I have an NCS5700 device with a sub-interface configured as follows:
RP/0/RP0/CPU0#show interfaces HundredGigE 0/0/0/5.2110
Sat Sep 7 05:39:09.420 UTC
HundredGigE0/0/0/5.2110 is up, line protocol is up
Interface state transitions: 1
Hardware is VLAN sub-interface(s), address is bc2c.e69a.9418
Layer 2 Transport Mode
MTU 9220 bytes, BW 100000000 Kbit (Max: 100000000 Kbit)
reliability Unknown, txload Unknown, rxload Unknown
Encapsulation 802.1Q Virtual LAN,
Outer Match: Dot1Q VLAN 2110
Ethertype Any, MAC Match src any, dest any
loopback not set,
Last link flapped 02:02:33
Last input 00:03:20, output 00:03:20
Last clearing of "show interface" counters never
212 packets input, 22438 bytes
0 input drops, 0 queue drops, 0 input errors
89976182 packets output, 10074218878 bytes
0 output drops, 0 queue drops, 0 output errorsA monitor session is then configured using the aforementioned sub-interface as the source port.
Monitor-session mon_xxx
Destination interface TwentyFiveGigE0/0/0/10/2
Source Interfaces
-----------------
HundredGigE0/0/0/5.2110
Direction: Both
Port level: False
ACL match: Disabled
IPv4 ACL: Disabled
IPv6 ACL: Disabled
MPLS ACL: Disabled
Portion: Full packet
Interval: Mirror all packets
Mirror drops: Disabled
Status: Operational
When sending ping traffic through the VLAN interface, only the inbound packets are visible on the destination interface.(TwentyFiveGigE0/0/0/10/2).
05:50:19.091744 02:37:be:04:de:bf (oui Unknown) > bc:2c:e6:9a:94:82 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.1.2 > 10.128.129.2: ICMP echo request, id 19, seq 1, length 64
05:50:20.093109 02:37:be:04:de:bf (oui Unknown) > bc:2c:e6:9a:94:82 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.1.2 > 10.128.129.2: ICMP echo request, id 19, seq 2, length 64
05:50:21.094458 02:37:be:04:de:bf (oui Unknown) > bc:2c:e6:9a:94:82 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.1.2 > 10.128.129.2: ICMP echo request, id 19, seq 3, length 64
05:50:22.095805 02:37:be:04:de:bf (oui Unknown) > bc:2c:e6:9a:94:82 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.1.2 > 10.128.129.2: ICMP echo request, id 19, seq 4, length 64
The inbound and outbound traffic should be on the VLAN interface. If the monitor session has the main interface configured as the source port, then both inbound and outbound packets are visible on the destination interface.
Monitor session
Monitor-session mon_yyy
Destination interface TwentyFiveGigE0/0/0/10/2
Source Interfaces
-----------------
HundredGigE0/0/0/5
Direction: Both
Port level: False
ACL match: Disabled
IPv4 ACL: Disabled
IPv6 ACL: Disabled
MPLS ACL: Disabled
Portion: Full packet
Interval: Mirror all packets
Mirror drops: Disabled
Status: OperationalThe captured traffic.
05:45:32.948502 02:37:be:04:de:bf (oui Unknown) > bc:2c:e6:9a:94:82 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.1.2 > 10.128.129.2: ICMP echo request, id 18, seq 2, length 64
05:45:32.969744 bc:2c:e6:9a:94:82 (oui Unknown) > 02:37:be:04:de:bf (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.129.2 > 10.128.1.2: ICMP echo reply, id 18, seq 2, length 64
05:45:33.949833 02:37:be:04:de:bf (oui Unknown) > bc:2c:e6:9a:94:82 (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.1.2 > 10.128.129.2: ICMP echo request, id 18, seq 3, length 64
05:45:33.971109 bc:2c:e6:9a:94:82 (oui Unknown) > 02:37:be:04:de:bf (oui Unknown), ethertype 802.1Q (0x8100), length 102: vlan 2110, p 0, ethertype IPv4, 10.128.129.2 > 10.128.1.2: ICMP echo reply, id 18, seq 3, length 64
Could anyone help me understand why the outbound packets (ICMP echo reply) are not duplicated to the destination interface?
