Sun Fire[TM] B1600 Switch Port Mirroring

Asset ID:	1-71-1001791.1
Update Date:	2009-12-20
Keywords:

Solution Type Technical Instruction Sure

Solution 1001791.1 : Sun Fire[TM] B1600 Switch Port Mirroring

Related Items


Sun Fire B1600 Blade System Chassis

Related Categories


GCS>Sun Microsystems>Servers>Blade Servers

PreviouslyPublishedAs
202449

Description
Configuring a port mirror or port monitor on the B1600 switch

Steps to Follow
Steps to Follow

What is a port mirror

Port mirroring is used to monitor (otten called snoop or sniff) traffic on one port using a second or "mirrored" port. This could be used to connect a switch external port to a sniffer to monitor a switch internal port or Sun Fire B100 Blade. You could also use one B100 to snoop the traffic on a different blade or one of the external ports. You would want to do this if the blade is already under heavy load and the addition of running snoop and saving to disk would bring the blade over the edge.

Considerations when creating a port mirror

The integrated switch on the Sun Fire B1600 is composed of two switch chips. It is only possible to mirror the traffic on one switch port using another switch port on the same chip.

Switch Chip 1	Switch Chip 2
NETP2	NETP0
NETP3	NETP1
NETP6	NETP4
NETP7	NETP5
SNP0	SNP8
SNP1	SNP9
SNP2	SNP10
SNP3	SNP11
SNP4	SNP12
SNP5	SNP13
SNP6	SNP14
SNP7	SNP15

Monitor/Mirroring port must match or exceed the port speed of the port being mirrored.

If using VLANS, the target port must be included in the same VLAN as the source port.

You can only have one mirror configured on a switch

Examples of port Mirrors

The following is an example of mirroring the external port NETP2 port to the internal port SNP7 going to blade S7 the ce0 interface :

Console#configure

Console(config)#interface ethernet SNP7

Console(config-if)#port monitor ethernet NETP2 both

This allows you to use the unplumbed ce0 interface on blade S7 to snoop all of the traffic on the external interface NETP2.

The following is an example of mirroring the internal port SNP0 going to blade S0 the ce0 interface to the internal port SNP7 going to blade S7 the ce0 interface :

Console#configure

Console(config)#interface ethernet SNP7

Console(config-if)#port monitor ethernet SNP0 both

This allows you to use the unplumbed ce0 interface on blade S7 to snoop the traffic on the ce0 interface of Blade S0 without putting the additional load of running snoop on S0.

The following is an example of mirroring the external port NETP0 with the external port NETP1. You would have a sniffer or a Sun systems unplumbed interface running snoop connected to NETP1:

Console#configure

Console(config)#interface ethernet NETP1

Console(config-if)#port monitor ethernet NETP0 both

This allows you to use an external sniffer plugged into NETP1 to monitor all traffic on NETP0.

NOTE: You can choose to mirror transmitting, receiving, or both direction:

Console(config-if)#port monitor ethernet SNP0

both Both of rx and tx

rx Receiving

tx Transmitting

<cr>

Confirming the port mirror

To see all of the port monitors configured on the switch:

Console#show port monitor

Port Mirroring

Destination port(listen port):SNP7

Source port(monitored port) :SNP0

Mode :RX/TX

Turning off the mirror

To disable the mirror created above simply use the "no" command:

Console#configure

Console(config)#interface ethernet SNP7

Console(config-if)#no port monitor ethernet NETP0

Product
Sun Fire B1600 Blade System Chassis

Stiletto, B1600, switch, port, mirroring
Previously Published As
70072

Change History
Date: 2004-07-07
User Name: 25440
Action: Approved
Comment: Spellcheded. Publishing
Version: 0
Date: 2004-07-07
Product_uuid
10bec5e4-5865-11d6-9ffc-c65b6cd3fd7d|Sun Fire B1600 Blade System Chassis

Attachments

This solution has no attachment