Configuring Remote Port MirroringRemote port mirroring requires a source session (monitored ports on different source switches), a reservedtagged VLAN for transporting mirrored traffic (configured on source, intermediate, and destination switches),and a destination session (destination ports connected to analyzers on destination switches).Configuration NotesWhen you configure remote port mirroring, the following conditions apply:• You can configure any switch in the network with source ports and destination ports, and allow it tofunction in an intermediate transport session for a reserved VLAN at the same time for multiple remote-port mirroring sessions. You can enable and disable individual mirroring sessions.• BPDU monitoring is not required to use remote port mirroring.• A remote port mirroring session mirrors monitored traffic by prefixing the reserved VLAN tag tomonitored packets so that they are copied to the reserve VLAN.• Mirrored traffic is transported across the network using 802.1Q-in-802.1Q tunneling. The sourceaddress, destination address and original VLAN ID of the mirrored packet are preserved with the taggedVLAN header. Untagged source packets are tagged with the reserve VLAN ID.• You cannot configure a private VLAN or a GVRP VLAN as the reserved RPM VLAN.• The L3 interface configuration should be blocked for the reserved VLAN.• The member port of the reserved VLAN should have MTU and IPMTU value as MAX+4 (to hold the VLANtag parameter).• To associate with a source session, the reserved VLAN can have a maximum of 4 member ports.• To associate with a destination session, the reserved VLAN can have multiple member ports.• The reserved VLAN cannot have untagged ports.In the reserved L2 VLAN used for remote port mirroring:• MAC address learning in the reserved VLAN is automatically disabled.• The reserved VLAN for remote port mirroring can be automatically configured in intermediate switchesby using GVRP.• There is no restriction on the VLAN IDs used for the reserved remote-mirroring VLAN. Valid VLAN IDsare from 2 to 4094. The default VLAN ID is not supported.• In mirrored traffic, packets that have the same destination MAC address as an intermediate ordestination switch in the path used by the reserved VLAN to transport the mirrored traffic are droppedby the switch that receives the traffic if the switch has a L3 VLAN configured.In a source session used for remote port mirroring:• You can configure any port as a source port in a remote-port monitoring session with a maximum ofthree source ports per port pipe.• Maximum number of source sessions supported on a switch: 4• Maximum number of source ports supported in a source session: 128• You can configure physical ports and port-channels as sources in remote port mirroring and use themin the same source session. You can use both Layer 2 (configured with the switchport command) andLayer 3 ports as source ports. You can optionally configure one or more source VLANs to specify theVLAN traffic to be mirrored on source ports.Port Monitoring 864