Understanding vFlow Statistics


Virtual network-based flows, vflows, display statistics for packet traffic flows on a switch and across the

fabric.


vFlows are very powerful and provide many features such as quality of service (QoS), traffic shaping,packet redirect, drop actions, mirror, and capture.


A vFlow can be configured to store log statistics to a file accessible to clients using NFS and SFTP. If statistics logging is enabled, Netvisor One periodically polls the switch for the most recent statistics for each flow and saves the statistics to an exported file. Netvisor One also saves individual statistics received from other switches in the fabric and combines the statistics from all switches to record aggregate statistics for the entire fabric.


The switch consists of two components, the switch and the server. vFlows with operations like drop are executed within the switch component. Some vFlows operations for QoS take place in the switch component, while others operate within the co-processor by directing pertinent traffic to the co-processor.


There, the traffic is managed and then sent back to the switch component.Other actions such as copy-to-cpu sends the match traffic to the server component where the traffic is managed and then forwards packets for delivery. In general, the details are managed by Netvisor One including fabric scope commands that cause all switches within a fabric to participate in an operation and then sends the compiled results to the CLI or to log files.


Before you can access the files, you must enable NFS or SFTP access to the log files by using the admin-service-modify command.

 

CLI (network-admin@Leaf1) >  vflow-share-show


switch enable share-path

pleiades24 fab1-global no pleiades24://fab1-global

pleiades24 fab1-global no pleiades24://fab1-global

pleiades24 fab1-global no pleiades24:///fab1-global

pleiades24 fab1-global no pleiades24://fab1-global

pleiades24 fab1-global no pleiades24://fab1-global


CLI (network-admin@Leaf1) >  vflow-share-modify fab1-global enable


vflow-share-show

switch enable share-path

pleiades24 fab1-global yes pleiades24://fab1-global

pleiades24 fab1-global no pleiades24://fab1-global

pleiades24 fab1-global no pleiades24://fab1-global

pleiades24 fab1-global no pleiades24://fab1-global

pleiades24 fab1-global no pleiades24://fab1-global

 

You can then access the statistics log files using NFS in the following locations:


For the switch scope, the files are located in: /net/switch-name//-name/flow/flow-name/switch/switch-name/stats


For the fabric scope, the files are located in: /net/switch-name//-name/flow/flow-name/fabric/stats


To create a vFLow for example, Host-Agent-Discover, and measure statistics, enter the following command:


CLI (network-admin@Leaf1) >  vflow-create name Host-Agent-Discover scope local system


To view all vFlows currently tracked by the switch or fabric, use the vflow-show command:


CLI (network-admin@Leaf1) > vflow-show


switch:           pleiades24

name:             Host-Agent-Discover

scope:            local

type:             system

dst-ip:           224.4.9.6

precedence:       2

action:           copy-to-cpu

switch:           pleiades24

name:             DHCP-client

scope:            local

type:             system

in-port:          1-68

src-port:         68

proto:            udp

precedence:       2

action:           copy-to-cpu

switch:          pleiades24

name:             Host-Agent-Discover

scope:            local

type:             system

dst-ip:           224.4.9.6

precedence:       2

action:           copy-to-cpu

switch:          pleiades24

name:             DHCP-client

scope:            local

type:             system

in-port:          1-68

src-port:         68

proto:            udp

precedence:       2

action:           copy-to-cpu

 

From the information displayed in the output, you can review the switch, the name of the vFlow, scope, type of vFlow, destination IP address, precedence, and action for the vFlow.


To display statistics for all vFlows, use the vflow-stats-show command:


CLI (network-admin@Leaf1) >  vflow-stats-show


switch     name          packets   bytes    cpu-packets    cpu-bytes

------     ----          -------   -----    -----------    ---------

pleiades24IGMP-Flow      368K      23.0M    392K           23.0M

pleiades24 LLDP-Flow     82.9K     26.3M    82.9K          26.0M

pleiades24 Host-Agent    17.8K     1.11M    0              0

pleiades24 ECP           0         0        0              0

 


To monitor statistics of a vFlow and update every 10 seconds, use the following syntax:


CLI (network-admin@Leaf1) >  vflow-stats-show name flow1 show-diff-interval 10

 

To log persistent records of flow statistics, use the logging parameter and collect statistics every 10 seconds:


CLI (network-admin@Leaf1) > vflow-create name monitor-flow scope local ether-type arp stats log stats-interval 5


You can display the statistics logs for the new flow using the vflow-stats-show command.



Note: Conflicting vFlows - Multiple vFlows can be active at once, but Netvisor One cannot apply them at the same time. You can use the precedence parameter is used to set the order of the vFlows. If you set the precedence to a higher value (0 - 10 with 0 as the lowest precedence), the vFlow has a higher precedence than those with lower values. If you are seeing error messages about vFlow conflicts, try adding a precedence value to new or existing vFlows.