< Home

Port Mirroring

Port mirroring allows you to copy traffic received or sent by a mirrored port to an observing port. Depending on the observing port type, port mirroring is classified into local port mirroring and Layer 2 remote port mirroring

Local Port Mirroring

Local port mirroring copies traffic to an observing port that is directly connected to a monitoring device. Figure 1 shows that a local observing port forwards the traffic copied from a mirrored port to the directly connected monitoring device.

Figure 1 Local port mirroring

Layer 2 Remote Port Mirroring

Layer 2 remote port mirroring copies traffic to an observing port that is connected to a monitoring device across a Layer 2 network. Figure 2 shows the process of mirrored traffic forwarding in Layer 2 remote port mirroring.

  1. The mirrored port copies original traffic and sends them to the Layer 2 remote observing port.
  2. The Layer 2 remote observing port receives the mirrored traffic from the mirrored port, adds another VLAN tag (VLAN 20) to the original traffic tagged with VLAN 10, and then forwards the traffic to the intermediate Layer 2 network. Note that in this step, you can directly specify VLAN 20 while configuring the Layer 2 remote observing port, without the need to add the port to VLAN 20.
  3. SwitchC receives the mirrored traffic sent from the Layer 2 remote observing port and then forwards the traffic to the monitoring device. To enable SwitchB, SwitchC, and the monitoring device to communicate at Layer 2, you need to add the ports connecting the intermediate Layer 2 device (SwitchC) to the Layer 2 remote observing port and monitoring device to VLAN 20.

In Layer 2 remote mirroring, a Layer 2 remote observing port is connected to a monitoring device across a Layer 2 network, so a VLAN on this Layer 2 network needs to be reserved for mirrored traffic forwarding. This VLAN is similar to VLAN 20 in Figure 2 and is called Layer 2 remote mirroring VLAN.

  • Create this VLAN and add ports to the VLAN on all intermediate devices in the Layer 2 network across which an observing port is connected to a monitoring device so that mirrored traffic can be flooded through the VLAN to the monitoring device.
  • Disable MAC address learning in this VLAN on all intermediate devices.
  • This VLAN cannot be the VLAN to which the original traffic belongs.
Figure 2 Layer 2 remote port mirroring
Parent Topic: Understanding Mirroring
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >