Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2314
Views
10
Helpful
3
Replies

ASR bvi interface and port monitor

Go to solution
feableee123
Level 1
Level 1

‎01-25-2013 05:24 AM

Hello,

I have few subnets connected to asr subinterfaces - then strip off vlan information, and all subnets are in the same bridge domain and have common

gateway -BVI 100.

What I need is monitor all IP traffic that pass through Gateway to internet. With L3 interface I used to configure "port monitor" but with BVI I dont have

monitor port option. I Considered also loopback interface except BVI but it dont support monitor port either.

Configuration is below. Any suggestions about monitor that traffic ?

subnet (vlan 100) ----------  g0/1/0/1.100 l2transport --

                                                                                    |----------- BVI 100 (Gateway) ------

subnet (vlan 200) ----------  g0/1/0/1.200 l2transport --

interface GigabitEthernet0/1/0/1.100 l2transport

encapsulation dot1q 100

rewrite ingress tag pop 1 symmetric

nterface GigabitEthernet0/1/0/1.200 l2transport

  encapsulation dot1q 100

rewrite ingress tag pop 1 symmetric

interface BVI100

ipv4 address 192.168.0.1 255.255.255.0

l2vpn

bridge group TEST

  bridge-domain te1

   interface GigabitEthernet0/1/0/1.100

   interface GigabitEthernet0/1/0/1.200

   routed interface BVI100

regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Alexei Kiritchenko
Cisco Employee
Cisco Employee

‎01-25-2013 08:23 AM

Hello Jarek,

You can configure a monitor session under l2transport subinterface

ASR9000/XR: How to use Port Spanning or Port Mirroring

https://supportforums.cisco.com/docs/DOC-15772

Regads,

/A

View solution in original post

3 Replies 3

Go to solution
Alexei Kiritchenko
Cisco Employee
Cisco Employee

‎01-25-2013 08:23 AM

Hello Jarek,

You can configure a monitor session under l2transport subinterface

ASR9000/XR: How to use Port Spanning or Port Mirroring

https://supportforums.cisco.com/docs/DOC-15772

Regads,

/A

Go to solution
feableee123
Level 1
Level 1
In response to Alexei Kiritchenko

‎01-28-2013 04:28 AM

Do You know if you configure two l2transport subinterfaces  (vlan 100 and 200) as a source  than on destination port you have traffic encapsulated with 8021.q tags 100 and 200 ? Do I need another switch connected to destination port to correctly gather traffic from both vlans ?

regards,

0 Helpful

Go to solution
Alexei Kiritchenko
Cisco Employee
Cisco Employee
In response to feableee123

‎01-28-2013 06:24 AM

traffic would be mirrored as is, so VLAN tags would be preserved. Either you can connect you sniffer directly to the destination port and you’d see traffic with vlans 100 and 200 or you may do kind of r-span and yet push 2nd tag to allow your mirrored traffic to go though set of switches to the sniffer.

r-span example:

!

interface TenGigE0/2/0/0.3 l2transport

encapsulation dot1q 100

rewrite ingress tag pop 1 symmetric

monitor-session akspan

!

monitor-session akspan

destination interface GigabitEthernet0/7/1/17.1095

!

interface GigabitEthernet0/7/1/17.1095 l2transport

encapsulation dot1q 1095

rewrite ingress tag pop 1 symmetric

!

Here I mirror VLAN 100 traffic and yet we push 2nd tag when packets are sent out of GigabitEthernet0/7/1/17.1095, so we’d have on wire {1095,100} tags.

Regards,

/A

Please visit http://cisco.com/go/testdrive or contact your account rep to schedule nV tech demo.

Customers Also Viewed These Support Documents