2.15. Mirror Commands

Command Purpose

Use this command to set mirror destination interface.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor session SESSION-ID destination interface IFNAME

no monitor session SESSION destination

Command Mode

Global Config

Default

None

Usage

Same session can’t configure both local destination interface and remote destination VLAN.(About the remote destination VLAN, please refer to chapter “monitor session destination remote”.)

Examples

This example shows how to set the mirror destination port to eth-0-1 in session 1:

Switch# configure terminal
Switch(config)# monitor session 1 destination interface eth-0-1

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 destination

Related Commands

monitor session SESSION-ID source interface

monitor session SESSION-ID source vlan

show monitor

Command Purpose

Use this command to set mirror destination of CPU.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

`monitor session SESSION-ID destination cpu``

no monitor session SESSION-ID destination

Command Mode

Global Config

Default

None

Usage

The destination can be cpu port.

Same session can’t configure both destination cpu and remote destination VLAN.(About the remote destination VLAN, please refer to chapter “monitor session destination remote”.)

Examples

This example shows how to set the mirror destination to CPU in session 1:

Switch# configure terminal
Switch(config)# monitor session 1 destination cpu

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 destination

Related Commands

monitor session SESSION-ID source interface

monitor session SESSION-ID source vlan

show monitor

Command Purpose

Use this command to create mirror multi destination group and enter mirror destination group mode.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor session SESSION-ID destination group GROUP-ID

no monitor session SESSION-ID destination

Command Mode

Global Config

Default

None

Usage

Only one session can configure to multi-dest group. The session type only support local destination interface. One session can have multi destination group members which port is physical port. Same session can’t configure both local destination interface and remote destination VLAN.(About the remote destination VLAN, please refer to chapter “monitor session destination remote”.)

Examples

This example shows how to create the mirror to multi-destination group in session 1.:

Switch# configure terminal
Switch(config)# monitor session 1 destination group 1

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 destination

Related Commands

monitor session SESSION-ID source interface

member

show monitor

Command Purpose

Use this command to add a group member mirror destination interface for a mirror destination group.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

member IFPHYSICAL

Command Mode

Mirror Destination Group Configuration

Default

None

Usage

The destination interface only can be physical port. It can be neither VLAN interface nor Aggregator interface.

Same session can’t configure both local destination interface and multi-destination interface

Examples

This example shows how to add the mirror destination eth-0-1 to group of multi-destination session:

Switch# configure terminal
Switch(config)# monitor session 1 destination group 1
Switch(config-monitor-d-group)# member eth-0-1

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# monitor session 1 destination group 1
Switch(config-monitor-d-group)# no member eth-0-1

Related Commands

monitor session SESSION-ID source interface

monitor session SESSION-ID destination group GROUP-ID

show monitor

Command Purpose

Prerequisites

Command Syntax

monitor session SESSION-ID source interface interface (both|tx|rx )

no monitor session SESSION-ID source interface IFNAME (both|tx|rx)

Command Mode

Global Config

Default

None

Usage

The mirror source interface can be either physical port or Aggregator interface. (e.g. eth-0-1, agg1).

If the parameter for direction [bothrx] is not specified, the default value is both.

Examples

This example shows how to remove this setting.:

Switch# configure terminal
Switch(config)# monitor session 1 source interface eth-0-11

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 source interface eth-0-11

Related Commands

monitor session SESSION-ID destination

show monitor

Command Purpose

Use this command to set mirror source vlan.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor session SESSION-ID source vlan VLAN-ID (both|tx|rx)

no monitor session SESSION-ID source vlan VLAN-ID (both|tx|rx)

Command Mode

Global Config

Default

None

Usage

If the parameter for direction (bothrx) is not specified, the default value is both.

Before configure the monitor session source VLAN, User should create VLAN by command “vlan database”, and create VLAN interface by command “interface vlan” first.

Examples

This example shows how to create VLAN and vlan interface:

Switch# configure terminal
Switch(config)# vlan database
Switch(config-vlan)# vlan 2
Switch(config-vlan)# exit
Switch(config)# interface vlan2
Switch(config-if)# exit

This example shows how to set the mirror source to vlan2 in session 1:

Switch# configure terminal
Switch(config)# monitor session 1 source vlan 2 both

This example shows how to set the mirror source to vlan2 in session 1 to monitor received traffic only:

Switch# configure terminal
Switch(config)# monitor session 1 source vlan 2 rx

This example shows how to set the mirror source to vlan2 in session 1 to monitor transmitted traffic only:

Switch# configure terminal
Switch(config)# monitor session 1 source vlan 2 tx

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 source vlan 2 both

This example shows how to delete vlan and vlan interface:

Switch# configure terminal
Switch(config)# no interface vlan2
Switch(config)# vlan database
Switch(config-vlan)# no vlan 2
Switch(config-vlan)# exit

Related Commands

monitor session destination

show monitor

vlan database

vlan VLAN-ID

interface vlan VLAN-ID

Command Purpose

Use this command to set mirror source CPU.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor session SESSION-ID source cpu (both|tx|rx)

no monitor session SESSION-ID source cpu (both|tx|rx)

Command Mode

Global Config

Default

None

Usage

If the parameter for direction (bothrx) is not specified, the default value is both.

Mirror source CPU can only be configured in session 1.

Examples

This example shows how to set the mirror source to CPU in session 1:

Switch# configure terminal
Switch(config)# monitor session 1 source cpu both

This example shows how to set the mirror source to CPU in session 1 to monitor received traffic only:

Switch# configure terminal
Switch(config)# monitor session 1 source cpu rx

This example shows how to set the mirror source to CPU in session 1 to monitor transmitted traffic only:

Switch# configure terminal
Switch(config)# monitor session 1 source cpu tx

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 source cpu both

Related Commands

monitor session destination

show monitor

Command Purpose

Use this command to set erspan mirror destination interface tunnel.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor session SESSION-ID destination interface IFTUNNEL

no monitor session SESSION-ID destination interface IFTUNNEL

Command Mode

Global Config

Default

None

Usage

The destination tunnel and its mode should be created before configuring ERSPAN monitor destination.

The ERSPAN destination interface can only be a tunnel interface.

About tunnel configuration, please refer to #erspan_tunnel.

Examples

This example shows how to create the tunnel:

Switch# configure terminal
Switch(config)# interface tunnel
Switch(config-vlan)# tunnel mode erspan
Switch(config-vlan)# exit

This example shows how to set the ERSPAN mirror destination to tunnel1 in session 1:

Switch# configure terminal
Switch(config)# monitor session 1 destination interface tunnel1

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 destination

This example shows how to delete the tunnel:

Switch# configure terminal
Switch(config)# no interface tunnel1
Switch(config-vlan)# exit

Related Commands

monitor session SESSION-ID source interface

monitor session SESSION-ID source vlan

interface tunnel

tunnel mode mode

Command Purpose

Use this command to set mirror remote destination vlan and interface.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor session SESSION-ID destination remote vlan VLAN-ID interface IFNAME

no monitor session SESSION-ID destination remote vlan

Command Mode

Global Config

Default

None

Usage

The destination vlan should be created in vlan database.

The destination interface can be either physical port or Aggregator interface.

To prevent another copy of packets flood out from the destination outgoing port, user can remove the port from default vlan by command “switchport trunk allowed vlan remove 1”.

Examples

This example shows how to create the vlan:

Switch# configure terminal
Switch(config)# vlan database
Switch(config-vlan)# vlan 2
Switch(config-vlan)# exit

This example shows how to set the mirror remote destination VLAN to 2 and outgoing port to eth-0-1 in session 1:

Switch# configure terminal
Switch(config)# monitor session 1 destination remote vlan 2 interface eth-0-1

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor session 1 destination remote vlan

This example shows how to delete the vlan:

Switch# configure terminal
Switch(config)# vlan database
Switch(config-vlan)# no vlan 2
Switch(config-vlan)# exit

Related Commands

monitor session SESSION-ID source interface

monitor session SESSION-ID source vlan

vlan database

vlan VLAN-ID

Command Purpose

Use this command to set remote mirror MAC escape feature. When these escape entries are set, the packets with specified MAC-DA will not be mirrored to the remote destination VLAN when using Rspan (unsupport ERSPAN) .

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor mac escape MAC MASK

no monitor mac escape (MAC MASK| )

Command Mode

Global Config

Default

None

Usage

Mac escape is used for remote mirror. It will not affect the result of local mirror.

If a MAC escape entry is set, the packet with this MAC destination can not be mirrored in remote mirror.

Command “no monitor mac escape “ should delete the specified entry.

Command “no monitor mac escape” should delete all entries.

Examples

This example shows how to set the mirror mac escape:

Switch# configure terminal
Switch(config)# monitor mac escape 00cc.1122.3344 ffff.ffff.0000

This example shows how to remove this setting:

Switch# configure terminal
Switch(config)# no monitor mac escape 00cc.1122.3344 ffff.ffff.0000

Related Commands

monitor session SESSION-ID destination remote

Command Purpose

Use this command to show the information about monitor.

Prerequisites

Command Syntax

show monitor (session SESSION-ID)

Command Mode

Privileged EXEC

Default

None

Usage

If session id is not specified, any configured sessions should be shown.

Examples

This example shows how to display the information about monitor:

Switch# show monitor
session 1
Session 1
----------
Status : Valid
Type : Local Session
Source Ports :
Receive Only :
Transmit Only :
Both : eth-0-2
Source VLANs :
Receive Only :
Transmit Only :
Both :
Destination Port : eth-0-1

Related Commands

monitor session SESSION-ID source interface

monitor session SESSION-ID source vlan

monitor session SESSION-ID source cpu

monitor session SESSION-ID destination interface

monitor session SESSION-ID destination remote

monitor session SESSION-ID destination cpu

Command Purpose

Use this command to show mac escape settings for remote mirror.

Prerequisites

Command Syntax

show monitor mac escape

Command Mode

Privileged EXEC

Default

None

Usage

None

Examples

This example shows how to display the information about monitor MAC escape:

Switch# show monitor mac escape
-------------------------------------------------------------
monitor rspan mac escape database
-------------------------------------------------------------
count : 1
-------------------------------------------------------------
Mac : 00:cc:11:22:33:44
Mask : ff:ff:ff:ff:00:00
-------------------------------------------------------------

Related Commands

monitor mac escape MAC MASK

Command Purpose

Use this command to set mirror destination port forwarding enable.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor destination forwarding enable

no monitor destination forwarding enable

Command Mode

Global Config

Default

Disabled

Usage

If any mirror destination is configured, this feature can’t be changed.

Examples

This example shows how to set mirror destination forwarding enable:

Switch# configure terminal
Switch(config)# monitor destination forwarding enable

Related Commands

monitor session SESSION-ID destination

show monitor

Command Purpose

Use this command to set mirror cpu buffer size, its default value is 1000 of packets.

To remove this setting, use the no form of this command.

Prerequisites

Command Syntax

monitor cpu set packet buffer SIZE

no monitor cpu set packet buffer

Command Mode

Global Config

Default

Default 1000

Usage

The mirror CPU buffer can store up to 1000 packets and the default value is 1000.

Examples

This example shows how to set mirror cpu buffer size:

Switch# configure terminal
Switch(config)# monitor cpu set packet buffer 50

Related Commands

show monitor cpu packet buffer size

Command Purpose

Use this command to capture packets to be written in a text file from cpu memory buffer.

Prerequisites

Command Syntax

monitor cpu capture packet ( start | stop )

Command Mode

Privileged EXEC

Default

stop

Usage

When start capturing packet, the cpu mirror packets will be written in a text file and the file name is assigned by system. The text file is stored in the directory of flash/mirror/.

Examples

This example shows how to start cpu capturing packets in a text file:

Switch# configure terminal
Switch(config)# monitor cpu capture packet start

This example shows how to stop cpu capturing packets in a text file:

Switch# configure terminal
Switch(config)# monitor cpu capture packet stop

Related Commands

pcap convert FILENAMEA FILENAMEB

Command Purpose

Use this command to set the trategy of capturing packets.

Prerequisites

Command Syntax

monitor cpu capture strategy (replace|drop)

Command Mode

Global Config

Default

replace

Usage

None

Examples

This example shows how to set CPU capture strategy as replace:

Switch# configure terminal
Switch(config)# monitor cpu capture strategy replace

This example shows how to set CPU capture strategy as drop:

Switch# configure terminal
Switch(config)# monitor cpu capture strategy drop

Related Commands

show monitor cpu capture strategy

Command Purpose

Use this command to show the mirror CPU packets in memory.

Prerequisites

Command Syntax

show monitor cpu packet (all|PACKET-ID)

Command Mode

Privileged EXEC

Default

None

Usage

None

Examples

This example shows how to display the all mirror CPU packets in memory:

Switch(config)# show monitor cpu packet all

Related Commands

monitor session SESSION-ID destination cpu

Command Purpose

Use this command to clear the mirror CPU packets in memory.

Prerequisites

Command Syntax

clear monitor cpu packet all

Command Mode

Privileged EXEC

Default

None

Usage

Clear all the mirror CPU packets in memory.

Examples

This example shows how to clear all the mirror CPU packets in memory buffer:

Switch(config)# clear monitor cpu packet all

Related Commands

show monitor cpu packet (all|<1-1000>)

Command Purpose

Use this command to show the buffer size of mirror CPU in memory.

Prerequisites

Command Syntax

show monitor cpu packet buffer-size

Command Mode

Privileged EXEC

Default

None

Usage

It displays the mirror CPU buffer size in memory and the size intends the number of packets.

Examples

This example shows how to show the mirror CPU buffer size in memory:

Switch(config)# show monitor cpu packet buffer-size

Related Commands

monitor cpu set packet buffer <1-1000>

Command Purpose

Use this command to show the current strategy of capturing packets.

Prerequisites

Command Syntax

show monitor cpu capture strategy

Command Mode

Privileged EXEC

Default

None

Usage

It display the current strategy of capturing mirror CPU packets in memory.

Examples

This example shows how to show the current capture strategy:

Switch(config)# show monitor cpu capture strategy

Related Commands