Juniper Networks EX2500 User Manual
Port Mirroring Overview
81
Appendix A
Monitoring Ports with Port Mirroring
This appendix explains port mirroring to help you monitor ports and troubleshoot
common problems on the EX2500 switch. The following topics are discussed in this
appendix:
common problems on the EX2500 switch. The following topics are discussed in this
appendix:
Port Mirroring Overview
The port mirroring feature in the EX2500 switch allows you to copy traffic from
specified ports and forward it to another port for monitoring or packet analysis. The
port that receives the copied traffic is called the monitor port. The ports being
monitored, and the traffic being copied, are considered to be mirrored.
specified ports and forward it to another port for monitoring or packet analysis. The
port that receives the copied traffic is called the monitor port. The ports being
monitored, and the traffic being copied, are considered to be mirrored.
The port mirroring feature can be used as a troubleshooting tool or to enhance the
security of your network. You can attach a sniffer, or packet analysis device, to the
monitor port and examine the mirrored traffic without disrupting traffic on the
mirrored ports. As an example, an IDS server can be connected to the monitor port
to detect intruders attacking the network.
security of your network. You can attach a sniffer, or packet analysis device, to the
monitor port and examine the mirrored traffic without disrupting traffic on the
mirrored ports. As an example, an IDS server can be connected to the monitor port
to detect intruders attacking the network.
The EX2500 switch can mirror all types of Layer 2 and Layer 3 traffic. Up to four
monitor ports can be configured. Each monitor port can receive mirrored traffic
from multiple switch ports, but each specific switch port is permitted to be
mirrored to only one monitor port. For each mirrored port, you can also specify
whether to mirror only ingress traffic (traffic entering the switch port), only egress
traffic (traffic leaving the switch port), or both.
monitor ports can be configured. Each monitor port can receive mirrored traffic
from multiple switch ports, but each specific switch port is permitted to be
mirrored to only one monitor port. For each mirrored port, you can also specify
whether to mirror only ingress traffic (traffic entering the switch port), only egress
traffic (traffic leaving the switch port), or both.
Figure 15 shows an example of port mirroring.
Figure 15: Monitoring Ports
9
10
11
12
5
6
7
8
SP
L/A
17
18
19
20
13
14
15
16
21
22
23
24
MGMT
B
A
1
2
3
4
CON
RESET
EX2500
ST-A
SYS
FAN
ST-B
2
4
7
10
Monitor Port
Mirrored Traffic
Regular Switch Port Traffic
Ing
re
ss
Eg
re
ss
Ing
re
ss
Eg
re
ss
Ing
re
ss
Eg
re
ss