This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Setting Up Port Monitoring on an ICX Switch

Vásquez_Fer
Moderator
Moderator

‎02-27-2024 09:27 AM - edited ‎02-27-2024 09:30 AM

Overview of Port Mirroring and Monitoring

Port mirroring is an effective network traffic monitoring technique. It involves duplicating each packet entering or leaving a specific port on a network switch and sending this copy to another port for analysis. This technique is particularly useful for diagnostic and debugging purposes, as well as for enhancing network security.

To set up port mirroring, you designate a 'monitor port' from which packets are copied, and a 'mirror port' that receives these copies. Both incoming and outgoing packets from the monitor port are sent to the mirror port. A network analysis tool, like Wireshark, can then be connected to the mirror port to capture and analyze the traffic. This process allows for detailed examination of data packets without interfering with the normal operation of the network.

Standalone(config)# mirror-port ethernet x/x/x - This command designates the connection to the analyzer tool.
Standalone(config)# interface ethernet x/x/x - This command selects the specific interface from which data capture is desired.
Standalone(config-if-e1000-x/x/x)# monitor ethernet x/x/x both - This command establishes the monitoring of the specified interface and directs the traffic to the analyzer tool.

Verification of Configuration:

To verify the configuration, use the "show mirror" command. This will display the current mirror configuration, confirming the setup for traffic capture and analysis.

Here is an example using the given topology. Our objective is to capture traffic from port 1/2/1 and redirect it to an analyzer tool connected to port 1/1/1, where Wireshark is installed.

Topology Wireshark.PNG


Device(config)#mirror-port ethernet 1/1/1
Device(config)#interface ethernet 1/2/1
Device(config-if-e25000-1/2/1)#monitor ethernet 1/1/1 both

Device(config-if-e25000-1/2/1)#show mirror
Mirror port 1/1/1
  Input monitoring      : (U1/M2)   1
  Output monitoring     : (U1/M2)   1

For additional details, please refer to our guides :

Official Guide Port Mirroring and Monitoring Configuration:

https://docs.commscope.com/bundle/fastiron-10010-monitoringguide/page/GUID-7165A5D9-141A-4F23-9965-2...

Official Guide Configuration Notes for Port Mirroring and Monitoring:

https://docs.commscope.com/bundle/fastiron-10010-monitoringguide/page/GUID-8CDDEB0F-08D9-41A9-9681-B...

Monitoring an Individual LAG Port:

https://docs.commscope.com/bundle/fastiron-08095-monitoringguide/page/GUID-35140D88-386B-438B-A700-5...

Best Regards 

Fernando Vasquez 

0 REPLIES 0
Copyright © 2024 Khoros, LLC