Understanding vFlow Statistics


The virtual network-based flows- vflows, display statistics for packet traffic flows on a switch and across the fabric. The vFlows are very powerful and provide many features such as quality of service (QoS), traffic shaping, packet redirect, drop actions, mirror, and capture.


A vFlow can be configured to store log statistics to a file accessible to clients using NFS and SFTP. If statistics logging is enabled, Netvisor ONE periodically polls the switch for the most recent statistics for each flow and saves the statistics to an exported file. Netvisor ONE also saves individual statistics received from other switches in the fabric and combines the statistics from all switches to record aggregate statistics for the entire fabric.


The switch consists of two components, the switch and the server. vFlows with operations such as drop executes within the switch component. Some vFlows operations for QoS take place in the switch component, while others operate within the co-processor by directing pertinent traffic to the co-processor.


There, the traffic is managed and then sent back to the switch component.Other actions such as copy-to-cpu sends the match traffic to the server component where the traffic is managed and then forwards packets for delivery. In general, the details are managed by Netvisor ONE including fabric scope commands that cause all switches within a fabric to participate in an operation and then sends the compiled results to the CLI or to log files.


Before you can access the files, you must enable NFS or SFTP access to the log files by using the admin-service-modify command.


CLI (network-admin@switch-1) > vflow-share-show



vnet
----

enable

------

share-path

----------

fab1-global

no

switch-1://fab1-global

fab1-global

no

switch-1://fab1-global

fab1-global

no

switch-1:///fab1-global

fab1-global

no

switch-1://fab1-global

fab1-global

no

switch-1://fab1-global

 


CLI (network-admin@switch) > vflow-share-modify fab1-global enable

 

CLI (network-admin@switch) > vflow-share-show


vnet

-----

enable

------

share-path

----------

fab1-global

yes

switch-1://fab1-global

fab1-global

yes

switch-1://fab1-global

fab1-global

no

switch-1://fab1-global

fab1-global

no

switch-1://fab1-global

fab1-global

no

switch-1://fab1-global

 

 

You can then access the statistics log files using NFS in the following locations:


For the switch scope, the files are located in: /net/switch-name//-name/flow/flow-name/switch/switch-name/stats

 

For the fabric scope, the files are located in: /net/switch-name//-name/flow/flow-name/fabric/stats

 

To create a vFlow for example, Host-Agent-Discover, and measure statistics, enter the following command:


CLI (network-admin@switch) > vflow-create name Host-Agent-Discover scope local system


To view all vFlows currently tracked by the switch or fabric, use the vflow-show command:


CLI (network-admin@switch) > vflow-show

 

switch:           pleiades24

name:             Host-Agent-Discover

scope:            local

type:             system

dst-ip:           224.4.9.6

precedence:       2

action:           copy-to-cpu

switch:           pleiades24

name:             DHCP-client

scope:            local

type:             system

in-port:          1-68

src-port:         68

proto:            udp

precedence:       2

action:           copy-to-cpu

switch:           pleiades24

name:             Host-Agent-Discover

scope:            local

type:             system

dst-ip:           224.4.9.6

precedence:       2

action:           copy-to-cpu

switch:           pleiades24

name:             DHCP-client

scope:            local

type:             system

in-port:          1-68

src-port:         68

proto:            udp

precedence:       2

action:           copy-to-cpu

 

From the information displayed in the output, you can review the switch, the name of the vFlow, scope, type of vFlow, destination IP address, precedence, and action for the vFlow.


To display statistics for all vFlows, use the vflow-stats-show command:

 

CLI (network-admin@switch) > vflow-stats-show

 

 name        packets   bytes    cpu-packets    cpu-bytes

--------     -------   -----    -----------    ---------

IGMP-Flow     368K     23.0M    392K           23.0M

LLDP-Flow     82.9K    26.3M    82.9K          26.0M

Host-Agent    17.8K    1.11M    0              0

ECP           0        0        0              0

 

To monitor statistics of a vFlow and update every 10 seconds, use the following syntax:

 

CLI (network-admin@switch) > vflow-stats-show name flow1 show-diff-interval 10

 

To log persistent records of flow statistics, use the logging parameter and collect statistics every 10 seconds:


CLI (network-admin@switch) > vflow-create name monitor-flow scope local ether-type arp stats log stats-interval 5


You can display the statistics logs for the new flow using the vflow-stats-show command.


Note: Conflicting vFlows - Multiple vFlows can be active at once, but cannot apply them at the same time. You can use the precedence parameter to set the order of the vFlows. If you set the precedence to a higher value (0 - 10 with 0 as the lowest precedence), the vFlow has a higher precedence than those with lower values. If you are seeing error messages about vFlow conflicts, try adding a precedence value to new or existing vFlows.