Although you can configure the switch to monitor both ingress and egress traffic, some restrictions apply:
The software does not support true egress mirroring because packets are mirrored prior to the completion of packet processing, so egress mirrored packets can differ from the packets egressing the port.
Note
To mirror the egress traffic, you can use the NEXT-hop device ingress mirroring to capture the egress packets of the switch.
Mirrored traffic shares ingress queue and fabric bandwidth with normal traffic and therefore can impact normal traffic. Therefore, use these features with this potential consequence in mind and enable them only for troubleshooting, debugging, or for security purposes such as packet sniffing, intrusion detection, or intrusion prevention.
You can configure as many ingress mirroring flows as you have filters.
To avoid VLAN members from seeing mirrored traffic, you must remove mirroring (destination) ports from all VLANs.
The MAC drops an error packet, for example, packets that are too short or too long. Control packets consumed by the MAC (802.3x flow control) are also not mirrored.
Certain control packets generated by the CP cannot be egress mirrored, such as those in the following list:
BPDU
EAPoL
IP Directed Broadcast
LACP
LLDP
Multicast routed packets
NAAP
NLB
Nodal CFM
TDP
VLACP
The system displays ingress multicast packets in egress mirroring.
On the VSP 7400 Series, if incoming traffic from the same source port is simultaneously ingress mirrored on an incoming port into one I-SID and egress mirrored on another outgoing port into a different I-SID, the mirrored packet carries an I-SID associated with ingress mirroring.
On the VSP 7400 Series, any incoming traffic that does not contain a VLAN tag is not mirrored into an I-SID if the offset ID is in the range 2 to 1000. It is mirrored to an I-SID only if the offset ID is 1.
To use an Extreme Integrated Application Hosting port with a connect type as OVS or SR-IOV for Port Mirroring, associate VLAN 4091 to the virtual machine (VM) vport to send the mirrored packets to the VM.
Port mirroring resources are limited to four ports simultaneously (where each mirroring direction counts as one). For example, if two mirroring ports are designated to mirror both ingress and egress traffic then all four mirroring ports are consumed.
Important
To enable any one of the preceding applications, you must have at least one free mirroring resource. If all four port mirroring resources are already in use, the switch displays a Resource not available error message when you try to enable the application.
If you receive a Resource not available error message, you can use the show mirror-resources command to view information about mirror resource usage. For more information, see Display Mirror Resource Usage.