HPE Community
Comware Based
1753360 Members
4884 Online
108792 Solutions
New Discussion

Re: HP A5500 monitor and mirroring port (inbound interface=0)

 
Mairie
Occasional Advisor

‎09-12-2013 08:17 AM

‎09-12-2013 08:17 AM

HP A5500 monitor and mirroring port (inbound interface=0)

Hi,

 

Here's the configuration of the port 1/0/46 which is the monitor port of 1/0/3 on a HP A5500:

 

interface GigabitEthernet1/0/46
 port link-mode bridge
 description Websense N - MONITORING
 port link-type hybrid
 undo port hybrid vlan 1
 port hybrid vlan 4 untagged
 port hybrid pvid vlan 4
 stp disable
 mirroring-group 1 monitor-port

 

interface GigabitEthernet1/0/3
 port link-mode bridge
 description To Internet thru Checkpoint

 port link-type hybrid
 undo port hybrid vlan 1
 port hybrid vlan 4 untagged
 port hybrid pvid vlan 4
 mirroring-group 1 mirroring-port both

 

There must be something wrong because I don't get any data in inbound but I get some on the outbound:

 

[mySwitch] dis counters inbound interface

Interface            Total(pkts)    Broadcast(pkts)    Multicast(pkts) Err(pkts)
GE1/0/3                328841695               2253                  0                      0

GE1/0/46                       0                  0                                0                        0

 

[mySwitch] dis counters outbound interface

Interface            Total(pkts)    Broadcast(pkts)    Multicast(pkts) Err(pkts)
GE1/0/3                639849600             154665             807380         0

GE1/0/46             969190475             313850             795382         0

 

Any idea why the monitor port does not get the same data as the mirroring port?

 

Thanks for your feedback

0 Kudos
1 REPLY 1
Emil_G
HPE Pro

‎09-15-2013 08:08 AM - edited ‎09-15-2013 08:09 AM

‎09-15-2013 08:08 AM - edited ‎09-15-2013 08:09 AM

Re: HP A5500 monitor and mirroring port (inbound interface=0)

Hi,

 

If I see it correctly the sum of the inbound and outbound packets on GE1/0/3 is apprx the same as the outbound packets on the GE1/0/43.

 

The way I understand port mirroring this should be the intended behaviour since you have configured "mirroring-port both"

 

Configuring mirroring you want the switch to copy the inbound and outbound packets passing through port 3 and send them to port 43. You would typicaly attach a PC with network analyser on port 43 and capture the packes or an IDS/IPS. So the only way for the switch to send the packets to the packet analyser is the send them through port 43 in outbound direction towards to the PC attached to port 43.

 

This is the way I see it!

 

 

 

 

I am an HPE employee

Accept or Kudo


0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.