The traffic filter on BlackDiamond X8, BlackDiamond 8800 series switches and SummitStack can be defined based on one of the following criteria:
Ingress—Mirrors traffic received at the port.
Egress—Mirrors traffic sent from the port.
Ingress and egress—Mirrors traffic either received at the port or sent from the port.
Note
You can create an instance where the source is ingress only. When you add a source, pay attention to the monitor port.If you omit the optional parameters, all traffic is forwarded; the default for port-based mirroring is ingress and egress.
VLAN—All data to a particular VLAN, regardless of the physical port configuration, is copied to the monitor port(s).
Virtual port—All data specific to a VLAN on a specific port is copied to the monitor port(s).
BlackDiamond X8, BlackDiamond 8800 series switches, and SummitStack support a maximum of 128 mirroring filters per mirroring instance.
ExtremeXOS supports up to 16 monitor ports for one-to-many mirroring.
Only traffic ingressing a VLAN can be monitored; you cannot specify ingressing or egressing traffic when mirroring VLAN traffic.
Ingress traffic is mirrored as it is received (on the wire).
Egress mirrored traffic always egresses the monitor port tagged.
Two packets are mirrored when a packet encounters both an ingress and egress mirroring filter.
With a monitor port or ports on a BlackDiamond X8 series switch, BlackDiamond 8000 series module, a Summit family switch, or a Summit family switch in a SummitStack, all ingress mirrored traffic egressing the monitor port or ports is tagged only if the ingress packet is tagged. If the packet arrived at the ingress port as untagged, the packet egresses the monitor port or ports as untagged.
The configuration of remote-tag does not require the creation of a VLAN with the same tag; on these platforms the existence of a VLAN with the same tag as a configured remote-tag is prevented. This combination is allowed so that an intermediate remote mirroring switch can configure remote mirroring using the same remote mirroring tag as other source switches in the network. Make sure that VLANs meant to carry normal user traffic are not configured with a tag used for remote mirroring.
When a VLAN is created with remote-tag, that tag is locked and a normal VLAN cannot have that tag. The tag is unique across the switch. Similarly if you try to create a remote-tag VLAN where remote-tag already exists in a normal VLAN as a VLAN tag, you cannot use that tag and the VLAN creation fails.