Forum Discussion

kchampcal_12766's avatar
kchampcal_12766
Icon for Nimbostratus rankNimbostratus
Sep 14, 2004

Is there a way to mirror a sub-set of the packets

I know there are a number of mirroring options: http://www.f5.com/solutions/tech/security/mirroring_to_inspection_device45.html

 

 

I also know that you can define packet filtering rules: \iControl-9.0\sdk\api_reference\Networking.PacketFilter.html

 

 

However, it appears that there are a limited set of actions that you can take based on a packet inspection rule firing: \iControl-9.0\sdk\api_reference\Networking.FilterAction.html

 

 

So it is not obvious to me how to make only a sub-set of the packets get mirrored. Is there natural way to do this?

 

 

thanks

 

KC
dev
devops
iControl
v4
  • Joe_Pruitt's avatar
    Joe_Pruitt
    Sep 14, 2004
    KC,

     

     

    You are referencing a solution based on 4.5 BIG-IP with the SDK for version 9.0. As far as I know VLAN Mirroring is not available in the 9.0 release. The only way I know of mirroring partial packets is on an interface basis. This is known as Port Mirroring. As far as I know VLAN mirroring will be available in 9.0 but I'm not sure of the timeframe.

     

     

    The moderators on this forum are here to support iControl related development. We try to help out where we can but in this case I would suggest you contact F5 Technical Support as they will be able to help you out much better than we can here.

     

     

    F5 Technical Support

     

    Email:

     

    Phone: 206-272-6888

     

    Web: http://www.f5.com/support/

     

    AskF5: http://tech.f5.com/

     

     

    Hope this helps and let us know what you find out as the users on our forums may have similar questions in the future.

     

     

    -Joe