The user can configure a spoke-SDP bound to an SR tunnel to forward mirrored packets from a mirror source to a remote mirror destination. In the configuration of the mirror destination service at the destination node, the remote-source command must use a spoke-sdp with VC-ID which matches the one the user configured in the mirror destination service at the mirror source node. The far-end option is not supported with an SR tunnel.
This also applies to the configuration of the mirror destination for an LI source.
Configuration at mirror source node:
config mirror mirror-dest 10
— no spoke-sdp sdp-id:vc-id
— spoke-sdp sdp-id:vc-id [create]
— egress
— vc-label egress-vc-label
sdp-id matches an SDP which uses an SR tunnel
for vc-label, both static and t-ldp egress vc labels are supported
Configuration at mirror destination node:
*A:7950 XRS-20# configure mirror mirror-dest 10 remote-source
— spoke-sdp <SDP-ID>:<VC-ID> create <-- VC-ID matching that of spoke-sdp configured in mirror destination context at mirror source node.
— ingress
— vc-label <ingress-vc-label> <--- optional: both static and t-ldp ingress vc label are supported.
— exit
— no shutdown
— exit
— exit
the far-end command is not supported with SR tunnel at mirror destination node; user must reference a spoke-SDP using a segment routing SDP coming from mirror source node:
far-end ip-address [vc-id vc-id] [ing-svc-label ingress-vc-label | tldp] [icb]
no far-end ip-address
for vc-label, both static and t-ldp ingress vc labels are supported
Mirroring and LI are also supported with the PW redundancy feature when the endpoint spoke-sdp, including the ICB, is using an SR tunnel. Routable Lawful Intercept Encapsulation (config>mirror>mirror-dest>encap# layer-3-encap) when the remote L3 destination is reachable over an SR tunnel is also supported.