Example for Configuring Layer 2 Remote MAC Address Mirroring
Networking Requirements
In Figure 1, all the hosts of a company access the Internet through SwitchA and belong to VLAN 10. The monitoring device (Server) is connected to SwitchA through SwitchB.
Internet-bound traffic from HostA (with a MAC address 0001-0001-0001) needs to be monitored by the Server.
Configuration Roadmap
- Create VLAN 10 on SwitchA and add the ports connected to hosts to VLAN 10 so that the hosts can communicate with SwitchA at Layer 2.
- Create VLAN 20 on SwitchB, disable MAC address learning in VLAN 20, and add the ports connected to SwitchA and the Server to VLAN 20 so that SwitchB can communicate with SwitchA and the Server at Layer 2.
- Configure GE0/0/4 of SwitchA as a Layer 2 remote observing port to forward mirrored traffic.
- Configure MAC address mirroring in VLAN 10 to copy Internet-bound traffic from the host with a specified MAC address in VLAN 10 and send the traffic to the Layer 2 remote observing port.
Procedure
- Add ports to VLANs.
# Create VLAN 10 on SwitchA and add GE0/0/1 through GE0/0/3 to VLAN 10.
<HUAWEI> system-view [HUAWEI] sysname SwitchA [SwitchA] vlan batch 10 [SwitchA] interface gigabitethernet 0/0/1 [SwitchA-GigabitEthernet0/0/1] port link-type access [SwitchA-GigabitEthernet0/0/1] port default vlan 10 [SwitchA-GigabitEthernet0/0/1] quit [SwitchA] interface gigabitethernet 0/0/2 [SwitchA-GigabitEthernet0/0/2] port link-type access [SwitchA-GigabitEthernet0/0/2] port default vlan 10 [SwitchA-GigabitEthernet0/0/2] quit [SwitchA] interface gigabitethernet 0/0/3 [SwitchA-GigabitEthernet0/0/3] port link-type access [SwitchA-GigabitEthernet0/0/3] port default vlan 10 [SwitchA-GigabitEthernet0/0/3] quit
# Create VLAN 20 on SwitchB and add GE0/0/1 and GE0/0/4 to VLAN 20.
VLAN 20 is used for forwarding only mirrored packets. If VLAN 20 already exists and has learned MAC address entries, run the undo mac-address vlan vlan-id command in the system view to delete all MAC address entries in VLAN 20.
<HUAWEI> system-view [HUAWEI] sysname SwitchB [SwitchB] vlan 20 [SwitchB-vlan20] mac-address learning disable [SwitchB-vlan20] quit [SwitchB] interface gigabitethernet 0/0/1 [SwitchB-GigabitEthernet0/0/1] port link-type access [SwitchB-GigabitEthernet0/0/1] port default vlan 20 [SwitchB-GigabitEthernet0/0/1] quit [SwitchB] interface gigabitethernet 0/0/4 [SwitchB-GigabitEthernet0/0/4] port link-type trunk [SwitchB-GigabitEthernet0/0/4] port trunk allow-pass vlan 20 [SwitchB-GigabitEthernet0/0/4] return
- Configure an observing port.
# Configure GE0/0/4 of SwitchA as a Layer 2 remote observing port.
[SwitchA] observe-port 1 interface gigabitethernet 0/0/4 vlan 20
# Disable the observing port from forwarding data packets.[SwitchA] observe-port 1 forwarding disable
- Configure MAC address mirroring.
# On SwitchA, configure MAC address mirroring in VLAN 10 and copy the packets that are received by all the ports in VLAN 10 and contain a MAC address 0001-0001-0001 to the Layer 2 remote observing port.
[SwitchA] vlan 10 [SwitchA-vlan10] mac-mirroring 0001-0001-0001 to observe-port 1 inbound [SwitchA-vlan10] return
- Verify the configuration.
# Check the observing port configuration.
<SwitchA> display observe-port ---------------------------------------------------------------------- Index : 1 Untag-packet : No Forwarding : No Interface : GigabitEthernet0/0/4 Vlan : 20 ----------------------------------------------------------------------# Check the mirroring configuration.
<SwitchA> display port-mirroring ---------------------------------------------------------------------- Observe-port 1 : GigabitEthernet0/0/4 ---------------------------------------------------------------------- Mac-mirror: ---------------------------------------------------------------------- Mirror-mac Vlan Direction Observe-port ---------------------------------------------------------------------- 0001-0001-0001 10 Inbound Observe-port 1 ----------------------------------------------------------------------