[j-nsp] port mirror to multiple ports on MX80 in inet6
Alex Arseniev
alex.arseniev at gmail.com
Fri Oct 19 05:21:09 EDT 2012
Have you tried PM instances?
----- Original Message -----
From: "Paul Vlaar" <paul at vlaar.net>
To: "Alex Arseniev" <alex.arseniev at gmail.com>
Cc: <juniper-nsp at puck.nether.net>
Sent: Friday, October 19, 2012 9:49 AM
Subject: Re: [j-nsp] port mirror to multiple ports on MX80 in inet6
> Alex,
>
> On 19/10/12 7:33 AM, Alex Arseniev wrote:
>> You could do cascaded PM. In a nutshell:
>> 1/ port-mirror original packet, send the original packet on its way
>> 2/ send the COPY into a loop (cable loop or looped tunnel)
>> 3/ take the looped COPY and mirror it once again, creating 2nd copy.
>> 4/ send 1st copy and 2nd copy on their respective ways.
>
> The problem I see there is how do you configure the [ port-mirroring
> family inet6 ] section with a different output interface on the second
> run once you hit the port-mirror statement in the firewall rule.
>
> forwarding-options {
> port-mirroring {
> family inet6 {
> output {
> interface ge-1/3/2.0 {
> next-hop fdb5:1281:f3cf:c7c4::2;
> }
> no-filter-check;
> }
> }
> }
> }
>
> Can you perhaps send me some example config on how to do this?
>
> What strikes me is that the lack of next-hop-groups for inet6 feels like
> a software limitation.
>
> ~paul
>
>
>
>
>
More information about the juniper-nsp
mailing list