Port mirroring limit on SGE2010?

Similar Messages

• Port mirroring limit of 8 ports on SGE2010P

  Hello Guys,
  Recently our company purchased 3 Lynksys SGE2010p, At the moment they work as a stack  but as we are implementing UCCX we need to mirror 15 ports but during the provisioning i've noticed that the limit is 8 ports per stack.
  I'm wondering whether this is a known issue or just a known limitation .
  I believe that most probably i'll need to move back to stand alone mode so i could configure 8 mirrored ports per switch.
  PLease advice.
  Thanks.

  Hi Alexander
  Your understanding is correct. 
  For my own curiosity, I guess you are also doing call recording, can i ask the question why so many mirrored ports?
  regards Dave

• Port Mirroring SRW2048

  Hello,
  Does anybody know the specifications about port mirroring funcionality for Cisco SRW2048 48-Port Gigabit Switch?
  I need to know about:
  1.- Is there any limit in port mirroring sessions?
  2.- Can one target port receive traffic from multiple ports?

  Hi Dave,
  Thanks for your answer, of course I understand I can't have 4 Gbps out of the egress port, bust sometimes we know that even when the link is 1 Gbps the traffic is not going to fill that bandwidht.
  Regarding the sessions question, I understand by your response you can have:
  Source Port    Type                      Target port
  g1                           Rxonly                   g3
  g2                           Rxonly                   g3
  g4                           Rxonly                   g6
  g5                           Both                      g6
  Can you confirm this?
  We are evaluating to propose this switch to a customer and we need to have this feature.
  If there isn't any limitation in mirroring traffic, except logical bandwith capabilities, then I can't understand why Catalyst 2960 have a limitation to one or two monitor sessions ... The catalyst are suposed to be better switches ......
  Best Regards

• SGE2000P 24 ports - Port Mirroring limitation

  Hi everybody,
  I need to setup port mirroring on several ports on a SGE2000P 24 port switch.
  I easily managed to setup 1 session (1 target port) listening to 8 ports (source ports) but it seems like I can't add any more port.
  Line No.
  Error Type
  Value
  Diagnostic
  1
  Unknown value
  Too many monitoring sessions..
  I went through the switch documentation and I could not find any information regarding limitations on the number of mirrored ports.
  Is anyone aware and can confirm this limit?
  If this is the case, is it possible to setup more than one session (target port)?
  Thank you,
  Roberto

  These switches only support 1 session only with 8 source ports to 1 destination port.
  Best Regards,

• Trouble With Port Mirroring (SG200-08)

  Trouble with port mirroring.
  Even though both Tx and Rx is specified, only getting half the conversation.  Ping reply only for instance.  And when pinging from other locations no traffic at all.
  Please help
  SG200-008
  FW Version: 1.0.2.0
  Boot Version D.3.1
  Thanks

  I also have problem with the mirroring of port on my SG200-08.  The firmware is 1.0.6.2.
  I mirror the port g1, to which my router to the Internet is connected, to the port g2 to be able to see the traffic with a Centos system running Bandwidthd connected to the port g2.  The problem is that I only see the traffic coming in (downloads from the Internet) and not the traffic comming out (uploads to the Internet).
  When looking at the SG 200-08 on the web interface at "Status and Statistics/Interface" and looking at the port g2, I see values for the "Transmit Statistics", but all the values are at 0 for the "Received Statisticsc" (see the attached file)
  I confirmed that in "Administration/Diagnostic/Port Mirroring" is set up both Tx and Rx (it does not work either if I have Tx or Rx alone: I do not see the uploda traffic to the Internet). See the attached file.
  This is very annoying as I purchased this SG 200-08 especially for this and it does not do the job porperly.
  Does anybody knows a solution to this?

• Cat 3750-Span (Port Mirroring issue)

  Hello team
  I am facing port mirroring issue in my setup. Details of the setup are mentioned below
  Setup--
  Stack of 4 catalyst switches WS-C3750X-48P running software 15.0(1) SE3 .Approximately 12 vlans are configured in this setup and port mirroring is done for all vlans with destination configured as single Gig Ethernet port...The setup works fine from mirroring perspective for 3-4 days and after that machine connected to destination port stops getting data.
  Observations-
  It has been observed that during the issue, the port configured for mirror destination has lot of packet drop/input errors on the port statistics.
  If we configure only TX packet mirroring, it works for 8 -10 days
  If we configure TX & RX packet mirroring, it works for 2-3 days
  Testing done
  Tried clearing counter on destination port but no success (mirroring doesn’t start)
  Tried  shut /no shut for the destination port but no success.
  Tried restarting the machine connected to destination port but no success
  Workaround
  We need to reconfigure the mirroring configuration after removing the mirroring config from the switch. Once the same is done, mirroring starts working.
  Want to understand
  1-is there any HW limitation for the switch (destination port not capable of handling mirroring traffic)
  2-is there any software related issue?
  3-what can be permanent resolution for the same..

  Hello
  We have tried this previously but found same result.
  1- we deleted the monitror session and recreated again with same session number
  2-we deleted the monitor session and created new session (session id diffrent ) with same config..
  in both cases its working for 3-4 days..

• VSphere Port Mirror - Possible Bug Found

  Hi,
  Something i came across to and thought could be worth while reporting it since i havent seen any reference to it elsewhere:
  We've configured a few "source remote port mirror rules" for a few VMs, in a way that each VM had 3 vNics that were mirrored.
  long story shot: one VM had one vNic that was E1000 and not VMXNET3 like all the others, each time i enabled the "source remote port mirror" rule for the E1000 vNic, all other port mirrors (from this VM and other VMs located on the same ESX) stopped working. problem was solved after i removed the vNic and created a new one, this time a VMXNET3 vNic.
  didnt see any reference about E1000/VMXNET3 regarding vSphere Port Mirroring. New bug maybe?

  Hi,
  Something i came across to and thought could be worth while reporting it since i havent seen any reference to it elsewhere:
  We've configured a few "source remote port mirror rules" for a few VMs, in a way that each VM had 3 vNics that were mirrored.
  long story shot: one VM had one vNic that was E1000 and not VMXNET3 like all the others, each time i enabled the "source remote port mirror" rule for the E1000 vNic, all other port mirrors (from this VM and other VMs located on the same ESX) stopped working. problem was solved after i removed the vNic and created a new one, this time a VMXNET3 vNic.
  didnt see any reference about E1000/VMXNET3 regarding vSphere Port Mirroring. New bug maybe?

• Add VM to a Port Mirroring Session

  I need every VM added to a given folder in vCenter to be added to an existing distributed switch port mirroring session.  Is this possible using PowerCLI?

  The following will add the VM ($vmName) to a specific port mirroring session ($mirrorSessionName) on a distributed switch ($dvSwName).
  You can define the traffic direction(s) for which the VM needs to be added with the variables $Ingress and $Egress.
  Note that there isn't any error checking in the script.
  For example if the mirror session does not exist, the script will fail without an informative messages.
  To repeat this script for all VMs in a specific folder should be not too difficult, I assume ?
  $dvSwName = 'dvSw1'
  $mirrorSessionName = 'Test'
  $vmName = 'VM2'
  $Ingress = $false
  $Egress = $true
  $dvSw = Get-VDSwitch -Name $dvSwName
  $vm = Get-VM -Name $vmName
  $vmNic = $vm.ExtensionData.Config.Hardware.Device |
      where{$_.Backing -is [VMware.Vim.VirtualEthernetCardDistributedVirtualPortBackingInfo]}
  $spec = New-Object VMware.Vim.VMwareDVSConfigSpec
  foreach($mirrorSession in $dvSw.ExtensionData.Config.VspanSession){
      if($mirrorSession.Name -eq $mirrorSessionName){
          $vspan = New-Object VMware.Vim.VMwareDVSVspanConfigSpec
          $vspan.Operation = [VMware.Vim.ConfigSpecOperation]::edit
          $vmInRc = $mirrorSession.SourcePortReceived | where{$_.PortKey -contains $vmNic.Backing.Port.PortKey}
          if($Ingress -and !$vmInRc){
              $mirrorSession.SourcePortReceived.PortKey += $vmNic.Backing.Port.PortKey
          $vmInTx = $mirrorSession.SourcePortTRansmitted | where{$_.PortKey -contains $vmNic.Backing.Port.PortKey}
          if($Egress -and !$vmInTx){
              $mirrorSession.SourcePortTransmitted.PortKey += $vmNic.Backing.Port.PortKey
          $vspan.vspanSession = $mirrorSession
          $spec.vspanConfigSpec += $vspan
  $spec.ConfigVersion = $dvSw.ExtensionData.Config.ConfigVersion
  $dvSw.ExtensionData.ReconfigureDvs($spec)

• Port mirroring with ALOT of Drops Tx on a 5406zl

  Hi everybody.
  My first post here and I'm convinced that the questions I have will be easily answered by several of the true experts that reside here in the forum.
  Question #1.
  I've set up port mirroring this way on my HP procurve J8697A Switch 5406zl (Software revision K.15.12.0015)
  sw-dh-1(config)# show monitor 1
  Network Monitoring
     Session: 4    Session Name:
        Mirror Destination:  B13   (Port)
        Monitoring Sources  Direction Truncation Mirror Policy
        Port: F1            Both       No         -
        Port: F2            Both       No         -
        Port: F3            Both       No         -
        sw-dh-1# show monitor 2
  Network Monitoring
     Session: 3    Session Name:
        Mirror Destination:  A6    (Port)
        Monitoring Sources  Direction Truncation Mirror Policy
        Port: A7            Both       No         -
        Port: B6            Both       No         -
        Port: B10           Both       No         -
        Port: Trk5          Both       No         -
        Port: Trk9          Both       No         -
        Port: Trk11         Both       No         -
  See output of "show interface" below. I'm worried about "Drop Tx". What does that mean exactly? Are mirrored packets dropped or does this mean that the ordinary traffic on the monitoring ports are also affected? If yes, how? Data loss, resending packets, loss of speed, high CPU load on the switch?
  sw-dh-1# show interfaces B13
   Status and Counters - Port Counters for port B13
    Name  : <removed>
    MAC Address      : xxxxxx-xxxxx
    Link Status      : Up
    Totals (Since boot or last clear) :
     Bytes Rx        : 576                Bytes Tx        : 4,252,895,128
     Unicast Rx      : 0                  Unicast Tx      : 3,440,299,294
     Bcast/Mcast Rx  : 9                  Bcast/Mcast Tx  : 412,639,331
    Errors (Since boot or last clear) :
     FCS Rx          : 0                  Drops Tx        : 29,441,235
     Alignment Rx    : 0                  Collisions Tx   : 0
     Runts Rx        : 0                  Late Colln Tx   : 0
     Giants Rx       : 0                  Excessive Colln : 0
     Total Rx Errors : 0                  Deferred Tx     : 0
    Others (Since boot or last clear) :
     Discard Rx      : 0                  Out Queue Len   : 0
     Unknown Protos  : 0
    Rates (5 minute weighted average) :
     Total Rx  (bps) : 0                  Total Tx  (bps) : 5,002,088
     Unicast Rx (Pkts/sec) : 0            Unicast Tx (Pkts/sec) : 0
     B/Mcast Rx (Pkts/sec) : 0            B/Mcast Tx (Pkts/sec) : 6
     Utilization Rx  :     0 %            Utilization Tx  : 0.50 %
  sw-dh-1# show interfaces A6
   Status and Counters - Port Counters for port A6
    Name  : <removed>
    MAC Address      : xxxxx-xxxxx
    Link Status      : Up
    Totals (Since boot or last clear) :
     Bytes Rx        : 960                Bytes Tx        : 1,442,037,177
     Unicast Rx      : 0                  Unicast Tx      : 1,988,961,810
     Bcast/Mcast Rx  : 15                 Bcast/Mcast Tx  : 339,915,002
    Errors (Since boot or last clear) :
     FCS Rx          : 0                  Drops Tx        : 1,647,165,303
     Alignment Rx    : 0                  Collisions Tx   : 0
     Runts Rx        : 0                  Late Colln Tx   : 0
     Giants Rx       : 0                  Excessive Colln : 0
     Total Rx Errors : 0                  Deferred Tx     : 0
    Others (Since boot or last clear) :
     Discard Rx      : 0                  Out Queue Len   : 0
     Unknown Protos  : 0
    Rates (5 minute weighted average) :
     Total Rx  (bps) : 0                  Total Tx  (bps) : 5,000,000
     Unicast Rx (Pkts/sec) : 0            Unicast Tx (Pkts/sec) : 0
     B/Mcast Rx (Pkts/sec) : 0            B/Mcast Tx (Pkts/sec) : 0
     Utilization Rx  :     0 %            Utilization Tx  : 0.50 %
  Utilzation and total last 5 minutes is off since I turned the mirroring off when I saw the drops. Utilization when port mirroring was on was 20-35%.   
  Question #2:
  Is it better if I mirror out all traffic to the 10GB port instead? Assuming that it is possible to do port mirroring to the 10GB port?
  best regards,
  Dean Y

  You don;t indicate which router you have, but that doesn;t really matter.Neither the Actiontec MI424-WR or the Quantum G1100 have port mirroring.  You need qan old fashioned hub, or a managed switch that supports it. 

• SG300-28 Port Mirroring

  Hello,
  I am wondering if anyone else has issues with port mirrors? I have created a mirror to copy all packets from Interface gi1 to interface gi28. I don't see any port 80 traffic, or 443 or any revelant traffic. I see mostly broadcast from other devices. I have a security device that is logging all the copied packets from my firewall for malware/IPS, etc inspection.
  Right now I have it monitoring vlan 1 in the hope that it would resolve this issue but I see no change. The config is attached for viewing.
  Any thoughs?

  Hi Alan, try to monitor a specific port instead of the whole VLAN.
  -Tom
  Please mark answered for helpful posts

• Port mirroring in routers

  Hi,
  Port mirroring(SPAN) is possible in Switches, let me know if there is any sorts of feature implemented in Routers...
  Cheers
  Akhtar

  Cisco has added a new feature that supports mirroring traffic on a router called IP traffic export. You need to run IOS version 12.3(4)T or later.
  Check out the link below for configuration guidelines:
  http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455b94.html
  HTH,
  Sundar
  *Please rate all helpful posts.

• Port mirroring on SG300 questions

  Hi all,
  I'm troubleshooting a LAN issue I have, and I wanted to hook up wireshark to record traffic over the course of a couple of hours for later diagnostics. I went into the web administration interface, clicked Administration > Diagnostics > Port and VLAN Mirroring, and added a port mirror from the port I wanted to watch to a port to which I had connected a laptop. I picked the Tx and Rx options, and clicked Apply.
  I did receive lots of traffic in wireshark, but I noticed immediately that the server on the port I had mirrored was suddenly unavailable on the network -- pings timed out. This lasted until I removed the mirror, then the server was suddenly reachable once again.
  Does this feature not work the way I had thought it does? What I saw looked more like a forward than what I would call a mirror. The documentation leads me to believe mirroring is intended to be used in just the way I was attempting to use it.
  Am I missing something?

  Hi Lamint,
  I have a SG300-10P for my test,  I did the same thing you did in my GUI.
  I was mirroring port 7 to port 8 ticking the item to mirror RX and TX
  My PC with wireshark was residing on port 8.
  I started a comtinuous oibg from my  PC on port 7 at IP address 192.168.10.60 to my WAN routers LAN address, 192.168.10.1 .
  As you can see from my screen capture below, my PC on port 8 caprtured both RX and TX packets on port 7.
  Because my wireshark  PC was on port 8, I could not access the management interface of the switch to show you my configuration, so I grabbed the configuration via hyperterminal.
  See screen caopture below ( with some configuration items excluded)..
  I would suggest, if you are having issues to allow the Small Business Support Center to assist you.
  http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
  Hope this helps
  regards Dave

• UCS VLAN Port Count Limit

  hi, Cisco:
  Is there any way to INCREASE the VLAN Port Count Limit of 6000 Per FInterconnect running 1.4(2b)?
  Imagine I have 4 vNIC and 10 selected VLAN Per Service Profile and 2 vHBA.
  So in this case, how many VLAN ports will be used? Is it 60 or 40? Assuming it is 60, Does it man that I CAN ONLY HAVE 100 Service Profiles?
  just wondering WHY is the VLAN Port Count Limit So Low? How about the other fabric and how DOES it contribute to the VLAN Port Count Limit?
  Please advise.
  Really appreciate it as we are rolling and rolling out UCS in droves.
  SiM

  Hey KP,
  The VLAN port count is accrued on an individual FI basis.  So each FI gets 6000 VLAN port counts.  This total is made up from a combination of Uplink ports (Border Interfaces) as well as virtual ports (Access Ports or HBAs).  You can see the current allocaiton by:
  UCS-250-B# scope fabric-interconnect b
  UCS-250-B /fabric-interconnect # show vlan-port-count
  VLAN-Port Count:
      VLAN-Port Limit Access VLAN-Port Count Border VLAN-Port Count Alloc Status
      6000            95                     114                    Available
  UCS-250-B /fabric-interconnect #
  The border (uplink) interfaces are pretty easy to understand.  The Access VLAN Port Count is incremented for each VLAN on each vNIC defined, as well as any HBAs. 
  So in your example, if you have 4 vNICs with 10 VLANs defined on each, plus two HBAs you would have 4 x 10 + 2 = 42 VLAN port counts for this service profile. 
  The only time this count comes into consideration is with an adaptor that can create multiple virtual ports such as the Palo (M81KR-VIC) adaptor.  We have many cloud providers with 20+ Chassis who never hit the max limit. 
  This limitation brings in "good design" practices.  If you want to define 4 vNICs for your service profiles, do you really need all 10 VLANs allowed on each of the 4 vNICs?  Crafting an individual vNIC for different purposes such as VMotion, Management, iSCSI etc is a great idea.  But I don't need to allow each & every VLAN on these various purpose NICs.  Just allowing all VLANs on ALL  vNICs is the only way you'll likely exceed the 6000 VLAN port count limit.  This again, would probably identify a design concern more than system limitation.
  Let me know if you have any other questions/concerns.
  Regards,
  Robert

• Why does my sg 200 keeps changing port mirror destination to g1

  On my sg 200-8 I have 1 port mirror session, with destination set to g4. If I disable, then enable, it changes the port to g1 and g4 is not among the ones I can choose. How do I re-enable it, without having to delete it and create a new one. And why does it keep changing it to g1?

  Thanks Thomas. I think I was looking at it wrong regarding the SG switch saying that access mode ports do not tag traffic. It looks like it's from the viewpoint of how the ingress traffic looks. So, a port in access mode assumes that traffic coming in is untagged. Once that traffic ingresses into the port it is then tagged with the VLAN specified for that port. Does this sound right? It's just confusing how the SG switches describe the access mode ports as the PVID being untagged, when it actually is being tagged after data ingresses into the port.
  By the way, the layer 3 device is an ASA 5510, which is also performing DHCP for the VLAN.
  As you mentioned, I think my core issue is the upstream trunking configuration, which I'm looking into.
  Thanks for your help,
  Logan

• Port mirroring on A90-9100EM​15-10

  Hey all - 
      I have the A90-9100EM15-10 FiOS router and I'd like to setup port mirroring from the router if it has the capability (I know, I know...this is typically done from a switch).  Anyway, rather than purchase a managed switch or build a linux-based "switch" and place it inline, I'd be content with the ability to passively monitor traffic.  I prefer to monitor traffic both directions but outgoing would suffice. 
      Does anyone know if my model FiOS router has such a capability?
  Cheers,
  Eneg

  The 9100EM does not support port mirroring.
  You might want to find a hub and use that to mirror the traffic.
  http://shop.ebay.com/?_from=R40&_trksid=p5197.m570​.l1313&_nkw=ethernet+hub&_sacat=See-All-Categories
  Be careful though, many of those listed claim to be hubs are not and are in fact switches.