close

keyboard_arrow_left

Table of Contents Expand all

play_arrow Overview
play_arrow Operation, Administration, and Management Features
- play_arrow Ethernet OAM and Connectivity Fault Management for Routers
- play_arrow Link Fault Management for Routers
- play_arrow Ethernet OAM Link Fault Management for Switches
- play_arrow Ethernet OAM Connectivity Fault Management for Switches
- play_arrow Ethernet Frame Delay
- play_arrow Ethernet Service OAM (ITU-TY.1731) for Routers
play_arrow Network Monitoring by using SNMP
play_arrow Remote Network Monitoring (RMON) with SNMP Alarms and Events
play_arrow Accounting Options
- Accounting Options Overview
- Configure Accounting Options, Source Class Usage and Destination Class Usage Options
play_arrow Monitoring Options
- play_arrow Interface Alarms
  - Alarm Overview
  - Example: Configure Interface Alarms
- play_arrow IP Monitoring
- play_arrow sFlow Monitoring Technology
- play_arrow Adaptive Sampling for Routers and Switches
  - Adaptive Sampling Overview
- play_arrow Packet Flow Accelerator Diagnostics Software
play_arrow Monitoring Common Security Features
play_arrow Performance Management
- Network Analytics
- Configure Hardware Resource Threshold Monitoring for Capacity Planning
play_arrow Port Mirroring
- play_arrow Port Mirroring and Analyzers
play_arrow System Log Messages
play_arrow Network Management and Troubleshooting
play_arrow Configuration Statements and Operational Commands
- Junos CLI Reference Overview

list Table of Contents

English

Example: Configure Port Mirroring with Family any and a Firewall Filter

date_range 01-Mar-24

arrow_backward

arrow_forward

Overview

• Family any (for family any, ccc, ethernet-switching, or mpls)

Note:

You use the family any configuration option to process all 4 families.

You use [edit forwarding-options port-mirroring] for local port mirroring or [edit forwarding-options port-mirroring instance instance-name] for remote port mirroring, with both of those configurations also requiring a firewall filter.

The following text lists the caveats and limitations you need to know about when you configure this feature:

Caveats

If you need to change the port-mirroring output configuration, first delete the existing output configuration and then configure the new output configuration.
If the number of remote port mirror instances exceeds 15, no commit error is displayed.
A Packet Forwarding Engine error message is generated if the number of port mirror instances exceeds 15. However, if you delete one of the existing instances, the sixteenth instance is not programmed automatically. You must first delete the sixteenth instance and then add it again.
One sampled packet can be sent to only one NMS device.
Each family consumes one instance, so

maximum number of instances = number of instances + number of families
An FTI interface must operate in loopback mode.

Note:
FTI interfaces are included in remote port-mirroring configurations.
You can configure maximum packet length as a multiple of 128 bytes; an exported packet is 22 bytes less than the configured value.
Do not configure multiple interfaces for the same instance—they are not supported, and no commit error is created if you try to commit multiple interfaces for the same instance.
The restart of the mirror daemon (mirrord) and GRES both have a momentary drop.
Tunnel-terminated packets in the egress direction are not mirrored.
Combined actions port-mirror and discard in the egress direction are not supported.
Jumbo traffic in the egress direction for the FTI interface is not supported.

Limitations

Enterprise–provider-style L2 configuration (ethernet-switching) is not supported by the family any filter.
One sampled packet can be sent to only one remote port mirror instance. The same sampled packet cannot be sent to multiple NMS devices.
Statistics related to port-mirrored packets must be verified through the firewall filter or the FTI.
MPLS traffic on egress is not supported by the family any filter.
An aggregated Ethernet (ae) interface is not supported as the outgoing interface on the family any filter.

Requirements

PTX10008 or PTX10016
Junos OS Evolved Release 22.2R1 or later

Topology

The following example shows a configuration of local port mirroring with family any and a firewall filter.

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.

content_copy zoom_out_map
set interfaces ae10 vlan-tagging
set interfaces ae10 encapsulation flexible-ethernet-services
set interfaces ae10 aggregated-ether-options lacp active
set interfaces ae10 aggregated-ether-options lacp periodic fast
set interfaces ae10 unit 1038 encapsulation vlan-bridge
set interfaces ae10 unit 1038 vlan-id 1038
set interfaces ae10 unit 1038 filter input mirror_to_analytics
set interfaces ae10 unit 1046 encapsulation vlan-bridge
set interfaces ae10 unit 1046 vlan-id 1046
set interfaces ae10 unit 1046 filter input mirror_to_analytics
set interfaces et-0/0/0:3 encapsulation ethernet-ccc
set interfaces et-0/0/0:3 unit 0 family ccc
set firewall family any filter mirror_to_analytics term port-mirror from learn-vlan-id 1024-1055
set firewall family any filter mirror_to_analytics term port-mirror then count c1
set firewall family any filter mirror_to_analytics term port-mirror then port-mirror
set firewall family any filter mirror_to_analytics term all-else then accept
set forwarding-options port-mirroring input rate 1
set forwarding-options port-mirroring family any output interface et-0/0/0:3.0

Results

Check the results of the configuration:

content_copy zoom_out_map
  firewall {
      family any {
          filter mirror_to_analytics {
              term port-mirror {       
                  from {
                      learn-vlan-id 1024-1055;
                  }
                  then count c1;
                  then port-mirror;
              }
              term all-else {
                  then accept;
              }
          }
      }
  }
 interfaces {
   ae10 {
       encapsulation flexible-ethernet-services;
       aggregated-ether-options {
           lacp {
               active;
               periodic fast;
           }
       }
       unit 1038 {
          encapsulation vlan-bridge;
          filter {
              input mirror_to_analytics;
           }
           vlan-id 1038;
       unit 1046 {
          encapsulation vlan-bridge;
          filter {
              input mirror_to_analytics;
           }
           vlan-id 1046;
       }
    } vlan-tagging;
  }
   et-0/0/0:3 {
       encapsulation ethernet ccc;
       unit 0 {
           family ccc;
       }
 
 
  forwarding-options {
      port-mirroring {
          input {
              rate 1;       (We recommend 1:1000 so you don't mirror all the traffic.)
          }
          family any {
              output {
                  interface et-0/0/0:3.0;
              }
          }
      }
  }

arrow_backward PREVIOUS 1:N Port Mirroring to Multiple Destinations on Switches

NEXT arrow_forward Monitoring Port Mirroring

Network Management and Monitoring Guide

ON THIS PAGE