[f-nsp] How-to make an ingress - egress VLAN mirror on a XMR?
Justin Suyk - Signet BV
jsuyk at signet.nl
Thu Apr 12 03:48:22 EDT 2012
Hi List,
We are using Brocade XMR routers and on one of these devices we need to
make a mirror of a specific VLAN. Normally we would use a port mirror,
but with the VLAN residing on a 10Gb port, this is not an option.
I've found a doc on the Brocade site explaining on how-to do this
(http://community.brocade.com/docs/DOC-2413), but I think that this is
for ingress only, this after some testing. I've created a testsetup;
On another XMR I've created a VLAN (VLAN 60)+ VE and in the vlan I've
added two tagged ports, ethe 2/19 and 2/20. Port 2/10 will be the
mirror-port, the source-port will be 2/19. On the VE, a /29 subnet is
configured.
On each of the tagged ports I've connected a switch and each switch has
one IP address out of the /29. I then ping switch B from switch A (this
is working).
I then created the mirror:
/XMR# access-list 400 permit any any 60 mirror
XMR# access-list 400 permit any any
XMR# interface ethernet 2/19
XMR# mac access-group 400 in
XMR# acl-mirror-port ethernet 2/10/
When I hookup a laptop on port 2/10 and look via tcpdump, I'm not
receiving ingress and egress traffic, I'm only seeing the ping requests
or the ping replies (depending which switch sends the ping requests),
but not both. Is there a way to configure a VLAN mirror so that we can
see both ingress and egress traffic?
Thanks!
--
With regards,
Signet bv
Justin Suyk
T 040 - 707 4 907
F 040 - 707 4 909
Kvk 17089930
helpdesk at signet.nl
altijd online?www.signet.nl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20120412/61b471a2/attachment.html>
More information about the foundry-nsp
mailing list