Support for Virtual Link Extension (vLE) Analytics

Currently, Netvisor One does not copy vLE traffic control frames to the CPU on the switch. Inner tag, if present, is not removed as well. This is achieved by installing a system vFlow, Virtual-Link-Extend, with highest priority 15 with no action specified so that LLDP or other control frames are not terminated and sent to CPU.

To support vLE analytics, a few additional system vFlows are installed with the same priority as the existing Virtual-Link-Extend vFlow to copy TCP-SYN/FIN/RST packets to CPU.

This ensures that any vLE-SYN/FIN/RST packets are targeted for System-vLE-x flows and not Virtual-Link-Extend flow.


CLI (network-admin@switch) > vflow-show format name,scope,type,proto,tcp-flags,precedence,action,enable


name                 scope type   proto tcp-flags precedence action      enable

------------------- ----- ------ ----- --------- ---------- ----------- ------

System-vLE-S         local system  tcp   syn       15        copy-to-cpu enable

System-vLE-F         local system  tcp   fin       15        copy-to-cpu enable

System-vLE-R         local system  tcp   rst       15        copy-to-cpu enable

Virtual-Link-Extend  local system                  15        none        enable


CLI (network-admin@switch) > connection-show


vnet vlan vxlan src-ip     dst-ip     dst-port cur-state syn-resends syn-ack-resends

---- ---- ----- ---------- ---------- -------- --------- -----------

100  100 http     fin       0           0


latency obytes ibytes total-bytes age

------- ------ ------ ----------- --------

74.8us  149    311    460         2h11m21s