Overview
This chapter provides configuration procedures for ACL-based traffic mirroring to selectively monitor IPv4, IPv6, and MPLS traffic. These techniques enhance security and optimize resource usage by focusing on specific data flows defined by addresses, protocols, or port numbers.
It covers benefits like improved security and efficient resource use, details configuration guidelines and restrictions, and provides step-by-step procedures for setting up IPv4, IPv6, and Layer 3 ACLs.
ACL-based traffic mirroring
This section explains how ACL-based traffic mirroring allows for selective monitoring of specific traffic flows based on characteristics like IP addresses and protocols.
How ACL-based traffic mirroring works
This section explains the operational stages of ACL-based traffic mirroring and how the router processes defined rules. It describes how the system uses specific keywords and configurations to determine which packets are mirrored to the designated destination port.
Configure ACLs for traffic mirroring
Use this procedure to create and apply IPv4 or IPv6 access control lists for traffic mirroring. This task explains how to define permit actions for specific traffic patterns and attach the monitoring configuration to a SPAN source interface for ingress traffic.
Configure layer 3 ACL-based traffic mirroring
Use this procedure to configure traffic mirroring for Layer 3 Access Control Lists (ACLs). This task includes starting a monitor session, defining a tunnel destination, and applying the capture keyword within the ACL to initiate the mirroring of specific IPv4 traffic.
Attach a source interface
Use this procedure to attach a source interface to a monitor session for an Access Control List (ACL). This task covers entering interface configuration mode, applying the IPv4 access group, attaching a source interface, and specifying the direction of traffic to be replicated for monitoring.
Multiple SPAN ACL sessions for MPLS
This section explains the feature that allows monitoring and mirroring of ingress MPLS traffic by configuring multiple SPAN ACL sessions.