mirror of
https://github.com/vyos/vyos-documentation.git
synced 2025-10-26 08:41:46 +01:00
38 lines
1.4 KiB
Plaintext
38 lines
1.4 KiB
Plaintext
SPAN port mirroring can copy the inbound/outbound traffic of the interface to
|
|
the specified interface, usually the interface can be connected to some special
|
|
equipment, such as a behavior control system, intrusion detection system or
|
|
traffic collector, and can copy all related traffic from this port.
|
|
The benefit of mirroring the traffic is that the application is isolated from
|
|
the source traffic and so application processing does not affect the traffic
|
|
or the system performance.
|
|
|
|
VyOS uses the `mirror` option to configure port mirroring. The configuration
|
|
is divided into 2 different directions. Destination ports should be configured
|
|
for different traffic directions.
|
|
|
|
.. cfgcmd:: set interfaces {{ var0 }} <interface> mirror
|
|
ingress <monitor-interface>
|
|
|
|
Configure port mirroring for `interface` inbound traffic and copy the
|
|
traffic to `monitor-interface`
|
|
|
|
Example: Mirror the inbound traffic of `{{ var1 }}` port to `{{ var2 }}`
|
|
|
|
.. code-block:: none
|
|
|
|
set interfaces {{ var0 }} {{ var1 }} mirror ingress {{ var2 }}
|
|
|
|
.. cfgcmd:: set interfaces {{ var0 }} <interface> mirror egress
|
|
<monitor-interface>
|
|
|
|
Configure port mirroring for `interface` outbound traffic and copy the
|
|
traffic to `monitor-interface`
|
|
|
|
Example: Mirror the outbound traffic of `{{ var1 }}` port to `{{ var2 }}`
|
|
|
|
.. code-block:: none
|
|
|
|
set interfaces {{ var0 }} {{ var1 }} mirror egress {{ var2 }}
|
|
|
|
|