[j-nsp] port mirroring irb interface
Mohammad Salbad
masalbad at gmail.com
Mon Aug 6 06:45:13 EDT 2012
Dear All
We are trying to configure port mirroring on MX960 router running version
10.2R3.10 as below:
PC1 (10.10.10.2) connected to port ge-11/0/3 bridge domain 3000 irb.3000
10.10.10.1
PC2 (30.30.30.2) connected to port ge-11/1/2 bridge domain 3001 irb.3001
30.30.30.1
Capture PC (20.20.20.2) connected to port ge-11/0/6 mirroring port
We ping from PC1 to PC2 and trying to see the ping on wireshark of capture
PC but with no success!!!
Below are the related configuration:
XYZ# show bridge-domains
capture {
domain-type bridge;
interface ge-11/0/6.0;
}
Test-1 {
domain-type bridge;
vlan-id 3000;
routing-interface irb.3000;
}
Test-2 {
domain-type bridge;
vlan-id 3001;
routing-interface irb.3001;
}
XYZ# show interfaces ge-11/0/3
speed 100m;
unit 0 {
family bridge {
interface-mode access;
vlan-id 3000;
}
}
XYZ# show interfaces ge-11/1/2
speed 100m;
unit 0 {
family bridge {
interface-mode access;
vlan-id 3001;
}
}
XYZ# show interfaces ge-11/0/6
speed 100m;
unit 0 {
family inet {
address 20.20.20.1/30 {
arp 20.20.20.2 mac 44:1e:a1:df:98:f5;
}
}
}
XYZ# show interfaces irb.3000
family inet {
filter {
input IRB;
}
address 10.10.10.1/30;
}
XYZ# show interfaces irb.3001
family inet {
filter {
input IRB;
}
address 30.30.30.1/30;
}
XYZ# show forwarding-options port-mirroring
input {
rate 1;
run-length 1;
}
family inet {
output {
interface ge-11/0/6.0 {
next-hop 20.20.20.2;
}
}
}
XYZ# show firewall family inet filter IRB
term all {
then {
port-mirror;
accept;
}
}
for your kind assistance
MSalbad
More information about the juniper-nsp
mailing list