blob: 265949846b650195eaff0e62bc603e6186641a1b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
SPAN port mirroring can copy the inbound/outbound traffic of the interface to
the specified interface, usually the interface can be connected to some special
equipment, such as a behavior control system, intrusion detection system or
traffic collector, and can copy all related traffic from this port.
The benefit of mirroring the traffic is that the application is isolated from
the source traffic and so application processing does not affect the traffic
or the system performance.
VyOS uses the `mirror` option to configure port mirroring. The configuration
is divided into 2 different directions. Destination ports should be configured
for different traffic directions.
.. cfgcmd:: set interfaces {{ var0 }} <interface> mirror
ingress <monitor-interface>
Configure port mirroring for `interface` inbound traffic and copy the
traffic to `monitor-interface`
Example: Mirror the inbound traffic of `{{ var1 }}` port to `{{ var2 }}`
.. code-block:: none
set interfaces {{ var0 }} {{ var1 }} mirror ingress {{ var2 }}
.. cfgcmd:: set interfaces {{ var0 }} <interface> mirror egress
<monitor-interface>
Configure port mirroring for `interface` outbound traffic and copy the
traffic to `monitor-interface`
Example: Mirror the outbound traffic of `{{ var1 }}` port to `{{ var2 }}`
.. code-block:: none
set interfaces {{ var0 }} {{ var1 }} mirror egress {{ var2 }}
|
