Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

231

232

233

234

235

236

237

238

239

240

Configuring Port Mirrors

May 04, 2011 Page 6 of 15

VLAN Mirrors

CreatingaVLANandsettingamirrorfortheVLANallowsyoutomonitoralltraffictoyour

specifiedVLANinterface.Forexample,youcouldtrackalldatatravelinginandoutofa

confidentialgroupofworkstations,suchasaFinanceVLAN,byanalyzingonlyoneconnection

point.Considerationswhen

configuringVLANmirrorsinclude:

•Aone‐to‐manyormany‐to‐oneVLANmirrorisconsideredasingledestinationport.

•Many‐to‐onemappingallowsmultipleVLANstobesenttoonespecificdestina tion port.

• Oversubscribedtrafficwillbedropped.

Avoiding Bottlenecks

Itisespecia llyimportanttonotoversubscribeportsinamirroringconfigurationbecausethiscan

causebottlenecksandwillresultindiscardedtraffic.

If,forexample,thereare10usersinVLAN1,eachattachedtoa10Mbpsport,whenyoumirrored

VLAN1toanother10Mbpsportto

whichyoursnifferisattached,theprobeswitchwould

probablyhavetodroppacketsatthedestinationport.Sinceyourpurposeinconfiguring

mirroringistoseeallofthetrafficforVLAN1,itwouldbebetterinthisscenariotoattachthe

sniffertoa100Mbpsport.

Configuring Port Mirrors

Asstatedpreviously,porttypesandnumbersofportsyoucanconfigureforportmirroring

dependonwhatfeaturesandfunctionsyourEnterasysdevicessupport.ReferbacktoTable 1fora

listofsupportandcapacityforeachdevice.

Thissectionprovidesinstruct ions forconfiguringthefollowingswitchproducts:

• N‐Series,

S‐Series,K‐Series(page6)

• X‐Series(page8)

• Stackableand StandaloneSwitches(page10)

N-Series, S-Series, K-Series

PortmirroringconfigurationsupportdiffersslightlybetweendevicetypesintheN‐Series

platform.GoldDFEssupportmirroringofphysicalportsandvirtualports,includingLAGports.

Inadditiontotheseporttypes,DiamondandPlatinumN‐SeriesDFEs,S‐SeriesanK‐Seriesalso

supportmirroringonVLANinterfaces,and

IDSportscreatedaspartofaLAG.Alldevicesallow

youtomirrorreceiveddata,transmitteddata,orboth.

Note: This function is supported only on N-Series, S-Series, and K-Series devices.

Note: When a port mirror is created, It is automatically enabled on all platforms.