enable mirror to remote-ip

enable mirror {mirror_name} to remote-ip remote_ip_address {{vr} vr_name} {priority priority_value} {from [source_ip_address | auto-source-ip]} {ping-check [on | off]}]

Description

Enables traffic to be mirrored to the specified remote IPv4 destination address encapsulated in a GRE tunneled packet.

Syntax Description

mirror_name Specifies the mirror instance name.
remote-ip Specifies to send mirrored packets to specified destination remote IP address.
remote_ip_address Specifies the remote destination IP address for mirrored packets.
vr Specifies a virtual router of the remote IP address.
vr_name Specifies the virtual router name. If not specified, VR of current command context is used.
from Configures source IP address of encapsulated mirrored packets.
source_ip_address Specifies the local source IPv4 address for encapsulated mirrored packets.
auto-source-ip Automatically use source IP address of egress VLAN to be used to reach remote IP address.
ping-check Configure ping health check for remote IP address.
on Only send mirrored packets to remote IP address if periodic pings to remote IP address are successful (default).
off Send mirrored packets to remote IP address without any ping health check, assuming MAC address and port of next hop IP address are static or learned.
priority Configures a unique priority value for each redundant remote IP address of a mirror instance.
priority_value

Sets the unique priority value for the remote IP address.

The priority value must be unique for each remote IP address in the mirror instance.

The range is from 1 (least preferred) to 100 (most preferred). The default is 50.

Default

If a VR is not specified, the VR of the current command context is used.

Ping health check of the remote IP address is enabled unless otherwise specified.

The default priority value is 50.

Usage Guidelines

This command enables hardware mirroring of Ethernet frames to a specified remote IPv4 address, which can reside zero or more router hops away. This is useful for ExtremeAnalytics Application Telemetry or other forms of remote network analysis or monitoring.

Port mirroring configures the switch to copy all traffic associated with one or more ports, VLANS or virtual ports. A virtual port is a combination of a VLAN and a port. The monitor port(s) can be connected to a network analyzer or RMON probe for packet analysis. The switch uses a traffic filter that copies a group of traffic to the monitor port.

Up to 16 mirroring filters and up to four monitor ports can be configured on the switch. After a port has been specified as a monitor port, it cannot be used for any other function. Frames that contain errors are not mirrored.

You cannot run ELSM and mirroring on the same port. If you attempt to enable mirroring on a port that is already enabled for ELSM, the switch returns a message similar to the following:

Error: Port mirroring cannot be enabled on an ELSM enabled port.

For high availability, you can add up to four redundant remote IP addresses. When creating a mirror with this command, you can add one IP address. To add additional remote IP addresses, use the configure mirror mirror_name {to [port port | port-list port_list | loopback port port] | remote-ip {add} remote_ip_address {{vr} vr_name } {from [source_ip_address | auto-source-ip]} {ping-check [on | off]}] {remote-tag rtag | port none} {priority priority_value}command.

Standalone Switches and SummitStacks

The traffic filter can be defined based on one of the following criteria:

SummitStack Only

The traffic filter can be defined based on one of the following criteria:

Example

The following example enables a mirroring instance named "analytics_chicago_1" to mirror packets to the remote IP address 1.2.3.4 with ping health check (default behavior) being performed on the remote IP address:
enable mirror analytics_chicago_1 to remote-ip 1.2.3.4

The following example enables a mirroring instance named "analytics_seattle_2" to mirror packets to the remote IP address 5.6.7.8 from the source IP address 10.1.1.1 without ping health check being performed on the remote IP address:

enable mirror analytics_seattle_2 to remote-ip 5.6.7.8 from 10.1.1.1 ping-check off

History

This command was first available in ExtremeXOS 22.4.

Redundant remote IP addresses capability was added in ExtremeXOS 30.4.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.