English
HomeGlossaryMOD

MOD

Posted on Mar 1, 2025 by
  Howard
298

What is MOD

Mirror On Drop (MOD) is a network management feature that mirrors packets to a specified monitoring port or device when packet loss occurs. Implemented in switches and routers, MOD provides real-time visibility into dropped packets, helping administrators troubleshoot network issues, optimize performance, and enhance security monitoring. By capturing lost packets, MOD enables efficient fault diagnosis, congestion management, and threat detection, making it essential for maintaining reliable and high-performance network operations, particularly in environments such as data centers, enterprise networks, and telecom networks.

How MOD Works

Configuration policy: Configure the Mirror On Drop policy on the network device, usually by setting the ACL(access control list) or other management interface to achieve. These policies define which monitoring ports or devices the packet will be mirrored to under certain conditions such as packet loss.
Packet loss detection: When the network device detects that some packets are lost due to congestion, misconfiguration, or other problems, it will copy or mirror these lost packets to the specified monitoring port according to the preset policy.
Monitoring and Analysis: Packets mirrored to the monitoring port can be captured and analyzed by network analysis tools such as Wireshark. Such analysis can help network administrators quickly diagnose and solve network problems, such as traffic anomalies, equipment backup failures, or security incidents.

Benefits of MOD

Mirror On Drop (MOD) offers significant benefits for network management by providing real-time insights into packet loss events. This powerful feature enhances troubleshooting, performance optimization, and security monitoring while offering minimal impact on network traffic. Below are the key advantages of implementing MOD in your network environment.
Real-Time Analysis: MOD allows for the immediate capture of dropped packets, providing network administrators with real-time data to quickly respond to and investigate packet loss events. This real-time visibility enables rapid detection of network issues, leading to faster troubleshooting and resolution.
Precise Fault Diagnosis: By mirroring dropped packets, MOD helps pinpoint the exact cause and location of packet loss, whether it’s due to network congestion, misconfiguration, or other issues. This precision accelerates the troubleshooting process, allowing for quicker identification of the root cause and reducing network downtime.
Enhanced Security: MOD is also valuable in security monitoring, as it helps detect potential security threats related to packet loss. By capturing lost packets that may have been intentionally dropped due to an attack, MOD can aid in identifying unusual traffic patterns or malicious behavior. This strengthens the network’s overall defense against cyber threats, ensuring a higher level of network security.

Configuring MOD

Restrictions and guidelines: MOD only applies to packets that match ACLs referenced by flow groups. It monitors packets dropped for specific reasons listed in the configured packet drop reason list, but does not track packets dropped for other causes. Additionally, MOD is mutually exclusive with several features, including Mirroring configured with sampling, NetStream and IPv6 NetStream, NetAnalysis, sFlow, INT, and Telemetry stream.
Configuring MOD Procedure: Configuring MOD can vary depending on the network device (e.g., switch, router) and the specific platform you're using. However, the basic configuration steps generally follow a similar process. Below is an overview of how to configure MOD in common network devices:

Configuring MOD

Enter system view.
Enter MOD view.
Configure Device ID: Set a unique device ID for MOD (default: no ID configured)..
Sampling enable: Enable sampling for MOD. (default: sampling is disabled for MOD. This command is supported and required only for a MOD-mode flow group).
protocol UDP: Specify a protocol that MOD uses to send packets to the collector. ( default: MOD uses UDP to send packets to the collector).
Configure Encapsulation VLAN (Optional): Configure the encapsulation information for packets sent to the collector by MOD. (default: the encapsulation information not configured.).
Drop-reason congestion: Configure the packet drop reason list monitored by MOD. (default: no packet drop reasons are configured, and the device does not monitor packet drops).
Videos
Global Delivery Service | FS
01:11
Jun 26, 2024
387
Global Delivery Service | FS
Related Topics
Solutions
  • PicOS® for H100 InfiniBand Solution

    PicOS® for H100 InfiniBand Solution

    Based on the NVIDIA® H100 GPU, along with PicOS® software and AmpCon™ management platform, the FS H100 Infiniband solution is tailored according to the network topology of HPC architecture, including infiniband network, management network, and storage net

  • Empower HPC Network with 400G RoCE Lossless Solution

    Empower HPC Network with 400G RoCE Lossless Solution

    This solution offers a perfect 400G interconnect solution for QSFP-DD switches and OSFP network cards, addressing the compatibility issues between different port encapsulations. And it is tailored according to the network topology of HPC architecture, inc

  • PicOS® for Video Streaming Solution

    PicOS® for Video Streaming Solution

    FS integrates advanced switches, PicOS®, and AmpCon™ management platform to design a modern data center architecture for 4K/8K video service providers. It enables efficient network management, enhanced capacity and reliability, and reduced overall Opex.

FS.com About FS FS APP Contact Privacy Terms