Port Mirroring Overview

Port Mirroring is a method of monitoring network traffic. When you enable port mirroring, the switch sends a copy of all network packets seen on one port to another port, where the packet can be analyzed.

Inbound Mirroring

Inbound mirroring is defined per In-Port, or per In-Port x VLAN. Configurations for six distinct VLAN tags, for any other VLAN tag, and for packets without VLAN tags are supported. The ingress mirroring can be sampled by specifying a probability that a matching packet will be mirrored.

Outbound Mirroring

Outbound mirroring is defined per Out-Port, or per Out-Port x VLAN tag. Configurations for seven distinct VLAN tags are supported.

Guidelines and Limitations

  • Up to 15 mirror profiles can be configured.

  • The same mirror resources are used for Lawful Interception (LI) and Port Mirroring.

  • You can configure a CPU port as destination physical interface port; but if heavy traffic is mirrored, it may impact system performance.

  • If physical interface/logical interface goes down, mirror configuration will not be deleted automatically. You need to delete the mirror configuration explicitly.

  • Before creating logical interface mirroring, the source logical interface should exist.

  • The logical interface should not be deleted during mirroring.

  • If you want to mirror traffic to CPU, enable the control plane security features. For more refer, see the Control Plane Security Guide.

  • Since this is a debugging tool, the save and reload functionality is not supported.

Supported Platforms

Not all features are necessarily supported on each hardware platform. Refer to the Platform Guide for the features and the sub-features that are or are not supported by each platform.