Security/Monitoring vFlow


Manage vFlow


Selecting Overview → Manage → Security/Monitoring → Manage vFlow displays the Manage vFlow dashboard with a list of any existing vFlow settings.


Select the desired Fabric from the left side navigation bar and the dashboard updates showing all vFlow entries from all switches within the Fabric.


The dashboard displays a list of existing vFlow entries by Switch. Additional parameters include: name, scope, precedence, enable, action, src-ip and dst-ip.


You sort the list of entries in the dashboard using the up / down arrows above each of the columns to sort the information as needed.




Manage Security/Monitoring vFlow Fabric Dashboard


Select the desired switch from the fabric and the dashboard updates automatically with vFlow settings.


The dashboard displays a list of existing vFlows by name. Additional parameters include: scope, precedence, enable, action, src-ip and dst-ip.


vFlows are added by selecting Create a virtual flow for L2 or L3 IP.


Manage Security/Monitoring vFlow Switch Dashboard


You sort the list of entries in the dashboard using the up / down arrows above each of the columns to sort the information as needed.


To delete a vFlow use Delete by selecting the Cog icon. A confirmation message requires an acknowledgment to continue deletion. Click OK to continue or Cancel to return to the previous screen without making any changes.


Delete vFlow Confirmation


To obtain detailed information about a vFlow select an entry in the dashboard.


A Details pane opens displaying the configuration information of the vFlow.


Scroll through the list, as needed, and click X to return to the dashboard.


vFlow Details


vFlows are added by selecting Create a virtual flow for L2 or L3 IP.


To add a vFlow click Create a virtual flow for L2 or L3 IP and enter the configuration parameters which include:


  • name – name for the vFlow
  • scope – scope is local or fabric
  • precedence –  traffic priority value between 2 and 15
  • table-name – table name
  • action –  forwarding action to apply to the vFlow
  • src-ip – source IP address for the vFlow
  • dst-ip – destination IP address for the vFlow


Manage Security/Monitoring Create vFlow


Select to enable options include (may require accessing additional fields):


  • enable – enable or disable flows in hardware
  • override-sys-flows –  override system flows
  • process-mirror –  vFlow processes mirrored traffic or not
  • log-packets –  log the packets in the flow
  • log-stats – log packet statistics for the flow
  • transient – capture transient flows


Click Save to continue or Cancel to return to the previous screen without saving any changes.


Additional field parameters are modified by clicking on the icon for Additional Fields.  Additional fields include:

  • vlan – VLAN for the vFlow
  • dscp – 6-bit Differentiated Services Code Point (DSCP) for the vFlow with range 0 to 63
  • tos – ToS number for the vFlow
  • ttl – time-to-live
  • proto – layer 3 protocol for the vFlow
  • metadata – metadata number for the vFlow
  • vxlan – name for the VXLAN
  • dur – minimum duration required for the flow to be captured (in seconds)
  • vnet-id – VNET assigned to the vFlow
  • out-port – outgoing port for the vFlow
  • src-ip-mask –  source IP address wildcard mask for the vFlow
  • dst-ip-mask –  destination IP address wildcard mask for the vFlow
  • src-port – Layer 3 protocol source port for the vFlow
  • dst-port – Layer 3 protocol destination port for the vFlow
  • dscp-map – DSCP map to apply on the flow. Please reapply if map priorities are updated
  • in-port – incoming port for the vFlow
  • src-mac – source MAC address for the vFlow
  • dst-mac – destination MAC address for the vFlow
  • ether-type – EtherType for the vFlow
  • src-mac-mask – source MAC address to use as a wildcard mask
  • dst-mac-mask – destination MAC address to use as a wildcard mask
  • src-port-mask – source port mask
  • dst-port-mask – destination port mask
  • dscp-start – 6-bit Differentiated Services Code Point (DSCP) start number
  • dscp-end – 6-bit Differentiated Services Code Point (DSCP) end number
  • tos-start – start Type of Service (ToS) number
  • tos-end – the ending Type of Service (ToS) number
  • vlan-pri – priority for the VLAN - 0 to 7
  • tcp-flags – TCP Control Flags
  • flow-class – vFlow class name
  • ingress-tunnel – tunnel for the ingress traffic
  • egress-tunnel – tunnel for egress traffic
  • bw-min – minimum bandwidth in Gbps
  • bw-max – maximum bandwidth in Gbps
  • burst-size – Committed burst size in bytes
  • action-value – optional value argument between 1 and 64
  • action-set-mac-value – MAC address value
  • action-to-next-hop-ip-value – next-hop IP address for packet redirection
  • action-to-ports-value – action to ports value
  • mirror-id – mirror configuration name
  • packet-log-max – maximum packet count for log rotation in the flow
  • stats-interval – interval to update packet statistics for the log (in seconds)
  • vxlan-ether-type – EtherType for the VXLAN
  • vxlan-proto – protocol type for the VXLAN
  • set-src – set src ip of ipv4 packets
  • set-dst – set dst ip of ipv4 packets
  • set-src-port – set src port of ipv4 packets
  • set-dst-port – set dst port of ipv4 packets
  • cpu-class – CPU class name


Manage Security/Monitoring vFlow Additional Parameters


Click Save to continue or Cancel to return to the previous screen without saving any changes.


Note: The Edit icon referred to in this section is represented by the pencil icon .

Interactive Port Selector


Click the Edit icon to display and select a range of ports. Click the desired ports and click Apply to continue or Cancel to return to the previous screen without applying any changes.


Manage Security/Monitoring vFlow Interactive Port Selector


Modify Security/Monitoring vFlow


To modify a vFlow use Edit by selecting the Cog icon to make changes to the vFlow parameters which include:


  • precedence –  traffic priority value between 2 and 15
  • table-name – table name
  • action –  forwarding action to apply to the vFlow
  • src-ip – source IP address for the vFlow
  • dst-ip – destination IP address for the vFlow


Manage Security/Monitoring Modify vFlow


Select to enable options include (may require accessing additional fields):


  • enable – enable or disable flows in hardware
  • override-sys-flows –  override system flows
  • process-mirror –  vFlow processes mirrored traffic or not
  • log-packets –  log the packets in the flow
  • log-stats – log packet statistics for the flow


Click Save to continue or Cancel to return to the previous screen without saving any changes.


Additional field parameters are modified by clicking on the icon for Additional Fields.  Additional fields include:

  • tos – ToS number for the vFlow
  • ttl – time-to-live
  • proto – layer 3 protocol for the vFlow
  • src-ip-mask –  source IP address wildcard mask for the vFlow
  • dst-ip-mask –  destination IP address wildcard mask for the vFlow
  • src-port – Layer 3 protocol source port for the vFlow
  • dst-port – Layer 3 protocol destination port for the vFlow
  • dscp-map – DSCP map to apply on the flow. Please reapply if map priorities are updated
  • in-port – incoming port for the vFlow
  • src-mac – source MAC address for the vFlow
  • dst-mac – destination MAC address for the vFlow
  • ether-type – EtherType for the vFlow
  • src-mac-mask – source MAC address to use as a wildcard mask
  • dst-mac-mask – destination MAC address to use as a wildcard mask
  • src-port-mask – source port mask
  • dst-port-mask – destination port mask
  • dscp-start – 6-bit Differentiated Services Code Point (DSCP) start number
  • dscp-end – 6-bit Differentiated Services Code Point (DSCP) end number
  • tos-start – start Type of Service (ToS) number
  • tos-end – the ending Type of Service (ToS) number
  • vlan-pri – priority for the VLAN - 0 to 7
  • tcp-flags – TCP Control Flags
  • flow-class – vFlow class name
  • ingress-tunnel – tunnel for the ingress traffic
  • egress-tunnel – tunnel for egress traffic
  • bw-min – minimum bandwidth in Gbps
  • bw-max – maximum bandwidth in Gbps
  • burst-size – Committed burst size in bytes
  • action-value – optional value argument between 1 and 64
  • action-set-mac-value – MAC address value
  • action-to-next-hop-ip-value – next-hop IP address for packet redirection
  • action-to-ports-value – action to ports value
  • mirror-id – mirror configuration name
  • packet-log-max – maximum packet count for log rotation in the flow
  • stats-interval – interval to update packet statistics for the log (in seconds)
  • set-src – set src ip of ipv4 packets
  • set-dst – set dst ip of ipv4 packets
  • set-src-port – set src port of ipv4 packets
  • set-dst-port – set dst port of ipv4 packets
  • cpu-class – CPU class name


Manage Security/Monitoring Modify vFlow Additional Parameters


Click Save to continue or Cancel to return to the previous screen without saving any changes.


Note: The Edit icon referred to in this section is represented by the pencil icon .

Interactive Port Selector


Click the Edit icon to display and select a range of ports. Click the desired ports and click Apply to continue or Cancel to return to the previous screen without applying any changes.


Manage Security/Monitoring Modify vFlow Interactive Port Selector