S1720, S2700, S3700, S5700, S6700, S7700, and S9700

Series Switches
Common Operation Guide 5 Common Mirroring Operations

5 Common Mirroring Operations

About This Chapter

5.1 Configuring an Observing Port

5.2 Configuring Port Mirroring
5.3 Configuring Traffic Mirroring
5.4 Deleting the Mirroring Configuration

5.1 Configuring an Observing Port

A physical port must be configured as an observing port before the mirroring function is
configured. You can configure a single observing port or multiple observing ports in a batch.
Observing ports configured in a batch are added to an observing port group. After a mirrored
port is configured, the mirrored port is bound to the observing port group. Therefore, such
batch configuration is usually performed in 1:N mirroring to simplify the configuration.

Configuring a Single Observing Port

l Configure a local observing port, which directly connects to a monitoring device.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1

l Configure a Layer 2 remote observing port, which forwards mirroring packets to a

monitoring device across a Layer 2 network.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1 vlan 10

Configure Observing Ports in a Batch (only in V200R005 and Later Versions)

l Configure local observing ports in a batch, which directly connect to monitoring devices.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface-range gigabitethernet 1/0/1 to
gigabitEthernet 1/0/3

l Configure Layer 2 remote observing ports, which forward mirroring packets to

monitoring devices across a Layer 2 network.

Issue 17 (2018-08-17) Copyright © Huawei Technologies Co., Ltd. 23

S1720, S2700, S3700, S5700, S6700, S7700, and S9700
Series Switches
Common Operation Guide 5 Common Mirroring Operations

<HUAWEI> system-view
[HUAWEI] observe-port 1 interface-range gigabitethernet 1/0/1 to
gigabitEthernet 1/0/3 vlan 10

5.2 Configuring Port Mirroring

In port mirroring, packets passing through mirrored ports are copied and then sent to specified
observing ports for analysis and monitoring. Port mirroring is classified into local port
mirroring and Layer 2 remote port mirroring based on observing ports. For details about
configuring local observing ports and Layer 2 remote observing ports, see 5.1 Configuring
an Observing Port. The following example configures local port mirroring. For details about
configuration examples, see "Typical Mirroring Configuration" in the Typical Configuration
Examples - Typical Network Management and Monitoring Configuration.

Configuring 1:1 Port Mirroring

You can copy packets on a mirrored port to an observing port. For example, copy incoming
packets (received packets) on mirrored port GE2/0/1 to observing port GE1/0/1. GE1/0/1 is
directly connected to a monitoring device.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 1 inbound

Configuring 1:N Port Mirroring

You can copy packets on one mirrored port to N observing ports. For example, copy incoming
packets (received packets) on mirrored port GE2/0/1 to observing ports GE1/0/1 through
GE1/0/3. These observing ports are directly connected to monitoring devices.
l Configure observing ports one by one.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1
[HUAWEI] observe-port 2 interface gigabitethernet 1/0/2
[HUAWEI] observe-port 3 interface gigabitethernet 1/0/3
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 2 inbound
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 3 inbound

l Configure observing ports in a batch (only in V200R005 and later versions).

<HUAWEI> system-view
[HUAWEI] observe-port 1 interface-range gigabitethernet 1/0/1 to
gigabitEthernet 1/0/3
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 1 inbound

Configuring N:1 Port Mirroring

You can copy packets on N mirrored ports to one observing port. For example, copy incoming
packets (received packets) on mirrored ports GE2/0/1 through GE2/0/3 to observing port
GE1/0/1. GE1/0/1 is directly connected to a monitoring device.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet2/0/1] quit

Issue 17 (2018-08-17) Copyright © Huawei Technologies Co., Ltd. 24

S1720, S2700, S3700, S5700, S6700, S7700, and S9700
Series Switches
Common Operation Guide 5 Common Mirroring Operations

[HUAWEI] interface gigabitethernet 2/0/2

[HUAWEI-GigabitEthernet2/0/2] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet2/0/2] quit
[HUAWEI] interface gigabitethernet 2/0/3
[HUAWEI-GigabitEthernet2/0/3] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet2/0/3] quit

Related Content
Support Community
Mirroring – an Effective Network Monitoring Tool (Working Mechanism and
Configuration)
Videos
How to Configure Port Mirroring

5.3 Configuring Traffic Mirroring

Traffic mirroring is a feature that copies a specified type of packets received and sent by
devices, ports, or VLANs to observing ports connected to monitoring devices. Monitoring
devices monitor only the specified type of packets. Traffic mirroring can be configured based
on ACLs and Modular Quality of Service Command-Line Interface (MQC) (complex traffic
classification). ACL-based traffic mirroring is easy to configure but supports fewer packets
types than MQC-based traffic mirroring and supports only inbound traffic mirroring. MQC-
based traffic mirroring is complex to configure but supports more packet types and the
inbound, outbound traffic mirroring.
Traffic mirroring is classified into local traffic mirroring and Layer 2 remote traffic mirroring
based on observing ports. For details about configuring local observing ports and Layer 2
remote observing ports, see 5.1 Configuring an Observing Port. The following example
configures local traffic mirroring. For details about configuration examples, see "Typical
Mirroring Configuration" in the Typical Configuration Examples - Typical Network
Management and Monitoring Configuration.

Implementing traffic mirroring using ACLs

1. 5.1 Configuring an Observing Port. For example, configure a local observing port
GE1/0/1 that is directly connected to a monitoring device.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1

2. Create an ACL. For example, create a Layer 2 ACL to match packets with 802.1p
priority 6.
[HUAWEI] acl 4001
[HUAWEI-acl-L2-4001] rule permit 8021p 6
[HUAWEI-acl-L2-4001] quit

3. Configure traffic mirroring. For example:

– Copy packets with 802.1p priority 6 in the inbound direction of all the ports on the
device to observing port GE1/0/1.
[HUAWEI] traffic-mirror inbound acl 4001 to observe-port 1

– Copy packets with 802.1p priority 6 in the inbound direction of all the ports in
VLAN 10 to observing port GE1/0/1.
[HUAWEI] traffic-mirror vlan 10 inbound acl 4001 to observe-port 1

Issue 17 (2018-08-17) Copyright © Huawei Technologies Co., Ltd. 25

S1720, S2700, S3700, S5700, S6700, S7700, and S9700
Series Switches
Common Operation Guide 5 Common Mirroring Operations

– Copy packets with 802.1p priority 6 in the inbound direction of GE2/0/1 to

observing port GE1/0/1.
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] traffic-mirror inbound acl 4001 to observe-
port 1

Implementing Traffic Mirroring Using Complex Traffic Classification

1. 5.1 Configuring an Observing Port. For example, configure a local observing port
GE1/0/1 that is directly connected to a monitoring device.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1

2. Create a traffic classifier. For example, create a traffic classifier c1 to match packets with
802.1p priority 6.
[HUAWEI] traffic classifier c1
[HUAWEI-classifier-c1] if-match 8021p 6
[HUAWEI-classifier-c1] quit

3. Create a traffic behavior with the mirroring action. For example, create a traffic behavior
b1 and set the action to traffic mirroring.
[HUAWEI] traffic behavior b1
[HUAWEI-behavior-b1] mirroring to observe-port 1
[HUAWEI-behavior-b1] quit

4. Create a traffic policy and bind the traffic classifier and traffic behavior to the traffic
policy. For example, create a traffic policy p1 and bind the traffic classifier and traffic
behavior to the traffic policy.
[HUAWEI] traffic policy p1
[HUAWEI-trafficpolicy-p1] classifier c1 behavior b1
[HUAWEI-trafficpolicy-p1] quit

5. Apply the traffic policy. For example:

– Copy packets with 802.1p priority 6 in the inbound direction of all the ports on the
device to observing port GE1/0/1.
[HUAWEI] traffic-policy p1 global inbound

– Copy packets with 802.1p priority 6 in the inbound direction of all the ports in
VLAN 10 to observing port GE1/0/1.
[HUAWEI] vlan 10
[HUAWEI-vlan10] traffic-policy p1 inbound

– Copy packets with 802.1p priority 6 in the inbound direction of GE2/0/1 to

observing port GE1/0/1.
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] traffic-policy p1 inbound

5.4 Deleting the Mirroring Configuration

If you want to delete the mirroring configuration after using the mirroring function, you can
perform the following operations:
1. Run the display current-configuration command to check the current mirroring
configuration. For example, you can view the following mirroring configuration.
<HUAWEI> display current-configuration
#
vlan batch 10 20 30
#
observe-port 2 interface GigabitEthernet1/0/1
...

Issue 17 (2018-08-17) Copyright © Huawei Technologies Co., Ltd. 26

S1720, S2700, S3700, S5700, S6700, S7700, and S9700
Series Switches
Common Operation Guide 5 Common Mirroring Operations

...
#
interface GigabitEthernet1/0/1
#
interface GigabitEthernet1/0/2
...
...
#
interface GigabitEthernet2/0/1
port-mirroring to observe-port 2 inbound
#
...
...

2. Run the undo port-mirroring command on the mirrored port to delete the binding
between the observing port and mirrored port and restore the mirrored port as a common
port. For example, restore GE2/0/1 in step 1 to a common port.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] undo port-mirroring to observe-port 2 inbound
[HUAWEI-GigabitEthernet2/0/1] quit

3. Run the undo observe-port command in the system view to delete the observing port.
For example, delete the observing port in step 1 and restore GE1/0/1 to a common port.
[HUAWEI] undo observe-port 2

You can delete the observing port only after deleting the binding between the observing
port and mirrored port.

Issue 17 (2018-08-17) Copyright © Huawei Technologies Co., Ltd. 27