Example for Configuring Local MAC Address Mirroring

Networking Requirements

In Figure 1, all the hosts of a company access the Internet through the Switch and belong to VLAN 10. The monitoring device (Server) is directly connected to the Switch.

Internet-bound traffic from HostA (with a MAC address 0001-0001-0001) needs to be monitored by the Server.

Figure 1 Local MAC address mirroring networking

Configuration Roadmap

Create VLAN 10 on the Switch and add the ports connected to hosts to VLAN 10 so that the hosts can communicate with the Switch at Layer 2.
Configure GE0/0/4 of the Switch as a local observing port to forward mirrored packets to the Server.
Configure MAC address mirroring in VLAN 10 to copy Internet-bound traffic from the host with a specified MAC address in VLAN 10 and send the traffic to the local observing port.

Procedure

Add ports to a VLAN.

# Create VLAN 10 on the Switch and add GE0/0/1 through GE0/0/3 to VLAN 10.

<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 10
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type access
[Switch-GigabitEthernet0/0/1] port default vlan 10
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type access
[Switch-GigabitEthernet0/0/2] port default vlan 10
[Switch-GigabitEthernet0/0/2] quit
[Switch] interface gigabitethernet 0/0/3
[Switch-GigabitEthernet0/0/3] port link-type access
[Switch-GigabitEthernet0/0/3] port default vlan 10
[Switch-GigabitEthernet0/0/3] quit

Configure an observing port.
# Configure GE0/0/4 on the Switch as a local observing port.
```
[Switch] observe-port 1 interface gigabitethernet 0/0/4
```
# Disable the observing port from forwarding data packets.
```
[Switch] observe-port 1 forwarding disable
```
Configure MAC address mirroring.
# On the Switch, configure MAC address mirroring in VLAN 10 and copy the packets that are received by all the active ports in VLAN 10 and contain a MAC address 0001-0001-0001 to the local observing port.
```
[Switch] vlan 10
[Switch-vlan10] mac-mirroring 0001-0001-0001 to observe-port 1 inbound
[Switch-vlan10] return
```

Verify the configuration.

# Check the observing port configuration.

<Switch> display observe-port
  ----------------------------------------------------------------------
  Index          : 1
  Untag-packet   : No
  Forwarding     : No
  Interface      : GigabitEthernet0/0/4
  ----------------------------------------------------------------------

# Check the mirroring configuration.

<Switch> display port-mirroring
  ----------------------------------------------------------------------
  Observe-port 1 : GigabitEthernet0/0/4
  ---------------------------------------------------------------------- 
  Mac-mirror:
  ----------------------------------------------------------------------
  Mirror-mac       Vlan    Direction     Observe-port
  ----------------------------------------------------------------------
  0001-0001-0001   10      Inbound       Observe-port 1
  ----------------------------------------------------------------------