Layer 3 remote port mirroring configuration example
Network requirements
On a Layer 3 network shown in Figure 88, configure Layer 3 remote port mirroring to enable the server to monitor the bidirectional traffic of the Marketing Department.
Figure 88: Network diagram
Configuration procedure
Configure IP addresses for the tunnel interfaces and related ports on the devices. (Details not shown.)
Configure Device A (the source device):
# Create service loopback group 1 and specify the unicast tunnel service for the group.
<DeviceA> system-view [DeviceA] service-loopback group 1 type tunnel
# Assign Ten-GigabitEthernet 1/0/3 to the service loopback group 1.
[DeviceA] interface ten-gigabitethernet 1/0/3 [DeviceA-Ten-GigabitEthernet1/0/3] port service-loopback group 1 All configurations on the interface will be lost. Continue?[Y/N]:y [DeviceA-Ten-GigabitEthernet1/0/3] quit
# Create tunnel interface Tunnel 0 that operates in GRE mode, and configure an IP address and subnet mask for the interface.
[DeviceA] interface tunnel 0 mode gre [DeviceA-Tunnel0] ip address 50.1.1.1 24
# Configure source and destination IP addresses for Tunnel 0.
[DeviceA-Tunnel0] source 20.1.1.1 [DeviceA-Tunnel0] destination 30.1.1.2 [DeviceA-Tunnel0] quit
# Enable the OSPF protocol.
[DeviceA] ospf 1 [DeviceA-ospf-1] area 0 [DeviceA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [DeviceA-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [DeviceA-ospf-1-area-0.0.0.0] quit [DeviceA-ospf-1] quit
# Create local mirroring group 1.
[DeviceA] mirroring-group 1 local
# Configure Ten-GigabitEthernet 1/0/1 as a source port and Tunnel 0 as the monitor port of local mirroring group 1.
[DeviceA] mirroring-group 1 mirroring-port ten-gigabitethernet 1/0/1 both [DeviceA] mirroring-group 1 monitor-port tunnel 0
Enable the OSPF protocol on Device B (the intermediate device).
<DeviceB> system-view [DeviceB] ospf 1 [DeviceB-ospf-1] area 0 [DeviceB-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [DeviceB-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [DeviceB-ospf-1-area-0.0.0.0] quit [DeviceB-ospf-1] quit
Configure Device C (the destination device):
# Create service loopback group 1 and specify the unicast tunnel service for the group.
<DeviceC> system-view [DeviceC] service-loopback group 1 type tunnel
# Assign Ten-GigabitEthernet 1/0/3 to service loopback group 1.
[DeviceC] interface ten-gigabitethernet 1/0/3 [DeviceC-Ten-GigabitEthernet1/0/3] port service-loopback group 1 All configurations on the interface will be lost. Continue?[Y/N]:y [DeviceC-Ten-GigabitEthernet1/0/3] quit
# Create tunnel interface Tunnel 0 that operates in GRE mode, and configure an IP address and subnet mask for the interface.
[DeviceC] interface tunnel 0 mode gre [DeviceC-Tunnel0] ip address 50.1.1.2 24
# Configure source and destination IP addresses for Tunnel 0.
[DeviceC-Tunnel0] source 30.1.1.2 [DeviceC-Tunnel0] destination 20.1.1.1 [DeviceC-Tunnel0] quit
# Enable the OSPF protocol.
[DeviceC] ospf 1 [DeviceC-ospf-1] area 0 [DeviceC-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [DeviceC-ospf-1-area-0.0.0.0] network 40.1.1.0 0.0.0.255 [DeviceC-ospf-1-area-0.0.0.0] quit [DeviceC-ospf-1] quit
# Create local mirroring group 1.
[DeviceC] mirroring-group 1 local
# Configure Ten-GigabitEthernet 1/0/1 as a source port for local mirroring group 1.
[DeviceC] mirroring-group 1 mirroring-port ten-gigabitethernet 1/0/1 inbound
# Configure Ten-GigabitEthernet 1/0/2 as the monitor port for local mirroring group 1.
[DeviceC] mirroring-group 1 monitor-port ten-gigabitethernet 1/0/2
Verifying the configuration
# Verify the mirroring group configuration on Device A.
[DeviceA] display mirroring-group all
Mirroring group 1:
Type: Local
Status: Active
Mirroring port:
Ten-GigabitEthernet1/0/1 Both
Monitor port: Tunnel0
# Display information about all mirroring groups on Device C.
[DeviceC] display mirroring-group all
Mirroring group 1:
Type: Local
Status: Active
Mirroring port:
Ten-GigabitEthernet1/0/1 Inbound
Monitor port: Ten-GigabitEthernet1/0/2