Flowmirror
The diagnostics flowmirror allows you to set up a mirror from a chosen source port or LAG and mirror it to a destination port. It can also be mirrored to eth2 on the CPU for the purpose of tcpdump captures or wireshark remote captures.
.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kemY4dnF2MjRlcWhnLmNsb3VkZnJvbnQubmV0L3VzZXJmaWxlcy80MTcwMy81NDk1Mi9ja2ZpbmRlci9pbWFnZXMvcXUvMjAyNi9pbWFnZSgxMCkucG5nIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNzgyODQ3MDkyfX19XX0_&Signature=ltOfBY2xhr7ho9vFGfKmKmD~nG~9rJQVXUNX6996i5YYEK~HxoQ1IBgUITHlrgSnTRn-FKq0Q3MTl7Qsi8HS74x30CDb4vw4bb-laxMERSWMQnOvzWwzizM6kE6IkuA9LI~Cc3NkdXnNk5Us576ikTevPPdZZimviJpmY2kzAFTBztknADqL7eL7-A1GvbkGpe9r758FGot-3UXP0J7OjyV0jMDa~ul7hOszYtlLH5mFFQKbwAhrTtRkxRi6oGTUvv0kOnXO-w0SmWn6C-LZKy-gv2GNGwLnxEHoOM4jXN62vRJBjVmgfgBTrdR3tC27XTZy96-rBGvEzlTQwxLwcQ__&Key-Pair-Id=K2TK3EG287XSFC)
Diagnostics Flowmirror Attributes
| Attribute | Values | Default | Req | Description |
|---|---|---|---|---|
| Flowmirror | Action to mirror traffic over to a CPU or uplink port for monitoring purposes. | |||
| Enable | Enable | disable | Whether to enable or disable flowmirroring. | ||
| Dir | ngress | egress | both | Both | Y | Which directions to monitor. ingress – incoming packet monitor. egress – outgoing packet monitor both – monitor both ingress and egress packets |
| Net-interface | NET1..NET12 | N/A | Y | When using an Uplink NET as the source, this specifies the name of the NET interface to mirror. |
| NNI-interface | SFP1-1-1.. SFP1-1-4 QSFP1-2-1.. QSFP1-2-6 |
N/A | Y | When using a single port as a mirror source, this specifies the name of the NET interface to mirror. |
| Pon-interface | MDS1-1-1.. MDS1-1-16 |
N/A | Y | When using a PON port as the mirror source, this specifies the name of the PON port to mirror. |
| Target | CPU | SFP1-1-1.. SFP1-1-4 | QSFP1-2-1.. QSFP1-2-6 |
N/A | Y | Default is CPU when using the mirror for tcpdump or rpcap. When doing a mirror for external monitoring with a security appliance or directly capturing, you can specify a target port to send the traffic to. |
| Vlan | <vlan id> | any | Can mirror a single vlan 1..4095 or use any to monitor all vlans. | ||
- Command Path – tolt>diagnostics>Flowmirror
- Module – tolt
- Container – diagnostics
- Action – Flowmirror – Action to mirror traffic over to a CPU or uplink port for monitoring purposes.
- Types –
- Enable – Whether to enable or disable flowmirroring.
- Enable | disable
- Dir – Which directions to monitor.
- ingress – incoming packet monitor.
- egress – outgoing packet monitor.
- both – monitor both ingress and egress packets.
- Net-interface – When using an Uplink NET as the source, this specifies the name of the NET interface to mirror.
- NET1..NET12
- Nni-interface – When using a single port as a mirror source, this specifies the name of the NET interface to mirror.
- SFP1-1-1..SFP1-1-4
QSFP1-2-1..QSFP1-2-6
- SFP1-1-1..SFP1-1-4
- Pon-interface – When using a PON port as the mirror source, this specifies the name of the PON port to mirror
- MDS1-1-1..MDS1-1-16
- Target – Default is CPU when using the mirror for tcpdump or rpcap. When doing a mirror for external monitoring with a security appliance or directly capturing, you can specify a target port to send the traffic to.
- CPU | SFP1-1-1..SFP1-1-4 | QSFP1-2-1..QSFP1-2-6
- Vlan – The VLAN to capture on.
- Vlanid or any
- Enable – Whether to enable or disable flowmirroring.
Diagnostics Flowmirror Enable Example
This example will mirror the uplink NET1 interface into the CPU.
- Command Path – tolt>diagnostics>flowmirror>
- Module – tolt
- Container – diagnostics
- Command – flowmirror
- Action – enabe
- Types – Example Parameters
- dir
- both
- net-interface NET1
- vlan any
- From the MDS1-ESUA# command line, input tolt diagnostics flowmirror dir both net-interface NET1 vlan any, and press Enter. Output similar to the following is displayed:
MDS1-ESUA# tolt diagnostics flowmirror dir both net-interface NET1 vlan any <enter> action-success true reason MDS1-ESUA# _
This example will mirror the PON interface into the CPU.
- Command Path – tolt>diagnostics>Flowmirror>
- Module – tolt
- Container – diagnostics
- Command – flowmirror
- Action – enable
- Types – Example Parameters
- dir
- both
- pon-interface mds1-1-1
- vlan any
- From the MDS1-ESUA# command line, input tolt diagnostics flowmirror dir both pon-interface mds1-1-1 vlan any, and press Enter. Output similar to the following is displayed.
MDS1-ESUA# tolt diagnostics flotmirror dir both pon-interface mds1-1-1 vlan any <enter> action-success true reason MDS1-ESUA# _
This example will mirror a single uplink interface into the CPU.
- Command Path – tolt>diagnostics>flowmirror>
- Module – tolt
- Container – diagnostics
- Command – flowmirror
- Action – enable
- Types – Example Parameters
- dir
- both
- nni-interface mds-1-1-1
- vlan any
- From the MDS1-ESUA# command line, input tolt diagnostics flowmirror dir both nni-interface mds-1-1-1 vlan any, and press Enter. Output similar to the following is displayed.
MDS1-ESUA# tolt diagnostics flotmirror nni-interface mds1-1-1 dir both net-interface NET1 vlan any <enter> action-success true reason MDS1-ESUA# _Diagnostics Flowmirror Disable Example
This example will disable Flowmiroring.
- Command Path – tolt>diagnostics>flowmirror>
- Module – tolt
- Container – diagnostics
- Command – flowmirror
-
Action – disable
- From the MDS1-ESUA# command line, input tolt diagnostics flowmirror disable, and press Enter. Output similar to the following is displayed.
MDS1-ESUA# tolt diagnostics disable <enter>
action-success true
reason
MDS1-ESUA# _
|