07-15-2010 01:26 AM
I have a question regarding mirror ports on RX8’s and 16’s. How many mirror ports can you set up and can you direct traffic from 1 interface to more than one mirror port?
The reason is we mirror traffic from all trunk links to one of our network monitoring stations and also mirror traffic from call manager and voice gateways to an IDS box for call recording. This works fine. However, when we added in a Palo Alto IDS box last week and mirrored the mirrored port we broke voice recording as all calls were recorded only in 1 direction. I know we can’t monitor vlan’s with our version of code but is there anyway around not being able to monitor more than one port?
07-15-2010 08:12 PM
You can monitor input traffic, output traffic, or both.
On a 4 X 10G module, any port can operate as a mirror port and you can configure more than one mirror port. You can configure up to 64 mirror ports. You can configure the mirror ports on different modules and you can configure more than one mirror port on the same module.
Each mirror port can have its own set of monitored ports. For example, you can configure ports 1/1 and 5/1 as mirror ports, and monitor ports 1/2 – 1/8 on port 1/1 and ports 5/2 – 5/8 on port 5/1. The mirror port and monitored ports also can be on different slots.
However, on a 24 X 1G module, you can configure only one mirror port per packet processor (PPCR). For example, if you configure port 3/1 to be mirrored by port 5/1, all other ports that you want to be mirrored must use 5/1 as the mirror port. The following table shows which ports share the same PPCR:
Port Numbers PPCR
1 – 12 1
13 – 24 2
Do you need to think about where to connect devices into a 1g card to meet your mirroring requirements.