No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Troubleshooting Guide

CloudEngine 16800, 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Why Does MAC Address Learning Need to Be Disabled When Layer 2 Remote Port Mirroring Is Configured in Some Scenarios?

Why Does MAC Address Learning Need to Be Disabled When Layer 2 Remote Port Mirroring Is Configured in Some Scenarios?

First, you need to understand how mirrored packets are forwarded to the monitoring device after Layer 2 remote port mirroring is configured.

As shown in Figure 22-112, in Layer 2 remote port mirroring, the remote observing port receives the mirrored packets from the mirrored port, adds another VLAN tag (VLAN 10) to the packets tagged with VLAN 20, and then forwards the mirrored packets to the server by following the Layer 2 forwarding process. The destination MAC address of mirrored packets is the same as that of the original packets, but not the server's MAC address. To reach the server, the mirrored packets must be treated as unknown unicast packets and forwarded in broadcast mode. The mirrored packets can be forwarded to the server in broadcast mode as long as the MAC address table of VLAN 10 contains no entry matching the destination MAC address of the mirrored packets.
Figure 22-112 Mirrored packet forwarding in a Layer 2 remote port mirroring scenario

In most Layer 2 remote mirroring scenarios, intermediate devices will not learn destination MAC addresses of mirrored packets in the corresponding VLANs. This means that mirrored packets can be forwarded to the monitoring devices in broadcast mode. In the following scenarios, however, Layer 2 remote port mirroring will fail because destination MAC addresses of mirrored packets can be learned in the corresponding VLANs.

  • The original service traffic and mirrored traffic are forwarded in the same VLAN.

    Figure 22-113 Layer 2 remote port mirroring fails when the original service traffic and mirrored traffic are forwarded in the same VLAN
    As shown in Figure 22-113, a company configures Layer 2 remote port mirroring on SwitchA to monitor the traffic sent from employees in the R&D department to the DNS server. The original traffic and mirrored traffic are both forwarded through VLAN 10. When SwitchA receives the packets sent from HostA to the DNS server, it copies the packets and forwards the mirrored packets in VLAN 10. The mirrored packets and original packets all use the MAC address of the DNS server as the destination MAC address. SwitchB between HostA and the DNS server learns the MAC address entry matching the DNS server. Therefore, SwitchB forwards the mirrored packets with the destination MAC address set to the DNS server MAC address according to the learned MAC address entry in VLAN 10. As a result, Layer 2 remote port monitoring fails.
    To resolve this problem, use different VLANs to forward the original service traffic and mirrored traffic, as shown in Figure 22-114. If the original service traffic and mirrored traffic need to be forwarded in the same VLAN, run the mac-address learning disable command on the intermediate devices to disable MAC address learning in this VLAN. However, disabling MAC address learning will cause a waste of link bandwidth.
    Figure 22-114 Original service traffic and mirrored traffic are forwarded in different VLANs
  • Mirrored packets from different source MAC addresses are forwarded in the same VLAN.

    Figure 22-115 Layer 2 remote port mirroring fails when mirrored packets from different source MAC addresses are forwarded in the same VLAN
    As shown in Figure 22-115, a company configures Layer 2 remote port mirroring on SwitchA and SwitchC to monitor communication traffic between the R&D and marketing departments. All mirrored packets are forwarded in VLAN 10, and the original communication traffic between the two departments is forwarded in another VLAN. When packets sent from downstream hosts arrive at the mirrored port on SwitchA and SwitchC, SwitchA and SwitchC copy the packets and forward the mirrored packets in VLAN 10. Source MAC addresses of the mirrored packets are MAC addresses of sender hosts, which can be learned in the MAC address table of SwitchB. Because destination MAC addresses of the mirrored packets are MAC addresses of destination hosts, SwitchB forwards the mirrored packets according to the matching entries found in its MAC address table. Layer 2 remote port mirroring fails.
    Use any of the following methods to solve the preceding problem:
    • Run the mac-address learning disable command on SwitchB to disable MAC address learning in VLAN 10. Figure 22-116 shows the packet flows after MAC address learning is disabled in VLAN 10.
      Figure 22-116 MAC address learning is disabled in VLAN 10
    • Configure port mirroring on SwitchB: configure the ports connected to SwitchA and SwitchC as mirrored ports, and configure the port connected to the monitoring server as a local observing port. Figure 22-117 shows the packet flow after port mirroring is configured on SwitchB.
      Figure 22-117 Local port mirroring is configured on SwitchB
    • Use different VLANs to forward the mirrored packets in different directions, as shown in Figure 22-118.
      Figure 22-118 Mirrored packets in different directions are forwarded in different VLANs
Translation
Download
Updated: 2020-01-07

Document ID: EDOC1000060766

Views: 611811

Downloads: 2956

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next