Restrictions on the use of port mirroring on the USG9000 series

The restrictions and precautions on the use of mirroring on the USG9000 series are as follows:

? Only the LPUK, LPUN, and LPU-100C support port mirroring.
? BFD and HRP packets cannot be mirrored.
? The action in the ACL rule referenced by port mirroring must be permit, and the address set configuration is not supported.
? Traffic mirroring cannot be configured in VLANs.
? If an Eth-Trunk interface or subinterface on an LPU-100C is configured as the mirroring port, packets can be mirrored only to the first member interface. Traffic load balancing cannot be implemented.
? Service interfaces cannot be used as the observing port. The observing port cannot serve as a service interface.
? The mirroring port and the observing port cannot be the same port.
? Different transmission rates cause failure to completely receive all mirrored packets. To prevent this problem, ensure that the transmission rates of the observing port and mirroring port are the same.
? The port mirroring function consumes CPU resources on firewalls, degrades service processing performance, and even affects services. Therefore, disable this function soon after using it.

Scroll to top