Example for Configuring Local VLAN Mirroring

Networking Requirements

In Figure 1, all the hosts of a company access the Internet through the Switch. The monitoring device (Server) is directly connected to the Switch.

Internet-bound traffic from hosts in VLAN 10 needs to be monitored by the Server.

Figure 1 Local VLAN mirroring networking

Configuration Roadmap

Create VLAN 10 and 20 on the Switch and add the ports connected to hosts to VLAN 10 and 20 respectively so that the hosts can communicate with the Switch at Layer 2.
Configure GE0/0/3 of the Switch as a local observing port to forward mirrored traffic to the Server.
Configure VLAN mirroring to copy Internet-bound traffic from all the hosts in VLAN 10 and send the traffic to the local observing port.

Procedure

Add ports to a VLAN.

# Create VLAN 10 and 20 on the Switch and add GE0/0/1 and GE0/0/2 to VLAN 10 and 20 respectively.

<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 10
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type access
[Switch-GigabitEthernet0/0/1] port default vlan 10
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type access
[Switch-GigabitEthernet0/0/2] port default vlan 20
[Switch-GigabitEthernet0/0/2] quit

Configure an observing port.
# Configure GE0/0/3 on the Switch as a local observing port.
```
[Switch] observe-port 1 interface gigabitethernet 0/0/3
```
# Disable the observing port from forwarding data packets.
```
[Switch] observe-port 1 forwarding disable
```
Configure VLAN mirroring.
# Copy the packets received by all the active ports in VLAN 10 to the local observing port.
```
[Switch] vlan 10
[Switch-vlan10] mirroring to observe-port 1 inbound
[Switch-vlan10] return
```

Verify the configuration.

# Check the observing port configuration.

<Switch> display observe-port
  ----------------------------------------------------------------------
  Index          : 1
  Untag-packet   : No
  Forwarding     : No
  Interface      : GigabitEthernet0/0/3
  ----------------------------------------------------------------------

# Check the mirroring configuration.

<Switch> display port-mirroring
  ----------------------------------------------------------------------
  Observe-port 1 : GigabitEthernet0/0/3
  ----------------------------------------------------------------------
  Vlan-mirror:
  ----------------------------------------------------------------------
  Mirror-vlan              Direction     Observe-port
  ----------------------------------------------------------------------
  10                       Inbound       Observe-port 1
  ----------------------------------------------------------------------