Guidelines for Mirroring

The traffic filter on ExtremeSwitching series switches can be defined based on one of the following criteria:

Physical port—All data that traverses the port, regardless of VLAN configuration, is copied to the monitor port(s). You can specify which traffic the port mirrors:
- Ingress—Mirrors traffic received at the port.
- Egress—Mirrors traffic sent from the port.
- Ingress and egress—Mirrors traffic either received at the port or sent from the port.
  If you omit the optional parameters, all traffic is forwarded; the default for port-based mirroring is ingress and egress.
  Note
  You can create an instance where the source is ingress only. When you add a source, pay attention to the monitor port.
VLAN—All packets ingressing any port on a particular VLAN, regardless of the physical port configuration, is copied to the monitor port(s).
Virtual port—All traffic ingressing the switch on a specific VLAN and port combination is copied to the monitor port(s).
IPFIX—mirror the first 15 packets of any IPFIX flow to a port where Purview can receive a copy of the packet for deep packet inspection.
ExtremeSwitching series switches support a maximum of 128 mirroring filters per instance.
ExtremeXOS supports up to 16 monitor ports for one-to-many mirroring.
Only traffic ingressing a VLAN can be monitored; you cannot specify ingressing or egressing traffic when mirroring VLAN traffic and a virtual port filter.
In normal mirroring, a monitor port cannot be added to a load share group. In one-to-many mirroring, a monitor port list can be added to a load share group, but a loopback port cannot be used in a load share group.
Two packets are mirrored when a packet encounters both an ingress and egress mirroring filter.
The configuration of remote-tag does not require the creation of a VLAN with the same tag; on these platforms the existence of a VLAN with the same tag as a configured remote-tag is prevented. This combination is allowed so that an intermediate remote mirroring switch can configure remote mirroring using the same remote mirroring tag as other source switches in the network. Make sure that VLANs meant to carry normal user traffic are not configured with a tag used for remote mirroring.

When a VLAN is created with remote-tag, that tag is locked and a normal VLAN cannot have that tag. The tag is unique across the switch. Similarly if you try to create a remote-tag VLAN where remote-tag already exists in a normal VLAN as a VLAN tag, you cannot use that tag and the VLAN creation fails.

Switching

Routing

Wireless

Management & Automation

Analytics & Visibility

Security & Access Control

Remote

Cloud

Security

Machine Learning

Campus Fabric

Data Center Fabric

Internet of Things

Wi-Fi 6

Primary & Secondary Education (K-12)

Retail

Service Providers

Federal Government

Manufacturing

Higher Education

Healthcare

Hospitality

State & Local Government

Sports & Public Venues

Support Portal

Knowledge Base

Documentation

End of Sale

Policies & Warranties

Training & Courses

Maintenance Services

Premier Services

Professional Services

Managed Services

Guidelines for Mirroring