OcNOS SP : Layer 2 Guide : Layer 2 Command Reference : Traffic Mirroring Commands
Traffic Mirroring Commands
This chapter provides a description of syntax, and examples for Traffic Mirroring. It includes the following commands:
no shut
shut
filter
monitor session
Use this command to create a local or remote monitor session. By default, a local monitor session is created.
A monitor session consists of:
A single destination interface, referred to as a mirror-to port or a single remote destination
One or more source interfaces (egress, ingress, or both)
One or more VLAN sources in the ingress direction
One or more filters that can be applied to filter the mirrored packets
Use the no parameter to delete a monitor session.
Command Syntax
monitor session <1-18> ( | type ( local | remote ))
no monitor session ( <1-18> | all )
Parameters
<1-18>
Session number
local
Create a local session
remote
Create a remote source node session
all
All sessions
Default
By default, monitor session type is local and will not be active by default
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#monitor session 1
(config-monitor)#exit
(config)#monitor session 3 type remote
(config-monitor)#exit
(config)#no monitor session 1
monitor session shut
Use this command to deactivate one monitor session.
Use the no parameter to activate one monitor session.
Command Syntax
monitor session <1-18> shut
no monitor session <1-18> shut
Parameters
<1-18>
Session number
Default
Monitor session will not be active by default
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#monitor session 3 shut
 
(config)#no monitor session 3 shut
 
 
source interface
Use this command to configure a source port per monitor session in either ingress or egress or both directions. Source port can be physical interface or a trunk port.
Use the no parameter to remove the source port.
Note: The behavior is changed when the configuration is edited in the current release: For example, if you have configured as follows
source interface xe10 rx → running-config/backend: source interface xe10 rx
source interface xe10 tx → running-config/backend: source interface xe10 both
its direction is changed to as follows
source interface xe10 rx → running-config/backend: source interface xe10 rx
source interface xe10 tx → running-config/backend: source interface xe10 tx
Command Syntax
source interface IFNAME ( rx | tx | both | )
no source interface IFNAME
Parameters
IFNAME
Interface name
rx
Ingress direction
tx
Egress direction
both
Both directions
Default
Source port will be mirrored for both directions if the direction is not specified
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#monitor session 1
(config-monitor)#source interface xe1 both
(config-monitor)#no source interface xe1
source vlan
Use this command to configure one or more VLANs as source per monitor session. A VLAN as source will be mirrored only in the ingress direction. Up to 32 VLANs can be configured as source per monitor session.
Use the no parameter to remove vlan source from monitor session.
Command Syntax
source vlan VLAN_RANGE
no source vlan VLAN_RANGE
Parameters
VLAN_RANGE
VLAN identifier or VLAN identifier range
Default
A trunk port is a member of all VLANs by default.
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#monitor session 1
(config-monitor)#source vlan 2
(config-monitor)#source vlan 4-10
(config-monitor)#no source vlan 2-5,10
destination interface
Use this command to configure a mirror-to port per local monitor session. A destination port can be a physical port or a trunk port.
Use the no parameter to remove the destination port from a local monitor session.
Note: For the monitor sessions, the destination interface should be an switchport with no service attached. This port will not participate in L2/L3 packet forwarding.
Command Syntax
destination interface IFNAME
no destination interface IFNAME
Parameters
IFNAME
Interface name
Default
No default value is specified
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface xe3
(config-if)#switchport
(config-if)#exit
(config)#monitor session 1
(config-monitor)#destination interface xe3
(config-monitor)#no destination interface xe3
no shut
Use this command to activate a monitor session
Command Syntax
no shut
Parameters
None
Default
Monitor session will not be active by default.
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#monitor session 3
(config-monitor)#no shut
shut
Use this command to de-activate a monitor session.
Command Syntax
shut
Parameters
None
Default
Monitored session is not active by default.
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#monitor session 3
(config-monitor)#shut
filter
Use this command to add filters to the monitor session. Filters can be applied only in case of ingress mirroring. The configuration of sequence identifier for each rule is optional, but even if it is not configured explicitly, it will always be generated and in steps of 10.
Use the no parameter to remove the filter from monitor session.
Command Syntax
(<1-268435453>/<1-4294967294> |) filter {vlan VLAN_RANGE| cos <0-7> | dest-mac (host XXXX.XXXX.XXXX | XXXX.XXXX.XXXX XXXX.XXXX.XXXX) | src-mac (host XXXX.XXXX.XXXX | XXXX.XXXX.XXXX XXXX.XXXX.XXXX) | frame-type (ETHTYPE | arp (req | resp|) (sender-ip A.B.C.D|) (target-ip A.B.C.D|) | ipv4 (src-ip (A.B.C.D | A.B.C.D/M)|) (dest-ip (A.B.C.D | A.B.C.D/M)|) | ipv6 (src-ip X:X::X:X/M |) (dest-ip X:X::X:X/M |))}
no (<1-268435453>/<1-4294967294>) filter
Parameters
(<1-268435453>/<1-4294967294> |)
 
Sequence identifier for each rule.
<2-4094>
VLAN identifier
<0-7>
COS number
XXXX.XXXX.XXXX
MAC address
ETHTYPE
Ethertype
arp
ARP frames
req
Request frames
resp
Response frames
A.B.C.D
Single IP address
A.B.C.D/M
IP addresses with mask
X:X::X:X/M
IPv6 addresses with mask
Default
No default value is specified.
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#monitor session 3
(config-monitor)#filter dest-mac host 0000.0001.2421 frame-type ipv4
(config-monitor)#filter cos 3 frame-type arp req sender-ip 2.2.2.1
(config-monitor)#35 filter vlan 200
(config-monitor)#no 10 filter
(config-monitor)#no 20 filter
(config-monitor)#no 35 filterr
 
description
Use this command to add a description to the monitor session.
Use the no parameter to delete a description of the monitor session.
Command Syntax
description LINE
no description
Parameters
LINE
Enter the description string
Default
No default value is specified.
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#monitor session 3
(config-monitor)#description “port mirror rx”
(config-monitor)#no description
remote destination
Use this command to configure a destination VLAN and the reflector port for the remote monitor session.
Use the no parameter to remove a destination from a remote monitor session.
Command Syntax
destination remote vlan <2-4094> reflector-port IFNAME
no destination remote
Parameters
<2-4094>
VLAN identifier
IFNAME
Interface name
Default
No default value is specified
Command Mode
Monitor configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#no vlan 900 bridge 1
(config)#interface xe3
(config-if)#switchport
(config)#monitor session 1
(config-monitor)#destination remote vlan 900 reflector-port xe3
(config-monitor)#no destination remote
show monitor
Use this command to display states of all monitor sessions. If a session is down, the reason is displayed.
Command Syntax
show monitor
Parameters
None
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show monitor
Session State Reason Description
------- ----------- ---------------------- --------------------------------
1 down No sources configured
2 down Dst in wrong mode
show monitor session
Use this command to display the configuration details of one or more monitor sessions.
Command Syntax
show monitor session (<1-18>|all|(range RANGE)) (brief|)
Parameters
<1-18>
Session number
all
All sessions
RANGE
Session number range (n1-n2)
brief
Brief information
Command Mode
Exec mode or Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show monitor session 1
session 1
---------------
type : local
state : down (Session admin shut)
source intf :
tx : xe1 xe3 xe4
rx : xe2 xe3 xe4
both : xe3 xe4
source VLANs :
rx : 2,5-10,15,18-20
destination ports : xe5
filter count :
 
Legend: f = forwarding enabled, l = learning enabled
#
 
Table 7-21 Explains the show command output fields
Table 7-21: Show monitor session output fields
Field
Description
Type
Type of monitor session.
State
State of the security flow filter.
Rx
Incoming flow (source and destination IP addresses).
Tx
Reverse flow (source and destination IP addresses).
Both
Incoming and reverse flow (source and destination IP address)
Destination Port
Name of the destination port to be matched.
Source intf
Number of maximum intf central source session.
Source VLANs
Number of maximum VLANs central source session.
Filter count
Used to count number of lines in a file or table.
 
show filter
Use this command to display filters for one or more monitor sessions.
Command Syntax
show monitor session (<1-18>|all|(range RANGE)) filter
Parameters
<1-18>
Session number
all
All sessions
RANGE
Session number range (n1-n2)
Command Mode
Exec mode or Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show monitor session 1 filter
session 1
---------------
filter count : 3
---------------
 
match set 1
---------------
destination mac address : 0000.0002.4451 (host)
source mac address : 0000.0012.2288 (host)
---------------
 
match set 2
---------------
frame type : arp
sender ip address : 2.2.2.5
target ip addres : 2.2.2.8
---------------
 
match set 3
---------------
destination mac address : 0000.0001.1453 (host)
frame type : ipv4
source ip address : 3.3.3.5
#
show monitor running configuration
Use this command to display the mirror-related running configuration.
Command Syntax
show running-config monitor (all|)
Parameters
all
Show running configuration with defaults
Command Mode
Exec mode or Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show running-config monitor
!
monitor session 1
source interface xe10 rx
destination interface po1
no shut
 
#