[j-nsp] M20 port mirroring/
samuel.gay at bt.com
samuel.gay at bt.com
Mon Jul 7 06:01:45 EDT 2008
Hi Nick,
To do port mirroring we have to add this in your configuration:
fe-0/2/3 {
unit 0 {
family inet {
address 20.0.0.1/30 {
# You need an arp entry here so the router can encaps the packet.
arp 20.0.0.2 mac 00:01:6c:fa:9c:71;
}
}
}
}
Regards,
Samuel
-----Message d'origine-----
De : juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-bounces at puck.nether.net] De la part de Nick Kraal
Envoyé : lundi 7 juillet 2008 10:11
À : juniper-nsp at puck.nether.net
Objet : [j-nsp] M20 port mirroring/
Dear all,
We are trying to create a mirrored port on an M20 for an IPS/IDS to monitor. From information on-line, we have come up with the following configuration. Would appreciate it there is some feedback as we currently do not see packets spit out.
Thanks in advance,
-nick/
==============================
ge-0/3/0 {
link-mode full-duplex;
unit 0 {
family inet {
filter {
input mirror_packets;
}
address 192.168.100.1/30;
}
}
}
fe-0/2/3 {
unit 0 {
family inet;
}
}
}
firewall {
family inet {
filter mirror_packets {
term catch_all {
then {
port-mirror;
accept;
}
}
}
}
}
forwarding-options {
port-mirroring {
input {
family inet {
rate 1;
}
}
output {
interface fe-0/2/3.0;
no-filter-check;
}
}
}
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list