Skip to main content
Versa Networks

Configure NPU Traffic Mirroring

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.pngFor supported software information, click here.

Traffic mirroring lets you copy network traffic from an interface and send the traffic to out-of-band security and monitoring appliances for additional processing, including content inspection, threat monitoring, and troubleshooting. VOS devices that use network processing (NPU) switching hardware support traffic mirroring, also known as switched port analyzer (SPAN), in which the SPAN session sends a copy (mirror) of the traffic to another interface on the VOS device.

Encapsulated remote SPAN (ERSPAN) is a type of traffic mirroring in which the mirrored Layer 2 packets can be routed over a Layer 3 IP network. ERSPAN wraps the mirrored packets in IP frames using the Generic Routing Encapsulation (GRE) protocol. This enables mirroring of traffic to a monitoring node located anywhere across the routed network.

This outer frame provides the necessary information (like source and destination IP addresses) for routing the mirrored traffic across the network. The switch finds the outgoing port of the mirrored packets by looking up the destination IP address in its routing table. 

Configure SPAN

To configure SPAN:

  1. Select Director View in the top menu bar.
  2. Select Devices > Devices in the horizontal menu bar.
  3. Click the name of an appliance. The view changes to Appliance view.
  4. Select the Configuration tab in the top menu bar.
  5. Select Networking > NPU > Traffic Mirroring in the left menu bar.

    npu-traffic-mirroring.png
  6. Select the Policies tab in the horizontal menu.
  7. Click the + Add icon or button. In the Add Profiles popup window, enter information for the following fields.

    npu-traffic-mirroring-add-policy.png
     
    Field Description
    Name (Required) Enter a name for the NPU ACL traffic-mirroring policy.
    Description Enter a text description for the NPU traffic-mirroring policy rule.
  8. Click OK.
  9. Select the Rules tab in the horizontal menu bar.
  10. Click the + Add icon or button. The Add Rules popup window displays.

    npu-traffic-mirroring-add-rule.png
  11. Select the General tab, and then enter information for the following fields.
     
    Field Description
    Name (Required) Enter a name for the NPU ACL traffic mirroring policy.
    Description Enter a text description for the NPU ACL policy rule.
    Disable Rule Click to disable the rule when you commit the configuration.
  12. Select the Match tab, and then enter information for the following fields.

    npu-traffic-mirroring-add-rule-match-tab.png
     
    Field Description
    Match Direction (Group of Fields)  
    • Ingress
    		 Click to have the rule match incoming traffic.
    • Egress
    		 Click to have the rule match outgoing traffic.
    • Ingress Egress
    		 Click to have the rule match both incoming and outgoing traffic.
    Routing Instances (Tab) Select the routing instances to which to apply the rule.
    • + Add icon
    		 Click to add a new routing instance. The Add Routing Instances popup window displays.
    • Name
    		 Select the name of the routing instance.
    • Bridge Domain List
    		 Select the name of the bridge domain within the routing instance.
    • OK
    		 Click OK to add the new routing instance to the rule.
    Interfaces (Tab) Select the interfaces to which to apply the rule.The Add Interfaces popup window displays.
    • Name
    		 Select the name of the interface and interface port to which to apply the rule.
  13. Select the Set tab, and then enter information for the following fields.

    npu-traffic-mirroring-add-rule-set-tab.png
     
    Field Description
    Mirror Interface Name Select the name of the interface to which to mirror the traffic.
  14. Click OK.

Configure ERSPAN

To configure ERSPAN, you create a mirroring profile that defines the source and destination of the mirrored traffic. Then, you create a policy with rules for the traffic that you want to mirror. When you associate the policy with the profile, packets from the source that match the criteria in the rules are mirrored to the destination. 

To configure ERSPAN:

  1. In Director View:
    1. Select Configuration in the top menu bar.
    2. Select Devices > Devices in the horizontal menu bar.
    3. Click the name of an appliance. The view changes to Appliance view.
  2. Select Networking > NPU > Traffic Mirroring in the left menu bar. The following screen displays.

    erspan-1.png
     
  3. Select the Profiles tab in the center pane. The following screen displays.

    erspan-2.png
  4. Click the + Add icon to create a mirroring profile. 
  5. In the Create Profile window, enter information for the following fields.

    erspan-create-profile.png
     
    Field Description
    Name Enter a name for the mirroring profile.
    Type Select ERSPAN.
    Destination IP Address Enter the destination IP address, which is where you want to send the mirrored traffic.
    Source IP Address Enter the source IP address of the mirroring device.
    Routing Instance Enter the destination routing instance. 
    Default: Global
    DSCP

    Differentiated Services Code Point (DSCP) value for the traffic you want to mirror. 

    Default: be
    TTL Time to live of the mirrored traffic. 
    Truncate

    Select to truncate the mirrored traffic. When truncation is enabled, the maximum packet size is 226 bytes.

    Default: Disabled.
  6. Click OK. 
  7. Select the Policies tab in the horizontal menu.
  8. Click the + Add icon to create policy rules. 
  9. In the Add Policies popup window, enter information for the following fields.

    npu-traffic-mirroring-add-policy.png
     
    Field Description
    Name (Required) Enter a name for the ERSPAN policy.
    Description Enter a text description for the ERSPAN policy.
  10. Click OK.
  11. Select the Rules tab in the center pane.
  12. Click the + Add icon. The Add Rules popup window displays.

    npu-traffic-mirroring-add-rule.png
  13. Select the General tab, and then enter information for the following fields.
     
    Field Description
    Name (Required) Enter a name for the rule.
    Description Enter a text description for the rule.
    Disable Rule Click to disable the rule when you commit the configuration.
  14. Select the Match tab, and then enter information for the following fields.

    npu-traffic-mirroring-add-rule-match-tab.png
     
    Field Description
    Match Direction (Group of Fields)  
    • Ingress
    		 Click to have the rule match incoming traffic.
    • Egress
    		 Click to have the rule match outgoing traffic.
    • Ingress Egress
    		 Click to have the rule match both incoming and outgoing traffic.
    Routing Instances (Tab) Select the routing instances to which to apply the rule.
    • + Add icon
    		 Click to add a new routing instance. The Add Routing Instances popup window displays.
    • Name
    		 Select the name of the routing instance.
    • Bridge Domain List
    		 Select the name of the bridge domain within the routing instance.
    • OK
    		 Click OK to add the new routing instance to the rule.
    Interfaces (Tab) Select the interfaces to which to apply the rule.The Add Interfaces popup window displays.
    • Name
    		 Select the name of the interface and interface port to which to apply the rule.
  15. Select the Set tab, and then select the name of the interface to which to mirror the traffic.

    npu-traffic-mirroring-add-rule-set-tab.png
  16. Click OK.

Supported Software Information

Releases 22.1.1 and later support all content described in this article, except:

  • Release 22.1.4 adds support for ERSPAN. 
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
    Product
    Director
  2. Tags
    This page has no tags.