The port-mirroring command enables port mirroring.
The undo port-mirroring command disables port mirroring.
port-mirroring mirroring-port { both | inbound | outbound } observing-port [ acl-number { acl-number | ipv6 acl-number } ]
port-mirroring hardware mirroring-port { both | inbound | outbound } observing-port [ acl-number acl-number ]
undo port-mirroring [ hardware ] [ mirroring-port [ inbound | outbound ] ]
| Parameter | Description | Value |
|---|---|---|
hardware |
Indicates port mirroring based on the hardware chip. FW packets first pass through the NP chip and then are sent to the MPU CPU. After the hardware fast forwarding function is enabled by default, only some traffic is sent to the CPU. Therefore, the packets captured based on the hardware chip in port mirroring mode are more comprehensive. In addition, it helps reduce the CPU usage and is therefore recommended. |
- |
mirroring-port |
Specifies the mirrored port. |
The value consists of an interface type and an interface number. |
both |
Mirrors the sent and received service data to the mirroring port. |
- |
inbound |
Mirrors the received service data to the mirroring port. |
- |
outbound |
Mirrors the sent service data to the mirroring port. |
- |
observing-port |
Specifies the mirroring port. |
The value consists of an interface type and an interface number. |
acl-number acl-number |
Specifies the ACL number. |
The value is an integer ranging from 3000 to 3999. |
The mirroring port serves as a service port for sending and receiving service packets.Before enabling the port mirroring function, ensure that the mirroring port is enabled using the observing-port command.
The management port, HA port, and Eth-Trunk interface and sub-interface cannot be used as mirrored ports or observing ports.
# Set the mirroring port to GigabitEthernet 0/0/2 and the port whose received data is mirrored and monitored toGigabitEthernet 0/0/1.
<sysname> system-view [sysname] observing-port GigabitEthernet 0/0/1 [sysname] port-mirroring GigabitEthernet 0/0/2 inbound GigabitEthernet 0/0/1 Warning: Port mirror may affect the system performance, continue? [Y/N]:y Warning: According to your demand, for the purpose of operating network and ser vice, port mirroring may send some personal communications to other ports on the device. The vendor is unable to collect or save the content of users' communic ations. It is suggested that you activate the interception-related functions bas ed on the applicable laws and regulations in terms of purpose and scope of usage . You are obligated to take considerable measures to ensure that the content of users' communications is fully protected when the content is being used and saved.