JUNOS port-mirroring is driven by a firewall filter, and "port-mirror" is the action that causes the packet to be mirrored. Thus you can specify exactly the traffic you want to mirror based on standard firewall syntax.
Ex: only mirror traffic from a specific source-address on ingress to ge-0/0/3:
interfaces {
ge-0/0/3 {
unit 0 {
family inet {
filter {
input mirror;
}
address 10.1.1.254/24;
}
}
}
}
filter mirror {
term term1 {
from {
source-address {
10.1.1.1/32;
}
}
then {
port-mirror;
accept;
}
}
term default {
then accept;
}
}
}
forwarding-options {
port-mirroring {
input {
rate 1;
run-length 0;
}
family inet {
output {
interface ge-0/0/0.0 {
next-hop 192.168.1.233;
}
}
}
}
}
Any traffic not matching that source-address will be simply accepted by the default term and will not be mirrored.
Message Edited by JNPRdbackman on 04-26-2009 04:08 PM