- Port mirroring
Port mirroring lets switch 'sniff' all traffic that is going in and out of one port (mirror-source) and send a copy of those packets out of some other port (mirror-target). This feature can be used to easily set up a 'tap' device that receives all traffic that goes in/out of some specific port. Note that mirror-source and mirror-target ports have to belong to same switch. (See which port belong to which switch in /interface ethernet switch port
menu). Also mirror-target can have a special 'cpu' value, which means that 'sniffed' packets should be sent out of switch chips cpu port. Port mirroring happens independently of switching groups that have or have not been set up.
- Port mirroring configuration example:
/interface ethernet switch set switch1 mirror-source=ether2 mirror-target=ether3
상기와 같은 설명에서,
1. mirror-source / target이 같은 스위치에 속해야만 한다는 의미가 동일 스위치 칩에 있어야 한다는 의미 인지요 ?
2. mirror-target이 cpu를 가진다는 의미가 mirror이 발생하면, 해당 소스 포트의 입출력 패킷은 mirror-source -> CPU -> mirror-target으로 흐르다는 의미 인지요 ?
아님 mirror-target은 bridge에 속하는 port여야 한다는 의미 인지요 ?
3. 미크로틱에서 mirror-source / target 중 1개가 switch group이나 briget에 속하여도, 미러링이 가능한지 궁금합니다.
감사합니다.
http://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features
RB3011 series¸¦ ¿¹·Î µé¸é 1¹ø Æ÷Æ®ÀÇ µ¥ÀÌÅ͸¦ Æ÷Æ® 5¹øÀ¸·Î´Â ¹Ì·¯¸µÀÌ µÇ´Âµ¥ 6¹øÀ¸·Î´Â ºÒ°¡´É ÇÑ °æ¿ìÀÔ´Ï´Ù.
2.
http://wiki.mikrotik.com/wiki/Manual:Packet_Flow
http://mum.mikrotik.com/presentations/IT14/starnowski.pdf
¸¦ Âü°íÇÏ½Ã¸é µµ¿òÀÌ µÇ½Ç°Í °°½À´Ï´Ù.