Remote Port Mirroring
Remote port mirroring does not require the source and destination ports to be on the same device. The
source and destination ports can be located on multiple devices across the network. This allows an
administrator to monitor traffic on remote devices conveniently.
To implement remote port mirroring, a special VLAN, called remote-probe VLAN, is used. All mirrored
packets are sent from the reflector port of the source switch to the monitor port on the destination switch
through the remote-probe VLAN.
Figure 46-2
illustrates the implementation of remote port mirroring.
Figure 46-2
Remote port mirroring application
Reflector Port
Source Port
Trunk Port
Destination Port
Remote-probe VLAN
Intermediate Switch
Source
Switch
Destination
Switch
The switches involved in remote port mirroring function as follows:
z
Source switch
The source switch is the device where the monitored port is located. It copies traffic passing through the
monitored port to the reflector port. The reflector port then transmits the traffic to an intermediate switch
(if any) or destination switch through the remote-probe VLAN.
z
Intermediate switch
Intermediate switches are switches between the source switch and destination switch on the network.
An intermediate switch forwards mirrored traffic flows to the next intermediate switch or the destination
switch through the remote-probe VLAN. No intermediate switch is present if the source and destination
switches directly connect to each other.
z
Destination switch
The destination switch is where the monitor port is located. The destination switch forwards the mirrored
traffic flows it received from the remote-probe VLAN to the monitoring device through the destination
port.
Table 46-1
describes how the ports on various switches are involved in the mirroring operation.
Table 46-1
Ports involved in the mirroring operation
Switch
Ports involved
Function
Source port
Port monitored. It copies packets to the reflector port
through local port mirroring. There can be more than
one source port.
Reflector port
Receives packets from the source port and
broadcasts the packets in the remote-probe VLAN.
Source switch
Trunk port
Sends mirrored packets to the intermediate switch
or the destination switch.
46-2