Configure ACEs for Mirroring
Before you begin
The ACL exists.
The ACE exists.
About this task
Configure actions to use filters for flow mirroring. Use an ACE to define the mirroring actions the filter performs.
If you use the mirror action, ensure that you specify the mirroring destination: IP address, MLTs, ports, or VLANs.
Procedure
- In the navigation pane, expand .
- Click Advanced Filters (ACE/ACLs).
- Click the ACL tab.
- Select the ACL for which to modify an ACE.
- Click ACE.
- Select an ACE, and then click Action.
- Configure one of: DstPortList, DstMltId, or DstIp.
- Click Apply.
Action Field Descriptions
Use the data in the following table to use the Action tab.
Note
The table lists the options for both Security ACEs and QoS ACEs. Dependent upon the ACE the system displays different options on the EDM interface.
|
Name |
Description |
|---|---|
|
AclId |
Specifies the ACL ID. |
|
AceId |
Specifies a unique identifier and priority for the ACE. |
|
Mode |
Indicates the operating mode associated with this ACE. Valid options are deny, permit and none. The default is none. |
|
RemarkDscp |
Specifies the new Per-Hop Behavior (PHB) for matching packets: phbcs0, phbcs1, phbaf11, phbaf12, phbaf13, phbcs2, phbaf21, phbaf22, phbaf23, phbcs3, phbaf31, phbaf32, phbaf33, phbcs4, phbaf41, phbaf42, phbaf43, phbcs5, phbef, phbcs6, phbcs7. This action is a QoS action. The ACE ID must be in the range of 1001–2000. |
|
RemarkDot1Priority |
Specifies the new 802.1 priority bit for matching packets: zero, one, two, three, four, five, six, or seven. This action is a QoS action. The ACE ID must be in the range of 1001–2000. The default is disable. |
|
InternalQoS |
This variable is a QoS action. The ACE ID must be in the range of 1001–2000. The default value is 1. |
|
RedirectNextHop |
Redirects matching IP traffic to the next hop. The default is 0.0.0.0. |
|
RedirectUnreach |
Configures the desired behavior for redirected traffic when the specified next-hop is not reachable. The default value is deny. |
|
Count |
Enables the ability to count matching packets. Use this parameter with either a security or QoS ACE. The default is disabled. |
|
Log |
This action logs to the switch. Use this parameter with either a security or QoS ACE. The default is disabled. |
|
DstPortList |
Specifies the ports to which to mirror traffic. |
|
DstMltId |
Specifies the Multilink Trunking (MLT) group to which to mirror traffic. |
|
DstIp |
Configures mirroring to a destination IP address for flow-based mirroring. |
|
DstIpDscp |
Optionally, configures the DSCP value. The default is 256 (disabled). |
|
DstIpTtl |
Optionally, configures the time-to-live value. The default TTL is 64. |