CommScope RUCKUS Community Forums

GregNI · ‎05-15-2025

I have a small stack of ICX-7150 switches running software version 10.0.0.10.

I am trying to setup the monitor and mirror pair of 1/2/2 to 3/1/21 - both ports are ethernet, 1 gig copper. I have succeeded in get it set up and working but I don’t seem to be able to block random multicast, ARP etc. bleeding in from other devices/ports. I want the mirror port (3/1/21) to simply be an absolute passive copy of the In and Out of 1/2/2 without anything generated by the stack or multicast and related from other ports.

Any suggestions?

BenBeck · ‎05-15-2025

You need to put the mirror port in an isolated vlan.

Port Mirror Example

ICX(config)#mirror-port ethernet 1/1/12 <---port connected to laptop. Ensure this port is in dummy vlan by itself to avoid unknown UC, MC, BC traffic
ICX(config)#int eth 1/1/11 <-----port that we want to monitor
ICX(config-if-e1000-1/1/11)#monitor ethernet 1/1/12 in/out/both <---define if we want ingress, egress, bidirectional traffic

Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

View solution in original post

GregNI · ‎05-15-2025

Thanks for this. I just spotted that I had that I had created my dummy VLAN with the port as tagged instead of untagged and now I have moved to untagged it works fine.

For anyone who's following up:

vlan 999 name dummy-monitor by port
untagged ethe 3/1/21

mirror-port ethernet 3/1/21

interface ethernet 1/2/2
monitor ethernet 3/1/21 both

View solution in original post

GregNI · ‎07-10-2025

Hi,

The last command monitor ethernet both 1/1/1 both should be 1/1/2

ie. monitor ethernet 1/1/2 both

The 'monitor' command says where should I send the data which in this case is 1/1/2

View solution in original post

BenBeck · ‎05-15-2025

You need to put the mirror port in an isolated vlan.

Port Mirror Example

ICX(config)#mirror-port ethernet 1/1/12 <---port connected to laptop. Ensure this port is in dummy vlan by itself to avoid unknown UC, MC, BC traffic
ICX(config)#int eth 1/1/11 <-----port that we want to monitor
ICX(config-if-e1000-1/1/11)#monitor ethernet 1/1/12 in/out/both <---define if we want ingress, egress, bidirectional traffic

Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

GregNI · ‎05-15-2025

Thanks for this. I just spotted that I had that I had created my dummy VLAN with the port as tagged instead of untagged and now I have moved to untagged it works fine.

For anyone who's following up:

vlan 999 name dummy-monitor by port
untagged ethe 3/1/21

mirror-port ethernet 3/1/21

interface ethernet 1/2/2
monitor ethernet 3/1/21 both

ally_khodadeen · ‎05-26-2025

Hello, I am getting below error:

CORE-SWITCH(config-if-e10000-1/1/1)#monitor ethernet 1/1/1 both
Error - Invalid mirror port 1/1/1
CORE-SWITCH(config-if-e10000-1/1/1)#

my config are as follows:
Monitor Port:

CORE-SWITCH#sh vlan eth 1/1/1
Total PORT-VLAN entries: 8
Maximum PORT-VLAN entries: 1024

Legend: [Stk=Stack-Id, S=Slot]

PORT-VLAN 15, Name FG-CORE, Priority level0, On
Untagged Ports: (U1/M1) 1

Mirror port:

CORE-SWITCH#sh vlan eth 1/1/2
Total PORT-VLAN entries: 8
Maximum PORT-VLAN entries: 1024

Legend: [Stk=Stack-Id, S=Slot]

PORT-VLAN 999, Name MIRROR-SPAN, Priority level0, Off
Untagged Ports: (U1/M1) 2

CORE-SWITCH(config)#mirror-port ethernet 1/1/2
CORE-SWITCH(config)#int eth 1/1/1
CORE-SWITCH(config-if-e10000-1/1/1)#monitor ethernet 1/1/1
CORE-SWITCH(config-if-e10000-1/1/1)#monitor ethernet 1/1/1 bo
both Both incoming and outgoing packets
CORE-SWITCH(config-if-e10000-1/1/1)#monitor ethernet 1/1/1 both
Error - Invalid mirror port 1/1/1
CORE-SWITCH(config-if-e10000-1/1/1)#

GregNI · ‎07-10-2025

Hi,

The last command monitor ethernet both 1/1/1 both should be 1/1/2

ie. monitor ethernet 1/1/2 both

The 'monitor' command says where should I send the data which in this case is 1/1/2

CommScope RUCKUS Community Forums

ICX 7150 Stack Port Mirroring