[SOLVED] AWS EC2 traffic-mirroring does not pass traffic

Issue

I have a VPC over EC2 and two Ubuntu 22.04 VMs.
I created a simple straight forward traffic-mirroring session, according to this href="https://docs.aws.amazon.com/vpc/latest/mirroring/what-is-traffic-mirroring.html" rel="nofollow noreferrer">manual.
But traffic does not gets replicated into destination.

• My mirror targets is the interface of vm1
• My mirror filters are "all protocols" source+dest CIDR 0.0.0.0/0
• My mirror sessions combines both the above mirror-target and mirror-filter, and source as the interface of vm2

On vm2 I use wget in order to produce traffic on that interface.
On vm1 I use tcpdump, but I do not get any traffic mirrored from vm2.
I did not find any way to debug this.

Solution

Well, Looks like I missed that part from Prerequisites 😅

The traffic mirror target instance must allow traffic to UDP port 4789.

I had to allow UDP port 4789 (vxlan) on the targer's security groups.

Answered By - hudac

Answer Checked By - Marie Seifert (WPSolving Admin)