Hi. I need to mirror all trafic that goes through xe-1/2/0 (in&out) to xe-0/2/0.
I created port-mirroring instance and filter but I see no input traffic on Cisco
connected to xe-0/2/0.
laled@juniper-core# show forwarding-options
port-mirroring {
instance {
mirror-to-xe-0-2-0 {
input {
rate 1;
run-length 1;
}
family inet {
output {
interface xe-0/2/0.0 {
next-hop 1.1.1.1;
}
}
}
}
}
}
laled@juniper-core# show interfaces xe-0/2/0
unit 0 {
family inet {
address 1.1.1.2/30 {
arp 1.1.1.1 mac 00:1f:9e:d1:51:80;
}
}
}
laled@juniper-core# show interfaces xe-1/2/0
vlan-tagging;
unit 5 {
vlan-id 5;
family inet {
filter {
input mirror-to-xe-0-2-0;
output mirror-to-xe-0-2-0;
}
address 217.25.208.158/30;
}
}
laled@juniper-core# show firewall family inet filter mirror-to-xe-0-2-0
term 1 {
then {
port-mirror-instance mirror-to-xe-0-2-0;
accept;
}
}
What do I do wrong?
Global mirroring works well by the way, but I still need at least two instances, I need to mirror port xe-1/2/0 to xe-0/2/0 and xe-1/3/0 to xe-0/3/0. I wonder if anyone can help me, I would appreciate it.
I have had some issue getting the port mirror instance to work myself, but 1 thing I'm pretty sure you miss is having the output/mirror port configured for bridge encapsulation and have it part of a bridge-domain. As I read the documentation this is a requirement.
Lars M. Nielsen System Engineer Extreme Networks ENS certified/Instructor Juniper JNCIE-M certified/Instructor DK-3450 Allerød
