Services on the QFX Series - Juniper.net

More documents

Recommendations

Info

<strong>Services</strong> on the QFX Series Action You can verify the port mirror analyzer is configured as expected using the show analyzer command. user@switch> show analyzer Analyzer name : employee-monitor Output VLAN : remote-analyzer Ingress monitored interfaces : ge-0/0/0.0 Ingress monitored interfaces : ge-0/0/1.0 Meaning This output shows that the employee-monitor analyzer is mirroring the traffic entering ge-0/0/0 and ge-0/0/1 and is sending the mirror traffic to the analyzer remote-analyzer. Related Documentation • Understanding Port Mirroring on page 3 • Configuring Port Mirroring on page 23 • Example: Configuring Port Mirroring for Local Analysis on page 13 • Overview of Firewall Filters 22 Copyright © 2013, Juniper Networks, Inc.
CHAPTER 4 Configuration Tasks Configuring Port Mirroring • Configuring Port Mirroring on page 23 • Configuring DHCP and BOOTP Relay on page 26 You use port mirroring to copy packets and send the copies to a device running an application such as a network analyzer or intrusion detection application so that you can analyze traffic without delaying it. You can mirror traffic entering or exiting a port or entering a VLAN, and you can send the copies to a local access interface or to a VLAN through a trunk interface. We recommend that you disable port mirroring when you are not using it. To avoid creating a performance issue If you do enable port mirroring, we recommend that you select specific input interfaces instead of using the all keyword. You can also limit the amount of mirrored traffic by using a firewall filter. NOTE: If you want to create additional analyzers without deleting an existing analyzer, first disable the existing analyzer using the disable analyzer analyzer-name command. NOTE: You must configure port mirroring output interfaces as family ethernet-switching. • Configuring Port Mirroring for Local Analysis on page 23 • Configuring Port Mirroring for Remote Analysis on page 24 • Filtering the Traffic Entering an Analyzer on page 25 Configuring Port Mirroring for Local Analysis To mirror interface traffic to a local interface on the switch: 1. If you want to mirror traffic that is ingressing or egressing specific interfaces, choose a name for the port-mirroring configuration and configure what traffic should be mirrored by specifying the interfaces and direction of traffic: Copyright © 2013, Juniper Networks, Inc. 23
Page 1 and 2: Services on the QF
Page 3 and 4: Table of Contents About the Documen
Page 5 and 6: Table of Contents Part 3 Administra
Page 7 and 8: List of Figures Part 2 Configuratio
Page 9 and 10: List of Tables About the Documentat
Page 11 and 12: About the Documentation Documentati
Page 13 and 14: About the Documentation [edit] user
Page 15 and 16: About the Documentation https://www
Page 17 and 18: PART 1 Overview • Port Mirroring
Page 19 and 20: CHAPTER 1 Port Mirroring Understand
Page 21 and 22: Chapter 1: Port Mirroring Table 3:
Page 23 and 24: Chapter 1: Port Mirroring • CPU-g
Page 25 and 26: CHAPTER 2 DHCP Relay DHCP and BOOTP
Page 27 and 28: PART 2 Configuration • Configurat
Page 29 and 30: CHAPTER 3 Configuration Examples
Page 31 and 32: Chapter 3: Configuration Examples u
Page 33 and 34: Chapter 3: Configuration Examples V
Page 35 and 36: Chapter 3: Configuration Examples S
Page 37: Chapter 3: Configuration Examples }
Page 41 and 42: Chapter 4: Configuration Tasks c. S
Page 43 and 44: Chapter 4: Configuration Tasks rela
Page 45 and 46: CHAPTER 5 Configuration Statements
Page 47 and 48: Chapter 5: Configuration Statements
Page 85 and 86: PART 3 Administration • Monitorin
Page 87 and 88: CHAPTER 8 Monitoring Commands for P
Page 89 and 90:
Chapter 8: Monitoring Commands for
Page 91 and 92:
PART 4 Troubleshooting • Troubles
Page 93 and 94:
CHAPTER 9 Troubleshooting Procedure
Page 95 and 96:
Chapter 9: Troubleshooting Procedur
show all

Services on the QFX Series - Juniper.net

Create successful ePaper yourself

Delete template?

Save as template?