Port Mirroring on CRS125-24G-1S-RM

RouterOS General
1

HI

I’m a bigginer and I have bought a CRS125-24G-1S-RM. I need to mirror ports on the Switch.
I have tried chacking and below is what I manage to do:
admin@OTEL Switch] /interface ethernet switch> print
name: switch1
type: QCA-8513L
bridge-type: service-vlan-bridge
drop-if-no-vlan-assignment-on-ports:
drop-if-invalid-or-src-port-not-member-of-vlan-on-ports:
invalid-vlan-lookup-mode: ivl
forward-invalid-vlan: yes
use-svid-in-one2one-vlan-lookup: no
use-cvid-in-one2one-vlan-lookup: yes
mac-level-isolation: no
vlan-level-isolation: no
ipv4-multicast-lookup-mode: dst-mac-and-vid-always
override-existing-when-ufdb-full: no
unicast-fdb-timeout: 5m
ingress-mirror0-enable: yes
ingress-mirror0-port: ether2
ingress-mirror0-format: modified
ingress-mirror1-enable: yes
ingress-mirror1-port: Sentinel - ether3
ingress-mirror1-format: modified
ingress-mirror-ratio: 1/1
egress-mirror0-enable: yes
egress-mirror0-port: ether2
egress-mirror0-format: original
egress-mirror1-enable: yes
egress-mirror0-port: Sentinel - ether3
egress-mirror1-format: modified
egress-mirror-ratio: 1/1
egress-sampling-ratio: 1/1
fdb-uses: mirror0
vlan-uses: mirror0
mirror-egress-if-ingress-mirrored: yes
mirror-tx-on-mirror-port: yes
mirrored-packet-qos-priority: 0
mirrored-packet-drop-precedence: green
bypass-vlan-ingress-filter-for:
bypass-l2-security-check-filter-for:

Please help as I cannot seem to get it working. I need to mirror Ether2 with Ether3 :confused:


Regards
Thyson Makitla

2

I do not know what you already have try to do and configured, If you have trouble, first reset all configuration (you lose all).

Remember to add Karma, if my help have solved your problem,

Thanks.

3

The CRS switch has a totally different command set. It does not accept that command.

4

??? CRS! not CCR! :blush:

What RouterOS version are you using?
I have misunderstand the model… sorry… :frowning:

5

My CRS came with 6.5 and I used up to 6.11 (now down to 6.10 - i try to reproduce a switch bug).
But the switch commands didn’t change to much between these versions.

There is a special section in the wiki dedicated to the CRS switch: http://wiki.mikrotik.com/wiki/Manual:CRS_features

tysmakitla’s config seems logical, but maybe the logic of the switch works differently :laughing:

6

I have upgraded to version 6.12 and I still cannot get mirroring to work.

Anyone has idea or has managed to get it working? :frowning:

7

someone knows what is the commands for the port mirroring ?


Your support is highly appreciated!

8

http://wiki.mikrotik.com/wiki/Manual:CRS_examples#Port_Based_Mirroring

9

I applied the cmd as specified in the wiki for the master port (ether1), but still cannot see any traffic using torch for the slave ports. Can someone help? tnx

10

Run Torch tool on interface which is the master-port but in CRS Switch menu configure “switch1-cpu” as mirroring analyzer port.

11

Tnx for the quick response. This is actually the default configuration which indeed works for torch capturing all routed communication from the internal network. But, do I have the chance to also capture switch level communications between hosts residing on the same subnet? Can this be supported by torch or I need to use wireshark from an individual host? Torch would be ideal for my case. It is critical because I need to capture some internal tcp connections.

12

You can configure ingress/egress port mirroring from any physical CRS switch port to the “switch1-cpu” port and you will see that traffic when running Torch on the master-port.

/interface ethernet switch
set ingress-mirror0=switch1-cpu egress-mirror0=switch1-cpu

/interface ethernet switch port
set ether6 egress-mirror-to=mirror0 ingress-mirror-to=mirror0

Note that a lot of mirrored traffic to the CPU will increase its usage and may cause connectivity issues.

13

Worked just fine! Many thanks!