vFlows

vflow-create

This command is used to create a flow definition for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic.

Syntax   vflow-create

name name-string

Specify the flow name.

scope local|fabric

Specify the scope for the flow.

Specify any of the following options:

table-name vflow-table name

Specify the vFlow table name for the flow.

vlan vlan-id

Specify the VLAN identifier for the flow.

vnet vnet-name

Specify the virtual network (VNET) for the flow

l2-net l2-net-name

Specify the name of the Layer 2 network.

in-port port-list

Specify the ingress (input) port for the flow.

out-port port-list

Specify the egress (output) port for the flow.

ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe| dot1X|lldp|ecp|macsec|
ptp|fcoe|fcoe-init|qinq

Specify the EtherType for the flow.

src-mac mac-address

Specify the source MAC address for the flow .

src-mac-mask mac-address

Specify the source MAC address wildcard mask for the flow.

dst-mac mac-address

Specify the destination MAC address for the flow.

dst-mac-mask mac-address

Specify the destination MAC address wildcard mask for the flow.

src-ip ip-address

Specify the source IP address for the flow.

src-ip-mask ip-address

Specify the source IP address wildcard mask for the flow.

dst-ip ip-address

Specify the destination IP address for the flow.

dst-ip-mask ip-address

Specify the destination IP address wildcard mask for the flow.

src-port src-port-number

Specify the Layer 3 protocol source port for the flow.

src-port-mask src-port-mask-number

Specify the source port mask.

dst-port dst-port-number

Specify the Layer 3 protocol destination port for the flow.

dst-port-mask dst-port-mask-number

Specify the destination port mask.

dscp-start number

Specify the starting DSCP number. This is a value between 0 and 63.

dscp-end number

Specify the ending DSCP number. This is a value between 0 and 63.

dscp dscp-number

Specify the 6-bit Differentiated Services Code Point (DSCP) of the flow.

dscp-map dscp-map name | none

Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated.

tos-start tos-start-number

Specify the starting ToS number.

tos-end tos-end-number

Specify the ending ToS number.

tos tos-number 

Specify the Type of Service (ToS) number for the flow.

dropped|no-dropped

Specify if the vFlow matches a dropped packet or forwards the packet.

vlan-pri number

Specify the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest).

ttl ttl-number

Specify the time to live in seconds.

proto tcp|udp|icmp|igmp|ip

Specify the Layer 3 protocol for the flow.

tcp-flags fin|syn|rst|push|ack|urg|ece|cwr

Specify the TCP flags to filter a vFlow.

flow-class vflow-class name

Specify the vflow class.

ingress-tunnel tunnel-name

Specify the name of the ingress tunnel.

egress-tunnel tunnel name

Specify the name of the egress tunnel.

bw-min bw-min-number

Specify the minimum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps.

bw-max bw-max-number

Specify the maximum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps.

burst-size auto

Specify the burst size. This parameter auto-calculates the burst size based on the maximum bandwidth settings for the vFlow. You can also configure a burst-size number between 256B through 128MB.

vrouter-name vrouter name

Specify the vRouter name if you are configuring Policy-based Routing (PBR). You should not use this parameter unless you are configuring PBR.

precedence default

Specify the traffic priority for the flow (between 0 and 10)

action none|drop|to-port|to-cpu|trap|copy-to-cpu|check|setvlan|tunnel-pkt|set-tunnel-id|to-span|cpu-rx|cpu-rx-tx|set-metadata|set-dscp|
decap|set-dmac|set-dmac-to-port|to-ports-and-cpu|set-vlan-pri|tcp-seq-offset|tcp-ack-offset|l3-to-cpu-switch|set-smac|drop-cancel-trap|to-ecmp-group

Specify the forwarding action to apply to the flow.

action-value number

Specify an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64.

action-set-mac-value mac-address

Specify a MAC address to apply the action.

action-to-ports-value port-list

Specify a port list to apply the action.

mirror mirror-name

Specify the name of the mirror configuration.

process-mirror|
no-process-mirror

Specify to process mirrored traffic for the vflow.

log-packets|no-log-packets

Specify whether to log the packets in the flow.

packet-log-max packet-log-max-number

Specify the maximum packet count for log rotation in the flow.

log-stats|no-log-stats

Specify if you want to log statistics or not.

stats-interval seconds

Specify the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800.

dur dur-number

Specify the minimum duration required for the flow to be captured (in seconds).

metadata metadata-number

Specify a metadata number for the flow.

transient|no-transient

Specify whether to capture transient flows.

vxlan vxlan-name

Specify the name of the VXLAN.

vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe|dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq

Specify the type of VXLAN.

vxlan-proto tcp|udp|icmp|igmp|ip|icmpv6

Specify the Layer 3 protocol for the flow.

set-src ip-address

Specify the source IP address of IPv4 packets.

set-dst ip-address

Specify the destination IP address of IPv4 packets.

set-src-port set-src-port-number

Specify the source port of IPv4 packets.

set-dst-port set-dst-port-number

Specify the destination port of IPv4 packets.

udf-name1 udf name

Specify the User-Defined Field name.

udf-data1 udf-data1-number

Specify the User-Defined Field data.

udf-data1-mask udf-data1-mask-number

Specify the mask for the User-Defined Field data.

udf-name2 udf name

Specify the User-Defined Field name.

udf-data2 udf-data2-number

Specify the User-Defined Field data.

udf-data2-mask udf-data2-mask-number

Specify the mask for the User-Defined Field data.

udf-name3 udf name

Specify the User-Defined Field name.

udf-data3 udf-data3-number

Specify the User-Defined Field data.

udf-data3-mask udf-data3-mask-number

Specify the mask for the User-Defined Field data.

enable|no-enable

Specify if you want to enable or disable flows in hardware.

table-name vflow-table name

Specify a table name from the following list:

SrcMac

DstMac

SrcIp

DstIp

OuterVlanId

OuterVlanPri

EtherType

The following actions are supported for this parameter:

InnerVlan

OuterVlan

Dscp

Vxlan

Drop

VlanPri

cpu-class cpu-class name

Specify the CPU class name.

Defaults   None.

Access   CLI

History   

Version 1.2

Command introduced.

Version 2.1

The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror added.

Version 2.2.3

The parameters, dscp-start, dscp-end, tos-start, tos-end, vlan-pri and ttl added.

Version 2.2.5

The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror.

Version 2.3

The parameters, set-src, set-dst, set-src-port, and set-dst-port, added.

Version 2.3.1

The parameter, table, added.

Version 2.4

The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats added.

Version 2.5.3

The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added.

Version 2.5.4

The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB.

Version 2.6.0

The parameter, table-name, added.

Version 2.6.2

The parameter, dscp-map and cpu-class added.

Version 3.0.0

The parameter, dropped|no-dropped, added.

Usage   Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.

Examples  This example shows how to initiate statistcs for a flow named flow1 defined as the Internet Protocol (IP) traffic on VLAN 4091 within the local switch.

CLI network-admin@switch > vflow-create name flow1 scope local vlan 4091

This example shows how to initiate statistics for a flow, flow2, defined as the fabric-wide Internet Protocol (IP) traffic sourced by the host with IP address 172.168.18.2 classified as dropless.

CLI network-admin@switch > vflow-create name flow2 scope fabric src-ip 172.168.18.2 class dropless stats enable

This example shows how to initiate statistics for a flow flow3 defined as the Internet Protocol (IP)

traffic on VLAN 99 destined for the host with IP address 172.168.24.1 within the local switch. An action is specified to drop all traffic matching these flow attributes.

CLI network-admin@switch > vflow-create name flow3 scope local vlan 99 dst-ip 172.168.24.1 action drop stats enable

This example, shows how to create a vFlow with a burst size of 12MB. This is useful because different burst-sizes can be used for different types of metered traffic. For example, if a metered application produces bursty traffic patterns, such as clicking on a Web page link redirecting you to a media-rich page, you can now configure higher burst levels than the pre-calculated default burst levels.

CLI network-admin@switch > vflow-create name flow1 scope local in-port 12 bw-max 5G burst-size 12M

See Also   

vflow-delete

vflow-modify

vflow-show

vflow-class-create

vflow-class-delete

vflow-class-show

vflow-share-modify

vflow-share-show

vflow-snoop

vflow-stats-show