...
Additionally, you can set the mirror-target
port to a special value "cpu", which means that the copied packets will be sent to the switch chip's CPU port.
Configuration examples
There are various methods for mirroring specific types of traffic, and below are some common examples of how mirroring can be used.
Port Based Mirroring
Starting from RouterOS version 7.15, it is possible to configure multiple source ports and selectively choose whether to mirror incoming traffic, outgoing traffic, or both. In this example, both incoming and outgoing traffic from the ether2 interface will be copied and sent to the ether3 interface for monitoring or analysis.
...
Sub-menu:
/interface/ethernet/switch
Property | Description |
---|---|
mirror-target (cpu | name | none; Default:none) | Selects a single mirroring target port. Packets from |
rspan (no | yes; Default: no) | Enables Remote Switch Port Analyzer (RSPAN) feature on mirror-target . Traffic marked for ingress or egress mirroring is carried over a specified remote analyzer VLAN - rspan-egress-vlan-id and rspan-ingress-vlan-id . |
rspan-egress-vlan-id (integer: 1..4095; Default: 1) | Selects the VLAN ID for marked egress traffic. Only applies when rspan is enabled. |
rspan-ingress-vlan-id (integer: 1..4095; Default: 1) | Selects the VLAN ID for marked ingress traffic. Only applies when rspan is enabled. |
Sub-menu:
/interface/ethernet/switch/port
Property | Description |
---|---|
mirror-egress (no | yes; Default: no) | Whether to send egress packet copy to the |
mirror-ingress (no | yes; Default: no) | Whether to send ingress packet copy to the |
Sub-menu:
/interface/ethernet/switch/rule
Property | Description |
---|---|
mirror (no | yes; Default: no) | Whether to send a packet copy to mirror-target port. |
Traffic Shaping
...
It is possible to limit ingress traffic that matches certain parameters with ACL rules and it is possible to limit ingress/egress traffic per port basis. The policer is used for ingress traffic, the shaper is used for egress traffic. The ingress policer controls the received traffic with packet drops. Everything that exceeds the defined limit will get dropped. This can affect the TCP congestion control mechanism on end hosts and achieved bandwidth can be actually less than defined. The egress shaper tries to queue packets that exceed the limit instead of dropping them. Eventually, it will also drop packets when the output queue gets full, however, it should allow utilizing the defined throughput better.
...