[j-nsp] Port mirring on MX80 to tagged interface
Ben Hammadi, Kayssar (NSN - TN/Tunis)
kayssar.ben_hammadi at nsn.com
Mon Mar 17 03:48:37 EDT 2014
Hi Chris,
I have the below config running on MX80 without issues ( 4 inline instances ) , is there any particular reason to send traffic to a tagged unit instead of physical interface ?
chassis {
fpc 1 {
port-mirror-instance vlan106;
port-mirror-instance vlan109;
}
}
interfaces {
interface-range GE {
member-range ge-1/0/0 to ge-1/1/9;
speed 100m;
}
xe-0/0/0 {
unit 0 {
family inet {
address 10.255.172.162/30 {
arp 10.255.172.161 mac 00:01:02:03:04:06;
}
}
}
}
xe-0/0/1 {
unit 0 {
family inet {
address 10.255.173.162/30 {
arp 10.255.173.161 mac 00:01:02:03:04:09;
}
}
}
}
ge-1/0/0 {
unit 0 {
family inet {
address 10.255.171.162/30 {
arp 10.255.171.161 mac 00:01:02:03:04:08;
}
}
}
}
ge-1/1/6 {
unit 0 {
family inet {
address 10.255.170.162/30 {
arp 10.255.170.161 mac 00:01:02:03:04:07;
}
}
}
}
ge-1/1/7 {
passive-monitor-mode;
vlan-tagging;
speed 100m;
unit 101 {
vlan-id 101;
family inet {
filter {
input VL101;
}
}
}
unit 103 {
vlan-id 103;
family inet {
filter {
input VL103;
}
}
}
unit 106 {
vlan-id 106;
family inet {
filter {
input VL106;
}
}
}
unit 109 {
vlan-id 109;
family inet {
filter {
input VL109;
}
}
}
}
}
forwarding-options {
port-mirroring {
instance {
vlan106 {
input {
rate 1;
run-length 1;
maximum-packet-length 9216;
}
family inet {
output {
next-hop-group VL106;
}
}
}
vlan109 {
input {
rate 1;
run-length 1;
maximum-packet-length 9216;
}
family inet {
output {
interface ge-1/1/6.0 {
next-hop 10.255.170.161;
}
no-filter-check;
}
}
}
vlan101 {
input-parameters-instance vlan106;
family inet {
output {
interface xe-0/0/0.0 {
next-hop 10.255.172.161;
}
}
}
}
vlan103 {
input-parameters-instance vlan106;
family inet {
output {
interface xe-0/0/1.0 {
next-hop 10.255.173.161;
}
}
}
}
}
}
next-hop-group VL106 {
group-type inet;
interface ge-1/0/0.0 {
next-hop 10.255.171.161;
}
}
}
firewall {
family inet {
filter VL106 {
term 1 {
then {
count VL106;
port-mirror-instance vlan106;
next term;
}
}
term 2 {
then accept;
}
}
filter VL109 {
term 1 {
then {
count VL109;
port-mirror-instance vlan109;
next term;
}
}
term 2 {
then accept;
}
}
filter VL101 {
term 1 {
then {
count VL101;
port-mirror-instance vlan101;
next term;
}
}
term 2 {
then accept;
}
}
filter VL103 {
term 1 {
then {
count VL103;
port-mirror-instance vlan103;
next term;
}
}
term 2 {
then accept;
}
}
}
}
BEN HAMMADI Kayssar
NOKIA SOLUTION NETWORKS
Lead Engineer -BroadBand Connectivity
JNCIE-M (#471), JNCIE-SP (#1147), CCIP
Mobile : +216 29 349 952 / +216 98 349 952
More information about the juniper-nsp
mailing list