vFlow Commands

vflow-create

This command is used to create a flow definition for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic.

Syntax   vflow-create

name name-string

Specify the flow name.

scope local|fabric

Specify the scope for the flow.

Specify any of the following options:

vnet vnet-name

Specify the virtual network (VNET) for the flow

bd bridge-domain name

Specify the bridge domain for the vFlow.

vlan vlan-id

Specify the VLAN identifier for the flow. The value ranges between 0-4095.

in-port port-list

Specify the ingress (input) port for the flow.

out-port port-list

Specify the egress (output) port for the flow.

ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi|jumbo|   dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old

Specify the EtherType for the flow.

src-mac mac-address

Specify the source MAC address for the flow .

src-mac-mask mac-address

Specify the source MAC address wildcard mask for the flow.

dst-mac mac-address

Specify the destination MAC address for the flow.

dst-mac-mask mac-address

Specify the destination MAC address wildcard mask for the flow.

src-ip ip-address

Specify the source IP address for the flow.

src-ip-mask ip-address

Specify the source IP address wildcard mask for the flow.

dst-ip ip-address

Specify the destination IP address for the flow.

dst-ip-mask ip-address

Specify the destination IP address wildcard mask for the flow.

src-port src-port-number

Specify the Layer 3 protocol source port for the flow.

src-port-mask src-port-mask-number

Specify the source port mask.

dst-port dst-port-number

Specify the Layer 3 protocol destination port for the flow.

dst-port-mask dst-port-mask-number

Specify the destination port mask.

dscp-start number

Specify the starting DSCP number. This is a value between 0 and 63.

dscp-end number

Specify the ending DSCP number. This is a value between 0 and 63.

dscp dscp-number

Specify the 6-bit Differentiated Services Code Point (DSCP) of the flow.

dscp-map dscp-map name | none

Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated.

tos-start tos-start-number

Specify the starting ToS number.

tos-end tos-end-number

Specify the ending ToS number.

tos tos-number 

Specify the Type of Service (ToS) number for the flow.

dropped|no-dropped

Specify if the vFlow matches a dropped packet or forwards the packet.

vlan-pri number

Specify the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest).

ttl ttl-number

Specify the time to live in seconds.

proto tcp|udp|icmp|igmp|ip|
icmpv6

Specify the Layer 3 protocol for the flow.

tcp-flags fin|syn|rst|push|ack|urg|
ece|cwr

Specify the TCP flags to filter a vFlow.

flow-class vflow-class name

Specify the vflow class.

ingress-tunnel tunnel-name

Specify the name of the ingress tunnel.

egress-tunnel tunnel name

Specify the name of the egress tunnel.

bw-min bw-min-number

Specify the minimum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps.

bw-max bw-max-number

Specify the maximum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps.

burst-size auto

Specify the burst size. This parameter auto-calculates the burst size based on the maximum bandwidth settings for the vFlow. You can also configure a burst-size number between 256B through 128MB.

vrouter-name vrouter name

Specify the vRouter name if you are configuring Policy-based Routing (PBR). You should not use this parameter unless you are configuring PBR.

precedence default

Specify the traffic priority for the flow (between 0 and 15)

action none|drop|to-port|to-cpu|trap|copy-to-cpu|copy-to-port|check|   setvlan|add-outer-vlan|set-tpid|to-port-set-vlan|tunnel-pkt|   set-tunnel-id|to-span|cpu-rx|cpu-rx-tx|set-metadata|set-dscp|   decap|set-dmac|to-next-hop-ip|set-dmac-to-port|   to-ports-and-cpu|set-vlan-pri|tcp-seq-offset|tcp-ack-offset|l3-to-cpu-switch|set-smac|drop-cancel-trap|to-ecmp-group|redirect-to-vrouter

Specify the forwarding action to apply to the flow.

action-value number

Specify an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64.

action-set-mac-value mac-address

Specify a MAC address to apply the action.

action-to-next-hop-ip-value ip-address

Specify the next-hop IP address for packet redirection

action-to-ecmp-group-value static-ecmp-group group-name

Specify the ECMP group for packet redirection

action-to-ports-value port-list

Specify a port list to apply the action.

mirror mirror-name

Specify the name of the mirror configuration.

process-mirror|
no-process-mirror

Specify to process mirrored traffic for the vflow.

log-packets|no-log-packets

Specify whether to log the packets in the flow.

packet-log-max packet-log-max-number

Specify the maximum packet count for log rotation in the flow.

log-stats|no-log-stats

Specify if you want to log statistics or not.

stats-interval seconds

Specify the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800.

dur dur-number

Specify the minimum duration required for the flow to be captured (in seconds).

metadata metadata-number

Specify a metadata number for the flow.

transient|no-transient

Specify whether to capture transient flows.

vxlan vxlan-name

Specify the name of the VXLAN.

vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi|   jumbo|dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old

Specify the type of VXLAN.

vxlan-proto tcp|udp|icmp|igmp|ip|
icmpv6

Specify the Layer 3 protocol for the flow.

vxlan-proto tcp|udp|icmp|igmp|ip|icmpv6

Specify the protocol type for the VXLAN.

stp-state Disabled|Discarding|Learning|Forwarding packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast

Specify the STP state.

packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|
l2-broadcast

Specify the packet resolution in ASIC.

fwding-type vlan|vxlan|vle

Specify the ASIC forwarding type.

set-src ip-address

Specify the source IP address of IPv4 packets.

set-dst ip-address

Specify the destination IP address of IPv4 packets.

set-src-port set-src-port-number

Specify the source port of IPv4 packets.

set-dst-port set-dst-port-number

Specify the destination port of IPv4 packets.

udf-name1 udf name

Specify the User-Defined Field name.

udf-data1 udf-data1-number

Specify the User-Defined Field data.

udf-data1-mask udf-data1-mask-number

Specify the mask for the User-Defined Field data.

udf-name2 udf name

Specify the User-Defined Field name.

udf-data2 udf-data2-number

Specify the User-Defined Field data.

udf-data2-mask udf-data2-mask-number

Specify the mask for the User-Defined Field data.

udf-name3 udf name

Specify the User-Defined Field name.

udf-data3 udf-data3-number

Specify the User-Defined Field data.

udf-data3-mask udf-data3-mask-number

Specify the mask for the User-Defined Field data.

enable|no-enable

Specify if you want to enable or disable flows in hardware.

table-name vflow-table name

Specify a table name from the following list:

• SrcMac

• DstMac

• SrcIp

• DstIp

• OuterVlanId

• OuterVlanPri

• EtherType

The following actions are supported for this parameter:

• InnerVlan

• OuterVlan

• Dscp

• Vxlan

• Drop

• VlanPri

cpu-class cpu-class name

Specify the CPU class name.

if mgmt|data

Specify the administrative service interface.

Defaults   None.

Access   CLI

History   

Version 1.2

Command introduced.

Version 2.1

The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror added.

Version 2.2.3

The parameters, dscp-start, dscp-end, tos-start, tos-end, vlan-pri and ttl added.

Version 2.2.5

The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror.

Version 2.3

The parameters, set-src, set-dst, set-src-port, and set-dst-port, added.

Version 2.3.1

The parameter, table, added.

Version 2.4

The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats added.

Version 2.5.3

The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added.

Version 2.5.4

The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB.

Version 2.6.0

The parameter, table-name, added.

Version 2.6.2

The parameter, dscp-map and cpu-class added.

Version 3.0.0

The parameter, dropped|no-dropped, added.

Version 5.0.0

The parameter,  if mgmt|data, added.

Version 5.1.0

The parameter, packet-res, added.

Usage   Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.

Examples  This example shows how to initiate statistcs for a flow named flow1 defined as the Internet Protocol (IP) traffic on VLAN 4091 within the local switch.

CLI network-admin@switch > vflow-create name flow1 scope local vlan 4091

This example shows how to initiate statistics for a flow, flow2, defined as the fabric-wide Internet Protocol (IP) traffic sourced by the host with IP address 172.168.18.2 classified as dropless.

CLI network-admin@switch > vflow-create name flow2 scope fabric src-ip 172.168.18.2 class dropless stats enable

This example shows how to initiate statistics for a flow flow3 defined as the Internet Protocol (IP)

traffic on VLAN 99 destined for the host with IP address 172.168.24.1 within the local switch. An action is specified to drop all traffic matching these flow attributes.

CLI network-admin@switch > vflow-create name flow3 scope local vlan 99 dst-ip 172.168.24.1 action drop stats enable

This example, shows how to create a vFlow with a burst size of 12MB. This is useful because different burst-sizes can be used for different types of metered traffic. For example, if a metered application produces bursty traffic patterns, such as clicking on a Web page link redirecting you to a media-rich page, you can now configure higher burst levels than the pre-calculated default burst levels.

CLI network-admin@switch > vflow-create name flow1 scope local in-port 12 bw-max 5G burst-size 12M

vflow-delete

This command allows you to delete an existing definition for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic.

Syntax   vflow-delete name  

name name-string

Specify the flow name.

id flow-id

Specify the flow identifier.

Defaults   None.

Access   CLI

History   Command introduced in nvOS Version 1.2.1.

Usage   Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.

Examples  To delete the vflow definition called flow1, use the following command:

CLI network-admin@switch > vflow-delete name flow1

vflow-modify

This command is used to modify an existing vflow configuration.

Syntax   vflow-modify

name name-string

Specifies the vFlow name.

id number

Specifies the ID assigned to the vFlow.

scope local|fabric

Specifies the scope for the vFlow.

Specify any of the following options:

table vflow-table name

Specifies the vFlow table name for the flow.

type system|ofp|vflow|ofp-default|acl-ip|acl-mac|vxlan|nat

Specifies the type of vFlow.

vlan vlan-id

Specifies the VLAN identifier for the flow.

vnet vnet-name

Specifies the virtual network (VNET) for the flow

in-port port-list

Specifies the ingress (input) port for the flow.

out-port port-list

Specifies the egress (output) port for the flow.

ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe| dot1X|lldp|ecp|macsec|
ptp|fcoe|fcoe-init|qinq

Specifies the EtherType for the flow.

src-mac mac-address

Specifies the source MAC address for the flow .

src-mac-mask mac-address

Specifies the source MAC address wildcard mask for the flow.

dst-mac mac-address

Specifies the destination MAC address for the flow.

dst-mac-mask mac-address

Specifies the destination MAC address wildcard mask for the flow.

src-ip ip-address

Specifies the source IP address for the flow.

src-ip-mask ip-address

Specifies the source IP address wildcard mask for the flow.

dst-ip ip-address

Specifies the destination IP address for the flow.

dst-ip-mask ip-address

Specifies the destination IP address wildcard mask for the flow.

src-port src-port-number

Specifies the Layer 3 protocol source port for the flow.

src-port-mask src-port-mask-number

Specifies the source port mask.

dst-port dst-port-number

Specifies the Layer 3 protocol destination port for the flow.

dst-port-mask dst-port-mask-number

Specifies the destination port mask.

dscp-start number

Specifies the starting DSCP number. This is a value between 0 and 63.

dscp-end number

Specifies the ending DSCP number. This is a value between 0 and 63.

dscp dscp-number

Specifies the 6-bit Differentiated Services Code Point (DSCP) of the flow.

dscp-map dscp-map name | none

Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated.

tos-start tos-start-number

Specifies the starting ToS number.

tos-end tos-end-number

Specifies the ending ToS number.

tos tos-number 

Specifies the Type of Service (ToS) number for the flow.

vlan-pri number

Specifies the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest).

ttl ttl-number

Specifies the time to live in seconds.

proto tcp|udp|icmp|igmp|ip

Specifies the Layer 3 protocol for the flow.

tcp-flags fin|syn|rst|push|ack|urg|ece|cwr

Specify the TCP flags to fileter a vFlow.

flow-class vflow-class name

Specifies the vflow class.

ingress-tunnel
tunnel-name

Specifies the name of the ingress tunnel.

egress-tunnel tunnel name

Specifies the name of the egress tunnel.

bw-min bw-min-number

Specifies the minimum bandwidth in Gbps for the vflow.

bw-max bw-max-number

Specifies the maximum bandwidth in Gbps for the vflow.

burst-size auto

Specify the burst size.

precedence default

Specifies the traffic priority for the flow (between 0 and 10)

action none|drop|to-port|to-cpu|trap|copy-to-cpu|check|setvlan|   tunnel-pkt|set-tunnel-id|to-span|cpu-rx|cpu-rx-tx|
set-metadata|set-dscp|decap|set-dmac|set-dmac-to-port|to-ports-and-cpu|set-vlan-pri|tcp-seq-offset|tcp-ack-offset|l3-to-cpu-switch

Specifies the forwarding action to apply to the flow.

action-value number

Specifies an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64.

action-set-mac-value mac-address

Specifies a MAC address to apply the action.

action-to-ports-value port-list

Specifies a port list to apply the action.

mirror mirror-name

Specifies the name of the mirror configuration.

process-mirror|
no-process-mirror

Specifies to process mirrored traffic for the vflow.

log-packets|no-log-
packets

Specifies whether to log the packets in the flow.

packet-log-max packet-log-max-number

Specifies the maximum packet count for log rotation in the flow.

log-stats|no-log-stats

Specifies if you want to log statistics or not.

stats-interval seconds

Specifies the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800.

dur dur-number

Specifies the minimum duration required for the flow to be captured (in seconds).

metadata metadata-number

Specifies a metadata number for the flow.

metadata-mask metadata-mask-number

Specifies a metadata mask for the flow.

transient|no-transient

Specifies whether to capture transient flows.

vxlan vxlan-name

Specifies the name of the VXLAN.

vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe|dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq

Specifies the type of VXLAN.

vxlan-proto tcp|udp|icmp|igmp|ip

Specifies the Layer 3 protocol for the flow.

hw-stats|no-hw-stats

Specifies if hardware statistics is enabled or disabled.

set-src ip-address

Specifies the source IP address of IPv4 packets.

set-dst ip-address

Specifies the destination IP address of IPv4 packets.

set-src-port set-src-port-number

Specifies the source port of IPv4 packets.

set-dst-port set-dst-port-number

Specifies the destination port of IPv4 packets.

udf-name1 udf name

Specify the User-Defined Field name.

udf-data1 udf-data1-number

Specify the User-Defined Field data.

udf-data1-mask udf-data1-mask-number

Specify the mask for the User-Defined Field data.

udf-name2 udf name

Specify the User-Defined Field name.

udf-data2 udf-data2-number

Specify the User-Defined Field data.

udf-data2-mask udf-data2-mask-number

Specify the mask for the User-Defined Field data.

udf-name3 udf name

Specify the User-Defined Field name.

udf-data3 udf-data3-number

Specify the User-Defined Field data.

udf-data3-mask udf-data3-mask-number

Specify the mask for the User-Defined Field data.

enable|no-enable

Specify if you want to enable or disable flows in hardware

table-name vflow-table name

Specify a table name from the following list:

• SrcMac

• DstMac

• SrcIp

• DstIp

• OuterVlanId

• OuterVlanPri

• EtherType

The following actions are supported for this parameter:

• InnerVlan

• OuterVlan

• Dscp

• Vxlan

• Drop

• VlanPri

cpu-class cpu-class name

Specify the CPU class name.

Defaults   None.

Access   CLI

History   

Version 1.2

Command introduced.

Version 2.2

The options, to-span, and to-port-set-nat added.

Version 2.2.3

The options, cpu-rx|cpu-rx-tx|set-dscp|set-vlan-pri, added to the parameter, action.

Version 2.2.5

The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror.

Version 2.3

The parameters, set-src, set-dst, set-src-port, and set-dst-port, added.

Version 2.3.1

The parameter, table, added.

Version 2.4

The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats added.

Version 2.4.1

The parameters, dur, metadata, vxlan, vxlan-ether-type, vxlan-proto, and transient, deprecated.

Version 2.5.3

The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added.

Version 2.5.4

The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB.

Version 2.6.0

The parameter, table-name, added.

Version 2.6.2

The parameter, dscp-map, added.

Usage   Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.

Examples  This example shows how to modify the flow statistics capture for a flow named flow3 to specify that a duplicate of all matching traffic be forwarded to the switch controller for further analysis.

CLI network-admin@switch > vflow-modify name flow3 action copy-to-cpu

This example, shows how to create a vFlow with a burst size of 12MB. This is useful because different burst-sizes can be used for different types of metered traffic. For example, if a metered application produces bursty traffic patterns, such as clicking on a Web page link redirecting you to a media-rich page, you can now configure higher burst levels than the pre-calculated default burst levels.

CLI network-admin@switch > vflow-modify name flow1 scope local in-port 12 bw-max 5G burst-size 12M

vflow-show

This command is used to display information about configured vflows.

Syntax   vflow-show

name name-string

Specifies the vFlow name.

id number

Specifies the ID assigned to the vFlow.

scope local|fabric

Specifies the scope for the vFlow.

Specify any of the following options:

table vflow-table name

Specifies the vFlow table name for the flow.

type system|ofp|vflow|ofp-default|acl-ip|acl-mac|vxlan|nat

Specifies the type of vFlow.

vlan vlan-id

Specifies the VLAN identifier for the flow.

vnet vnet-name

Specifies the virtual network (VNET) for the flow

in-port port-list

Specifies the ingress (input) port for the flow.

out-port port-list

Specifies the egress (output) port for the flow.

ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe| dot1X|lldp|ecp|macsec|
ptp|fcoe|fcoe-init|qinq

Specifies the EtherType for the flow.

src-mac mac-address

Specifies the source MAC address for the flow .

src-mac-mask mac-address

Specifies the source MAC address wildcard mask for the flow.

dst-mac mac-address

Specifies the destination MAC address for the flow.

dst-mac-mask mac-address

Specifies the destination MAC address wildcard mask for the flow.

src-ip ip-address

Specifies the source IP address for the flow.

src-ip-mask ip-address

Specifies the source IP address wildcard mask for the flow.

dst-ip ip-address

Specifies the destination IP address for the flow.

dst-ip-mask ip-address

Specifies the destination IP address wildcard mask for the flow.

src-port src-port-number

Specifies the Layer 3 protocol source port for the flow.

src-port-mask src-port-mask-number

Specifies the source port mask.

dst-port dst-port-number

Specifies the Layer 3 protocol destination port for the flow.

dst-port-mask dst-port-mask-number

Specifies the destination port mask.

dscp-start number

Specifies the starting DSCP number. This is a value between 0 and 63.

dscp-end number

Specifies the ending DSCP number. This is a value between 0 and 63.

dscp dscp-number

Specifies the 6-bit Differentiated Services Code Point (DSCP) of the flow.

dscp-map dscp-map name | none

Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated.

tos-start tos-start-number

Specifies the starting ToS number.

tos-end tos-end-number

Specifies the ending ToS number.

tos tos-number 

Specifies the Type of Service (ToS) number for the flow.

vlan-pri number

Specifies the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest).

ttl ttl-number

Specifies the time to live in seconds.

proto tcp|udp|icmp|igmp|ip

Specifies the Layer 3 protocol for the flow.

tcp-flags fin|syn|rst|push|ack|urg|ece|cwr

Specify the TCP flags to fileter a vFlow.

flow-class vflow-class name

Specifies the vflow class.

ingress-tunnel
tunnel-name

Specifies the name of the ingress tunnel.

egress-tunnel tunnel name

Specifies the name of the egress tunnel.

bw-min bw-min-number

Specifies the minimum bandwidth in Gbps for the vflow.

bw-max bw-max-number

Specifies the maximum bandwidth in Gbps for the vflow.

burst-size auto

Specify the burst size.

precedence default

Specifies the traffic priority for the flow (between 0 and 10)

action none|drop|to-port|to-cpu|trap|copy-to-cpu|check|setvlan|   tunnel-pkt|set-tunnel-id|to-span|cpu-rx|cpu-rx-tx|
set-metadata|set-dscp|decap|set-dmac|set-dmac-to-port|to-ports-and-cpu|set-vlan-pri|tcp-seq-offset|tcp-ack-offset|l3-to-cpu-switch

Specifies the forwarding action to apply to the flow.

action-value number

Specifies an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64.

action-set-mac-value mac-address

Specifies a MAC address to apply the action.

action-to-ports-value port-list

Specifies a port list to apply the action.

mirror mirror-name

Specifies the name of the mirror configuration.

process-mirror|
no-process-mirror

Specifies to process mirrored traffic for the vflow.

log-packets|no-log-
packets

Specifies whether to log the packets in the flow.

packet-log-max packet-log-max-number

Specifies the maximum packet count for log rotation in the flow.

log-stats|no-log-stats

Specifies if you want to log statistics or not.

stats-interval seconds

Specifies the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800.

dur dur-number

Specifies the minimum duration required for the flow to be captured (in seconds).

metadata metadata-number

Specifies a metadata number for the flow.

metadata-mask metadata-mask-number

Specifies a metadata mask for the flow.

transient|no-transient

Specifies whether to capture transient flows.

vxlan vxlan-name

Specifies the name of the VXLAN.

vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe|dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq

Specifies the type of VXLAN.

vxlan-proto tcp|udp|icmp|igmp|ip

Specifies the Layer 3 protocol for the flow.

hw-stats|no-hw-stats

Specifies if hardware statistics is enabled or disabled.

set-src ip-address

Specifies the source IP address of IPv4 packets.

set-dst ip-address

Specifies the destination IP address of IPv4 packets.

set-src-port set-src-port-number

Specifies the source port of IPv4 packets.

set-dst-port set-dst-port-number

Specifies the destination port of IPv4 packets.

udf-name1 udf name

Specify the User-Defined Field name.

udf-data1 udf-data1-number

Specify the User-Defined Field data.

udf-data1-mask udf-data1-mask-number

Specify the mask for the User-Defined Field data.

udf-name2 udf name

Specify the User-Defined Field name.

udf-data2 udf-data2-number

Specify the User-Defined Field data.

udf-data2-mask udf-data2-mask-number

Specify the mask for the User-Defined Field data.

udf-name3 udf name

Specify the User-Defined Field name.

udf-data3 udf-data3-number

Specify the User-Defined Field data.

udf-data3-mask udf-data3-mask-number

Specify the mask for the User-Defined Field data.

enable|no-enable

Specify if you want to enable or disable flows in hardware

table-name vflow-table name

Specify a table name from the following list:

• SrcMac

• DstMac

• SrcIp

• DstIp

• OuterVlanId

• OuterVlanPri

• EtherType

The following actions are supported for this parameter:

• InnerVlan

• OuterVlan

• Dscp

• Vxlan

• Drop

• VlanPri

cpu-class cpu-class name

Specify the CPU class name.

Defaults   None.

Access   CLI

History   

Version 1.2

Command introduced.

Version 2.1

The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror, and bw-min added. The options, to-span|to-port-set-nat| cpu-rx|cpu-rx-tx added to the parameter action.

Version 2.2

The options, to-cpu-l2-miss|set-metadata| flow-flood|set-dscp added to the parameter, type.

Version 2.2.3

The parameters, dscp-start, dscp-end, tos-start, tos-end, and vlan-pri added.

Version 2.2.5

The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror.

Version 2.3

The parameters, set-src, set-dst, set-src-port, and set-dst-port, added.

Version 2.3.1

The parameter, table, added.

Version 2.4

The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats, metadata-mask, and hw-stats added.

Version 2.5.3

The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added.

Version 2.5.4

The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB.

Version 2.6.0

The parameter, table-name, added.

Version 2.6.2

The parameter, dscp-map, added.

Usage   Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command displays information about vflows configured on the switch.

Examples  To display vflow information, use the following command:

CLI network-admin@switch > vflow-show name flow1

name  id scope vlan vnet src dst subnet class bw pri action stats dur mask

----- -- ----- ---- ---- --- --- ------ ----- -- --- ------ ----- --- ----

flow1 64 local 4091      ::  ::  ::     normal 0 0 flow_normal no 0   13

vflow-snoop

This command is used to display the packet headers of flows directed to the switch CPU.

Syntax   vflow-snoop

count count-number

Specify the packet count.

display-packets-bytes display-packets-bytes 

Specify the number packet bytes.

name name-string

Specify the flow name.

Specify any of the following options:

id

Specify the ID assigned to the vFlow.

scope local|fabric

Specify the scope for the vFlow.

type ofp|vflow|ofp-default|acl-ip|acl-mac|vxlan|nat|qos|nat-twice| hog-violator|pbr|iptable

Specify the type of vFlow.

hidden true|false

Specify if the vFlow is hidden or not.

vlan vlan-id

Specify the VLAN identifier for the vFlow.

vnet vnet-name

Specify the virtual network (VNET) for the vFlow

in-port port-list

Specify the ingress (input) port for the vFlow.

out-port port-list

Specify the egress (output) port for the vFlow.

ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe| dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq

Specify the EtherType for the vFlow.

src-mac mac-address

Specify the source MAC address for the vFlow.

src-mac-mask mac-address

Specify the source MAC address wildcard mask for the vFlow.

dst-mac mac-address

Specify the destination MAC address for the vFlow.

dst-mac-mask mac-address

Specify the destination MAC address wildcard mask for the vFlow.

src-ip ip-address

Specify the source IP address for the vFlow.

src-ip-mask ip-address

Specify the source IP address wildcard mask for the vFlow.

dst-ip ip-address

Specify the destination IP address for the vFlow.

dst-ip-mask ip-address

Specify the destination IP address wildcard mask for the vFlow.

src-port src-port-number

Specify the Layer 3 protocol source port for the vFlow.

src-port-mask src-port-mask-number

Specify the source port mask.

dst-port dst-port-number

Specify the Layer 3 protocol destination port for the vFlow.

dst-port-mask dst-port-mask-number

Specify the destination port mask.

dscp-start number

Specify the starting DSCP number. This is a value between 0 and 63.

dscp-end number

Specify the ending DSCP number. This is a value between 0 and 63.

dscp dscp-number

Specify the 6-bit Differentiated Services Code Point (DSCP) of the flow.

dscp-map dscp-map name | none

Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated.

[tos-start tos-start-number]

Specify the starting ToS number.

[tos-end tos-end-number]

Specify the ending ToS number.

tos tos-number 

Specify the Type of Service (ToS) number for the vFlow.

vlan-pri number

Specify the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest).

proto tcp|udp|icmp|igmp|ip

Specify the Layer 3 protocol for the flow.

local-subnet|no-local-subnet

Specify a local subnet.

flow-class vflow-class name

Specify the vflow class.

ingress-tunnel tunnel-name

Specify the name of the ingress tunnel.

egress-tunnel tunnel-name

Specify the name of the egress tunnel.

bw-min bw-min-number

Specify the minimum bandwidth for the vFlow.

bw-max bw-max-number

Specify the maximum bandwidth for the vFlow (in Gbps).

precedence priority

Specify the traffic priority for the flow (between 0 and 10)

action none|drop|to-port|to-cpu|trap|copy-to-cpu|check|setvlan|tunnel-pkt|set-tunnel-id|to-span|
cpu-rx| cpu-rx-tx|
set-metadata|set-dscp|decap|set-dmac|set-dmac-to-port|
to-ports-and-cpu|set-vlan-pri|tcp-seq-offset| tcp-ack-offset|
l3-to-cpu-switch|set-smac|
drop-cancel-trap|to-ecmp-group|              redirect-to-vrouter

Specify the forwarding action to apply to the flow.

action-value number

Specify an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64.

action-value1 number

Specify a VLAN ID from 1 to 4096.

action-set-mac-value mac-address

Specify a MAC address value.

action-to-ports-value port-list

Specify a port list.

mirror mirror name

Specify a mirror name for the configuration.

process-mirror|
no-process-mirror

Specify if the vFLow processes mirrored traffic or not.

log-packets|
no-log-packets

Specify whether to log the packets in the flow.

packet-log-max packet-log-max-number

Specify the maximum packet count for log rotation in the flow.

log-stats|no-log-stats

Specify whether to enable packet statistics or logs for the flow.

stats-interval seconds

Specify the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800.

dur dur-number

Specify the minimum duration required for the flow to be captured (in seconds).

[metadata metadata-number]

[metadata-mask metadata-mask-number]

Specify the metadata number and mask for the vflow.

transient|no-transient

Specify whether to capture transient flows.

vxlan vxlan-name

Specify the name of the VXLAN.

vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi| jumbo|aoe|
dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq vxlan-proto tcp|udp|icmp|igmp|ip

Specify the type of VXLAN.

vxlan-proto tcp|udp|icmp|igmp|ip|icmpv6

 

hw-stats|no-hw-stats

 

set-src ip-address

Specify the source IP address of IPv4 packets.

set-dst ip-address

Specify the destination IP address of IPv4 packets.

set-src-port set-src-port-number

Specify the source port of IPv4 packets.

set-dst-port set-dst-port-number

Specify the destination port of IPv4 packets.

enable|no-enable

Specify if you want to enable or disable flows in hardware

table-name vflow-table name

Specify a table name from the following list:

• SrcMac

• DstMac

• SrcIp

• DstIp

• OuterVlanId

• OuterVlanPri

• EtherType

The following actions are supported for this parameter:

• InnerVlan

• OuterVlan

• Dscp

• Vxlan

• Drop

• VlanPri

cpu-class cpu-class name

Specify the CPU class name.

Defaults   None.

Access   CLI

History   

Version 1.2

Command introduced.

Version 2.1

The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror, bw-min, and metadata added. The options, to-span|to-port-set-nat| cpu-rx|cpu-rx-tx added to the parameter action.

Version 2.2.3

The parameters, dscp-start, dscp-end, tos-start, tos-end, vlan-pri, action-value, mirror, and process-mirror added.

Version 2.3

The parameters, set-src, set-dst, set-src-port, and set-dst-port, added. The parameters, vxlan-proto and hw-stats added. The parameters action-set-mac-value and action-to-ports-value added.

Version 2.3.1

The parameter, table, added.

Version 2.4

The options, analytics|reserved deprecated from the parameter type. The options, ofp-default|acl-ip|acl-mac|vxlan|nat added to the parameter, type.

Version 2.5.4

The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB.

Version 2.6.0

The parameter, table-name, added.

Version 2.6.2

The parameter, dscp-map, added.

Usage   Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command displays a running output of headers as they are directed to the switch CPU based on flow definitions specified for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic. The display output is stopped by pressing Control-C in the CLI.

Examples  This example displays the packet headers as they are directed to the switch CPU based on one or several flow definitions created with the command vflow-create and the action set to copy-to-cpu:

CLI network-admin@switch > vflow-snoop

vflow-snoop

switch: 471aac, flow: 40, port: 25, size: 64

smac: 02:08:20:17:26:77, dmac: 1e:1e:1e:ac:f3:62, vlan: 55, etype: arp

switch: 471aac, flow: 40, port: 13, size: 68

smac: 00:0c:fc:00:b9:6e, dmac: ff:ff:ff:ff:ff:ff, vlan: 1, etype: arp

switch: 471aac, flow: 40, port: 15, size: 68

smac: 00:0c:fc:00:b6:71, dmac: ff:ff:ff:ff:ff:ff, vlan: 1, etype: arp