐PlatinumSeries

devicesupports16mirroringdestinationports.Theseportscanbeamixedvarietyofport,VLAN,

andIDScombinations.Anyoralldestinationportscanbeconfiguredinamany‐to‐onemirroring

configuration(thatis,many

sourcesmirroredtoonedestination).Examplesofdestinationport

configurationsonaDFE‐PlatinumSeriesmoduleinclude:

•16portmirrors

•16VLANmirrors

•8portand8VLANmirrors

•12portand4VLANmirrors

•8portand1IDSmirror(wherethedevicemirrorsto8ports)

•8VLANand1

IDSmirror(wherethedevicemirrorsto8ports)

Caution: Port mirroring configuration should be performed only by personnel who are

knowledgeable about the effects of port mirroring and its impact on network operation.