The routable encapsulation feature allows mirrored packets to be placed in a routable IP/UDP header and then forwarded in a routing context (either base or VPRN). An additional shim header is also added before the mirrored packet to provide additional context to the collector receiving the packets and contains the direction, mirror type, filter action, interface type, and interface value.This routable encapsulation is available using the layer-3-encap ip-udp-shim-sampled command and is supported for ingress and egress mirroring. It can be combined with mirror sampling, slicing, mirror-type ether, and ip-only. Figure: Routable mirror encapsulation shows the routable mirror encapsulation and Figure: Shim header format shows the shim header format.
The encoding of the shim header is as follows:
Version (4 bits)
This describes the shim header version. The only supported version is 1.
Direction (1 bit)
This describes if the packet was mirrored ingress or egress.
Ingress = 0
Egress = 1
Mirror Type (1 bit)
This describes the mirror type.
Ethernet = 0
IP-Only = 1
Filter Action (1 bit)
This describes the result of the line card filter action as dropped or accepted. This can be further used by the collector for telemetry purposes.
Drop = 0
Accept = 1
Interface-Ref-Type (1 bit)
This indicates whether the interface represents an interface index or a SAP instance.
if-index = 0
sap-instance-id = 1
Interface (24 bits)
This can be either a sap-instance-id or the if-index value depending on the interface-ref-type value.
The if-index is used in the following mirror source cases:
For network interface, IES/VPRN SAP interface, or interface binding (spoke SDP IP interface), the interface if-index is used.
For MPLS transit and spoke/mesh-SDP in Layer 2 services, the if-index of the network interface the traffic is received from is used.
For R-VPLS IP packets to the router interface MAC as well as broadcast and multicast, R-VPLS interface if-index is used.
For ESM, the subscriber interface if-index is used.
The sap-instance-id is used for Layer 2 service SAPs and is an internal reference for the SAP string. The mapping table between the SAP instance ID and SAP strings can be obtained by using the SNMP table tMirrorSourceSapShimTable. The sap-instance-id found in the shim header can be correlated offline by the collector with tMirrorSourceSapShimTable to identify the SAP string and service the packet was mirrored from.
Filter action, interface-ref-type, and interface values are 0 in the case of egress mirroring.
The following restrictions apply to ip-udp-shim-sampled encapsulation:
FP2- and FP3-based cards are not supported as mirror source endpoints. Traffic from these endpoints is not mirrored if they are configured as a mirror source.
IP UDP shim sampled encapsulation is not applicable to PPP, SAToP, or CESoPSN mirror-dest types.
IP UDP shim encapsulation is only supported over IPv4 transport (it is not supported over IPv6 transport).
Forwarding of routable encapsulated packets from an R-VPLS interface is not supported. Routable encapsulated packets that arrive at the egress of an R-VPLS interface are discarded.
On the source node where LI mirroring occurs, the operator must configure the mirror destination to inject into the routing instance (that is, base or VPRN) in which the actual destination address is reachable without having to hop into a different instance using GRT leaking. In other words, the interface out of which the packet travels must exist in the routing instance that is configured in the mirror destination.