This message was posted by a user wishing to remain anonymous
We need to mirror a trunk port to two hosts for monitoring on a EX2300-48P running Junos 21.3R1.9. Port 46 is the trunk. Ports 44 and 45 are physically connected with a loop cable. Ports 42 and 43 connect to the monitoring hosts. The relevant portions of the configuration are below:
ge-0/0/42 {
flexible-vlan-tagging;
native-vlan-id 1;
encapsulation extended-vlan-bridge;
unit 1000 {
vlan-id-list 1-4094;
input-vlan-map push;
output-vlan-map pop;
family ethernet-switching {
storm-control default;
recovery-timeout 120;
}
}
}
ge-0/0/43 {
flexible-vlan-tagging;
native-vlan-id 1;
encapsulation extended-vlan-bridge;
unit 1000 {
vlan-id-list 1-4094;
input-vlan-map push;
output-vlan-map pop;
family ethernet-switching {
storm-control default;
recovery-timeout 120;
}
}
}
ge-0/0/44 {
flexible-vlan-tagging;
native-vlan-id 1;
encapsulation extended-vlan-bridge;
unit 1000 {
vlan-id-list 1-4094;
input-vlan-map push;
output-vlan-map pop;
family ethernet-switching {
storm-control default;
recovery-timeout 120;
}
}
}
ge-0/0/45 {
unit 0 {
family ethernet-switching {
storm-control default;
recovery-timeout 120;
}
}
}
ge-0/0/46 {
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members 100-101;
}
storm-control default;
recovery-timeout 120;
}
}
}
forwarding-options {
analyzer {
internet-monitor {
input {
ingress {
interface ge-0/0/46.0;
}
egress {
interface ge-0/0/46.0;
}
}
output {
interface ge-0/0/45.0;
}
}
}
}
protocols {
mstp {
interface ge-0/0/42 {
disable;
}
interface ge-0/0/43 {
disable;
}
interface ge-0/0/44 {
disable;
}
interface ge-0/0/45 {
disable;
}
}
vlans {
DMZ {
vlan-id 101;
l3-interface irb.101;
}
INET {
vlan-id 100;
l3-interface irb.100;
}
MONITOR {
interface ge-0/0/42.1000;
interface ge-0/0/43.1000;
interface ge-0/0/44.1000;
switch-options {
no-mac-learning;
}
}
}
When I connect a host to port 45, tcpdump shows traffic flowing in both directions. The VLAN tags for the outbound traffic are incorrect. This is listed as a known limitation in the Juniper documentation and we can work around it. The issue occurs when port 45 is cross connected with port 44 and a host is connected to port 42 or port 43. The host running tcpdump on port 42 or port 43 only shows traffic flowing in one direction.
Any advice is appreciated.
Thanks