Cisco IOS XR Interface and Hardware Component Command Reference for the Cisco CRS Router, Release 4.3.x
Traffic Mirroring Commands on the Cisco IOS XR Software
Downloads: This chapterpdf (PDF - 1.21MB) The complete bookPDF (PDF - 8.24MB) | Feedback

Traffic Mirroring Commands on the Cisco IOS XR Software

Traffic Mirroring Commands on the Cisco IOS XR Software

This module describes the commands used to configure and monitor traffic mirroring.

acl

To configure ACL-based traffic mirroring, use the acl command in monitor session configuration mode. To stop ACL-based traffic mirroring, use the no form of this command.

acl

Syntax Description

This command has no keywords or arguments.

Command Default

No default behavior or values

Command Modes

Monitor session configuration

Command History

Release

Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

If you use the acl command, traffic is mirrored according to the definition of the global interface access list (ACL) defined in one of the following commands: ipv4 access-list, ipv6 access-list, ethernet-services access-list.

Even when the acl command is configured on the source mirroring port, if the ACL configuration command does not use the capture keyword, no traffic gets mirrored.

If the ACL configuration uses the capture keyword, but the acl command is not configured on the source port, although traffic is mirrored, no access list configuration is applied.

Examples

This example shows how to configure ACL-based traffic mirroring on the interface:

RP/0/RP0/CPU0:router(config)# monitor-session tm_example 
RP/0/RP0/CPU0:router(config)# ethernet-services access-list tm_filter 
RP/0/RP0/CPU0:router(config-es-acl)# 10 deny 0000.1234.5678 0000.abcd.abcd any capture 
RP/0/RP0/CPU0:router(config-es-acl)# exit 
RP/0/RP0/CPU0:router(config)# interface GigabitEthernet0/2/0/0 
RP/0/RP0/CPU0:router(config-if)# monitor-session tm_example direction rx-only 
RP/0/RP0/CPU0:router(config-if)# acl 
RP/0/RP0/CPU0:router(config-if)# l2transport 
RP/0/RP0/CPU0:router(config-if-l2)# exit 
RP/0/RP0/CPU0:router(config-if)# ethernet-services access-group tm_filter ingress 
RP/0/RP0/CPU0:router(config-if)# end 

Related Commands

Command

Description

ethernet-services access-list

Defines an Ethernet services (Layer 2) access list by name.

ipv4 access-list

Defines an IPv4 access list by name.

ipv6 access-list

Defines an IPv6 access list by name.

clear monitor-session counters

To clear the traffic mirroring session statistics, use the clear monitor-session counters command in EXEC mode.

clear monitor-session counters [session-name] { ipv4 | ipv6 }

Syntax Description

interface

Identifies the interface for which the counters are to be cleared.

type

Interface type. For more information, use the question mark (?) online help function.

interface-path-id

Physical interface or virtual interface.

Note   

Use the show interfaces command to see a list of all interfaces currently configured on the router.

For more information about the syntax for the router, use the question mark (?) online help function.

session-name

Name of the monitor session to clear.

ipv4

Specifies an ipv4 address.

ipv6

Specifies an ipv6 address.

Command Default

All stored statistics for all interfaces are cleared.

Command Modes

EXEC

Command History

Release

Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Task ID

Task ID

Operations

interface

read

Examples

This example shows how to clear the traffic mirroring statistic counters:

 RP/0/RP0/CPU0:routerclear monitor-session mon1 ipv6 counters
   

destination next-hop

To configure the destination address for the monitor-session, use the destination next-hop command in the monitor session configuration mode.

destination next-hop ip address

Syntax Description

ip address

Specifies a valid IPv4 or IPv6 address and configures the destination for the current monitor-session to be a next-hop IP address (whose type matches that of the monitor-session).

Command Default

No default behavior or values

Command Modes

Monitor session configuration

Command History

Release Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

This may only be specified for ipv4 and ipv6 monitor-sessions. A monitor session can be either for IPv4 or for IPv6. It cannot support both together.

Task ID

Task ID Operation

ethernet-services

read, write

Examples

This example shows how to execute the destination next-hop command:

RP/0/RP0/CPU0:routerconfigure
RP/0/RP0/CPU0:routerdestination next-hop ipv4 254.23.24.5

mirror first

To configure partial traffic mirroring, use the mirror first command in monitor session configuration mode. To stop mirroring a portion of the packet, use the no form of this command.

mirror first bytes

Syntax Description

bytes

Number of bytes mirrored. Values can range from 65 to 256.

Command Default

The entire packet is mirrored.

Command Modes

Monitor session configuration

Command History

Release

Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Use the mirror first command to mirror the first 64 to 256 bytes of the packet. The actual mirrored packet is the configured partial packet monitoring size plus the 4-byte trailing CRC.

Examples

This example shows how to mirror the first 100 bytes of the packet:

RP/0/RP0/CPU0:router(config)# interface gigabitethernet0/0/0/11 
RP/0/RP0/CPU0:router(config-if)# monitor-session mon1 
RP/0/RP0/CPU0:router(config-if-mon)# mirror first 100 
  

Related Commands

Command

Description

monitor-session

Defines a traffic mirroring session and enter monitor session configuration mode.  

monitor-session

To define a traffic mirroring session and enter monitor session configuration mode, use the monitor-session command in global configuration mode. To remove the traffic mirroring session, use the no form of this command.

monitor-session session-name { ipv4 | ipv6 }

no monitor-session session-name

Syntax Description

session-name

Name of the monitor session to configure.

ipv4

Specifies an ipv4 address as destination.

ipv6

Specifies an ipv6 address as destination.

Command Default

No default behavior or values

Command Modes

Global configuration

Command History

Release

Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Before you can assign a monitor session to a specific interface, you must configure it using the monitor-session command. The session-name should not be the same as any interface name.

In monitor session configuration mode, you should define the destination interface to be used in the traffic mirroring session using the destination command.

This commands triggers entry in to the monitor-session sub-mode and creates the session. The session will be non-operable until a destination is configured for the session. The destination can be either IPv4 or IPv6.

Examples

This example shows how to enter monitor session configuration mode:

RP/0/RP0/CPU0:router(config)# monitor-session mon1
RP/0/RP0/CPU0:router(config-mon)#
   

Related Commands

Command

Description

destination next-hop

Configures the destination for the current monitor-session.  

monitor-session (interface)

To associate a traffic mirroring session with a specific interface, use the monitor-session command in interface configuration mode. To remove the association between a traffic mirroring session and an interface, use the no form of this command.

monitor-session session-name { ipv4 | ipv6 } [ direction { rx-only } ]

Syntax Description

session-name

Name of the monitor session to configure.

direction

Specifies that traffic replication is in only one direction.

rx-only

Specifies that only ingress traffic is replicated.

ipv4

Indicates that ipv4 traffic needs to be monitored.

ipv6

Indicates that ipv6 traffic needs to be monitored.

Command Default

Replicates both ingress and egress traffic.

Command Modes

Interface configuration

Command History

Release

Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Before you can associate a traffic mirroring session to a specific interface, you must define it using the monitor-session global configuration command. Once the traffic mirroring session is defined, use the monitor-session interface configuration command to associate this session with a specific source interface. Once associated, all specified traffic on the interface is then replicated to the destination location defined in the monitor session configuration.

The monitor-session interface configuration command also enters monitor session configuration mode for you to configure additional features of the mirroring session.

Task ID

Task ID

Operations

interface

read, write

Examples

This example shows a sample configuration of the monitor-session command in the interface configuration mode:

RP/0/RP0/CPU0:router# configure 
RP/0/RP0/CPU0:router(config)# interface gigabitethernet0/2/0/0
RP/0/RP0/CPU0:router(config-if)# monitor-session test ipv4 rx-only 
RP/0/RP0/CPU0:router(config-if)# acl

 

Related Commands

Command

Description

monitor-session

Defines a traffic mirroring session and enter monitor session configuration mode.  

show monitor-session status

To display status information about configured traffic mirroring sessions, use the show monitor-session status command in EXEC mode.

show monitor-session [session-name] status [detail] [errors]

Syntax Description

session-name

Name of the monitor session to configure.

detail

Displays the full error string for any errors.

errors

Displays all sessions, but only source interfaces with errors are displayed (if no source interfaces have errors, then 'No errors' is displayed).

Command Default

No default behavior or values

Command Modes

EXEC

Command History

Release

Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

The show monitor-sessions status command displays the following information:

  • Destination information for the session (including the name of the interface).
  • Destination status (interface state).
  • List of source interfaces.
  • Any other status information that may be pertinent, such as a software or hardware error that would stop sessions operating correctly. If an error is returned from interactions with another component, then the full error string is only displayed in detail output; standard tabular output reports that there has been an error but refers the user to the detailed output.

Examples

This example shows the sample output for the show monitor-session status detail command:

RP/0/RP0/CPU0:router show monitor-session status detail

Monitor-session foo
  Destination interface GigabitEthernet 0/0/0/0
  Source Interfaces
  -----------------
  GigabitEthernet 0/1/0/0.100:
    Direction: Both
    Status:    Operating
  GigabitEthernet 0/2/0/0.200:
    Direction: Rx
    Status:    Error: <blah>

Monitor session bar
  No destination configured
  Source Interfaces
  -----------------
  GigabitEthernet 0/3/0/0.100:
    Direction: Rx
    Status:    Not operational(no destination interface)

show monitor-session counters

To display statistics regarding traffic mirroring sessions, use the show monitor-session counters command in EXEC mode.

show monitor-session [session-name] { ipv4 | ipv6 } counters

Syntax Description

session-name

Name of the monitor session to configure.

ipv4

Specifies the counters of next-hop ipv4 address associated with a monitor-session.

ipv6

Specifies the counters of next-hop ipv6 address associated with a monitor-session.

Command Default

If you do not specify an address, the IPv4 counters are displayed.

Command Modes

EXEC

Command History

Release

Modification

Release 4.3.0

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

The show monitor-sessions counters command displays a list of all source interfaces, and the replicated packet statistics for each interface. The full set of statistics displayed for each interface is:

  • Ingress replicated packets and octets
  • Egress replicated packets and octets
  • Non-replicated packets and octets

Examples

This example shows sample output from the show monitor-session counters command:

RP/0/RP0/CPU0:router show monitor-session 2 counters
 
Global Non Replicated : 100 Packets 8000 Bytes
Monitor session test1 ipv4
      Next Hop : 20.1.1.1               
      Rx Replicated: 100 Packets 8000 Bytes
Monitor session test2
      Next Hop : 30.1.1.1
      Rx Replicated: 200 Packets 16000 Bytes