vFlow Commands
vflow-create
This command is used to create a flow definition for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic.
Syntax vflow-create
name name-string |
Specify the flow name. |
scope local|fabric |
Specify the scope for the flow. |
Specify any of the following options: |
|
vnet vnet-name |
Specify the virtual network (VNET) for the flow |
bd bridge-domain name |
Specify the bridge domain for the vFlow. |
vlan vlan-id |
Specify the VLAN identifier for the flow. The value ranges between 0-4095. |
in-port port-list |
Specify the ingress (input) port for the flow. |
out-port port-list |
Specify the egress (output) port for the flow. |
ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi|jumbo| dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old |
Specify the EtherType for the flow. |
src-mac mac-address |
Specify the source MAC address for the flow . |
src-mac-mask mac-address |
Specify the source MAC address wildcard mask for the flow. |
dst-mac mac-address |
Specify the destination MAC address for the flow. |
dst-mac-mask mac-address |
Specify the destination MAC address wildcard mask for the flow. |
src-ip ip-address |
Specify the source IP address for the flow. |
src-ip-mask ip-address |
Specify the source IP address wildcard mask for the flow. |
dst-ip ip-address |
Specify the destination IP address for the flow. |
dst-ip-mask ip-address |
Specify the destination IP address wildcard mask for the flow. |
src-port src-port-number |
Specify the Layer 3 protocol source port for the flow. |
src-port-mask src-port-mask-number |
Specify the source port mask. |
src-port-end src-port-end-number |
Specify the ending port for a range of source ports. |
dst-port dst-port-number |
Specify the Layer 3 protocol destination port for the flow. |
dst-port-mask dst-port-mask-number |
Specify the destination port mask. |
dst-port-end dst-port-end-number |
Specify the ending port for a range of destination ports. |
dscp-start number |
Specify the starting DSCP number. This is a value between 0 and 63. |
dscp-end number |
Specify the ending DSCP number. This is a value between 0 and 63. |
dscp dscp-number |
Specify the 6-bit Differentiated Services Code Point (DSCP) of the flow. |
dscp-map dscp-map name | none |
Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated. |
tos-start tos-start-number |
Specify the starting ToS number. |
tos-end tos-end-number |
Specify the ending ToS number. |
tos tos-number |
Specify the Type of Service (ToS) number for the flow. |
dropped|no-dropped |
Specify if the vFlow matches a dropped packet or forwards the packet. |
vlan-pri number |
Specify the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest). |
ttl ttl-number |
Specify the time to live in seconds. |
proto tcp|udp|icmp|igmp|ip| |
Specify the Layer 3 protocol for the flow. |
tcp-flags fin|syn|rst|push|ack|urg| |
Specify the TCP flags to filter a vFlow. |
flow-class vflow-class name |
Specify the vflow class. |
ingress-tunnel tunnel-name |
Specify the name of the ingress tunnel. |
egress-tunnel tunnel name |
Specify the name of the egress tunnel. |
bw-min bw-min-number |
Specify the minimum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps. |
bw-max bw-max-number |
Specify the maximum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps. |
burst-size auto |
Specify the burst size. This parameter auto-calculates the burst size based on the maximum bandwidth settings for the vFlow. You can also configure a burst-size number between 256B through 128MB. |
vrouter-name vrouter name |
Specify the vRouter name if you are configuring Policy-based Routing (PBR). You should not use this parameter unless you are configuring PBR. |
precedence default |
Specify the traffic priority for the flow (between 0 and 15) |
action none|drop|to-port|to-cpu|trap|copy-to-cpu|copy-to-port|check| setvlan|add-outer-vlan|set-tpid|to-port-set-vlan|tunnel-pkt| set-tunnel-id|to-span|cpu-rx|cpu-rx-tx|set-metadata|set-dscp| decap|set-dmac|to-next-hop-ip|set-dmac-to-port| to-ports-and-cpu|set-vlan-pri|tcp-seq-offset|tcp-ack-offset|l3-to-cpu-switch|set-smac|drop-cancel-trap|to-ecmp-group|redirect-to-vrouter |
Specify the forwarding action to apply to the flow. |
action-value number |
Specify an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64. |
action-set-mac-value mac-address |
Specify a MAC address to apply the action. |
action-to-next-hop-ip-value ip-address |
Specify the next-hop IP address for packet redirection |
action-to-ecmp-group-value static-ecmp-group group-name |
Specify the ECMP group for packet redirection |
action-to-ports-value port-list |
Specify a port list to apply the action. |
mirror mirror-name |
Specify the name of the mirror configuration. |
process-mirror| |
Specify to process mirrored traffic for the vflow. |
log-packets|no-log-packets |
Specify whether to log the packets in the flow. |
packet-log-max packet-log-max-number |
Specify the maximum packet count for log rotation in the flow. |
log-stats|no-log-stats |
Specify if you want to log statistics or not. |
stats-interval seconds |
Specify the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800. |
dur dur-number |
Specify the minimum duration required for the flow to be captured (in seconds). |
metadata metadata-number |
Specify a metadata number for the flow. |
transient|no-transient |
Specify whether to capture transient flows. |
vxlan vxlan-name |
Specify the name of the VXLAN. |
vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi| jumbo|dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old |
Specify the type of VXLAN. |
vxlan-proto tcp|udp|icmp|igmp|ip| |
Specify the Layer 3 protocol for the flow. |
vxlan-proto tcp|udp|icmp|igmp|ip|icmpv6 |
Specify the protocol type for the VXLAN. |
stp-state Disabled|Discarding|Learning|Forwarding packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast |
Specify the STP state. |
packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast| |
Specify the packet resolution in ASIC. |
fwding-type vlan|vxlan|vle |
Specify the ASIC forwarding type. |
set-src ip-address |
Specify the source IP address of IPv4 packets. |
set-dst ip-address |
Specify the destination IP address of IPv4 packets. |
set-src-port set-src-port-number |
Specify the source port of IPv4 packets. |
set-dst-port set-dst-port-number |
Specify the destination port of IPv4 packets. |
udf-name1 udf name |
Specify the User-Defined Field name. |
udf-data1 udf-data1-number |
Specify the User-Defined Field data. |
udf-data1-mask udf-data1-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name2 udf name |
Specify the User-Defined Field name. |
udf-data2 udf-data2-number |
Specify the User-Defined Field data. |
udf-data2-mask udf-data2-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name3 udf name |
Specify the User-Defined Field name. |
udf-data3 udf-data3-number |
Specify the User-Defined Field data. |
udf-data3-mask udf-data3-mask-number |
Specify the mask for the User-Defined Field data. |
enable|no-enable |
Specify if you want to enable or disable flows in hardware. |
table-name vflow-table name |
Specify a table name from the following list: • SrcMac • DstMac • SrcIp • DstIp • OuterVlanId • OuterVlanPri • EtherType The following actions are supported for this parameter: • InnerVlan • OuterVlan • Dscp • Vxlan • Drop • VlanPri |
cpu-class cpu-class name |
Specify the CPU class name. |
if mgmt|data |
Specify the administrative service interface. |
Defaults None.
Access CLI
History
Version 1.2 |
Command introduced. |
Version 2.1 |
The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror added. |
Version 2.2.3 |
The parameters, dscp-start, dscp-end, tos-start, tos-end, vlan-pri and ttl added. |
Version 2.2.5 |
The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror. |
Version 2.3 |
The parameters, set-src, set-dst, set-src-port, and set-dst-port, added. |
Version 2.3.1 |
The parameter, table, added. |
Version 2.4 |
The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats added. |
Version 2.5.3 |
The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added. |
Version 2.5.4 |
The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB. |
Version 2.6.0 |
The parameter, table-name, added. |
Version 2.6.2 |
The parameter, dscp-map and cpu-class added. |
Version 3.0.0 |
The parameter, dropped|no-dropped, added. |
Version 5.0.0 |
The parameter, if mgmt|data, added. |
Version 5.1.0 |
The parameter, packet-res, added. |
Version 5.2.0 |
The parameters, src-port-end and dst-port-end, added |
Usage Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.
Examples This example shows how to initiate statistcs for a flow named flow1 defined as the Internet Protocol (IP) traffic on VLAN 4091 within the local switch.
CLI network-admin@switch > vflow-create name flow1 scope local vlan 4091
This example shows how to initiate statistics for a flow, flow2, defined as the fabric-wide Internet Protocol (IP) traffic sourced by the host with IP address 172.168.18.2 classified as dropless.
CLI network-admin@switch > vflow-create name flow2 scope fabric src-ip 172.168.18.2 class dropless stats enable
This example shows how to initiate statistics for a flow flow3 defined as the Internet Protocol (IP)
traffic on VLAN 99 destined for the host with IP address 172.168.24.1 within the local switch. An action is specified to drop all traffic matching these flow attributes.
CLI network-admin@switch > vflow-create name flow3 scope local vlan 99 dst-ip 172.168.24.1 action drop stats enable
This example, shows how to create a vFlow with a burst size of 12MB. This is useful because different burst-sizes can be used for different types of metered traffic. For example, if a metered application produces bursty traffic patterns, such as clicking on a Web page link redirecting you to a media-rich page, you can now configure higher burst levels than the pre-calculated default burst levels.
CLI network-admin@switch > vflow-create name flow1 scope local in-port 12 bw-max 5G burst-size 12M
vflow-delete
This command allows you to delete an existing definition for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic.
Syntax vflow-delete name
name name-string |
Specify the flow name. |
id flow-id |
Specify the flow identifier. |
Defaults None.
Access CLI
History Command introduced in nvOS Version 1.2.1.
Usage Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.
Examples To delete the vflow definition called flow1, use the following command:
CLI network-admin@switch > vflow-delete name flow1
vflow-modify
This command is used to modify an existing vflow configuration.
Syntax vflow-modify
name name-string |
Specifies the vFlow name. |
id number |
Specifies the ID assigned to the vFlow. |
scope local|fabric |
Specifies the scope for the vFlow. |
Specify any of the following options: |
|
table vflow-table name |
Specifies the vFlow table name for the flow. |
type system|ofp|vflow|ofp-default|acl-ip|acl-mac|vxlan|nat |
Specifies the type of vFlow. |
vlan vlan-id |
Specifies the VLAN identifier for the flow. |
vnet vnet-name |
Specifies the virtual network (VNET) for the flow |
in-port port-list |
Specifies the ingress (input) port for the flow. |
out-port port-list |
Specifies the egress (output) port for the flow. |
ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe| dot1X|lldp|ecp|macsec| |
Specifies the EtherType for the flow. |
src-mac mac-address |
Specifies the source MAC address for the flow . |
src-mac-mask mac-address |
Specifies the source MAC address wildcard mask for the flow. |
dst-mac mac-address |
Specifies the destination MAC address for the flow. |
dst-mac-mask mac-address |
Specifies the destination MAC address wildcard mask for the flow. |
src-ip ip-address |
Specifies the source IP address for the flow. |
src-ip-mask ip-address |
Specifies the source IP address wildcard mask for the flow. |
dst-ip ip-address |
Specifies the destination IP address for the flow. |
dst-ip-mask ip-address |
Specifies the destination IP address wildcard mask for the flow. |
src-port src-port-number |
Specifies the Layer 3 protocol source port for the flow. |
src-port-mask src-port-mask-number |
Specifies the source port mask. |
dst-port dst-port-number |
Specifies the Layer 3 protocol destination port for the flow. |
dst-port-mask dst-port-mask-number |
Specifies the destination port mask. |
dscp-start number |
Specifies the starting DSCP number. This is a value between 0 and 63. |
dscp-end number |
Specifies the ending DSCP number. This is a value between 0 and 63. |
dscp dscp-number |
Specifies the 6-bit Differentiated Services Code Point (DSCP) of the flow. |
dscp-map dscp-map name | none |
Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated. |
tos-start tos-start-number |
Specifies the starting ToS number. |
tos-end tos-end-number |
Specifies the ending ToS number. |
tos tos-number |
Specifies the Type of Service (ToS) number for the flow. |
vlan-pri number |
Specifies the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest). |
ttl ttl-number |
Specifies the time to live in seconds. |
proto tcp|udp|icmp|igmp|ip |
Specifies the Layer 3 protocol for the flow. |
tcp-flags fin|syn|rst|push|ack|urg|ece|cwr |
Specify the TCP flags to fileter a vFlow. |
flow-class vflow-class name |
Specifies the vflow class. |
ingress-tunnel |
Specifies the name of the ingress tunnel. |
egress-tunnel tunnel name |
Specifies the name of the egress tunnel. |
bw-min bw-min-number |
Specifies the minimum bandwidth in Gbps for the vflow. |
bw-max bw-max-number |
Specifies the maximum bandwidth in Gbps for the vflow. |
burst-size auto |
Specify the burst size. |
precedence default |
Specifies the traffic priority for the flow (between 0 and 10) |
action none|drop|to-port|to-cpu|trap|copy-to-cpu|check|setvlan| tunnel-pkt|set-tunnel-id|to-span|cpu-rx|cpu-rx-tx| |
Specifies the forwarding action to apply to the flow. |
action-value number |
Specifies an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64. |
action-set-mac-value mac-address |
Specifies a MAC address to apply the action. |
action-to-ports-value port-list |
Specifies a port list to apply the action. |
mirror mirror-name |
Specifies the name of the mirror configuration. |
process-mirror| |
Specifies to process mirrored traffic for the vflow. |
log-packets|no-log- |
Specifies whether to log the packets in the flow. |
packet-log-max packet-log-max-number |
Specifies the maximum packet count for log rotation in the flow. |
log-stats|no-log-stats |
Specifies if you want to log statistics or not. |
stats-interval seconds |
Specifies the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800. |
dur dur-number |
Specifies the minimum duration required for the flow to be captured (in seconds). |
metadata metadata-number |
Specifies a metadata number for the flow. |
metadata-mask metadata-mask-number |
Specifies a metadata mask for the flow. |
transient|no-transient |
Specifies whether to capture transient flows. |
vxlan vxlan-name |
Specifies the name of the VXLAN. |
vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe|dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq |
Specifies the type of VXLAN. |
vxlan-proto tcp|udp|icmp|igmp|ip |
Specifies the Layer 3 protocol for the flow. |
hw-stats|no-hw-stats |
Specifies if hardware statistics is enabled or disabled. |
set-src ip-address |
Specifies the source IP address of IPv4 packets. |
set-dst ip-address |
Specifies the destination IP address of IPv4 packets. |
set-src-port set-src-port-number |
Specifies the source port of IPv4 packets. |
set-dst-port set-dst-port-number |
Specifies the destination port of IPv4 packets. |
udf-name1 udf name |
Specify the User-Defined Field name. |
udf-data1 udf-data1-number |
Specify the User-Defined Field data. |
udf-data1-mask udf-data1-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name2 udf name |
Specify the User-Defined Field name. |
udf-data2 udf-data2-number |
Specify the User-Defined Field data. |
udf-data2-mask udf-data2-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name3 udf name |
Specify the User-Defined Field name. |
udf-data3 udf-data3-number |
Specify the User-Defined Field data. |
udf-data3-mask udf-data3-mask-number |
Specify the mask for the User-Defined Field data. |
enable|no-enable |
Specify if you want to enable or disable flows in hardware |
table-name vflow-table name |
Specify a table name from the following list: • SrcMac • DstMac • SrcIp • DstIp • OuterVlanId • OuterVlanPri • EtherType The following actions are supported for this parameter: • InnerVlan • OuterVlan • Dscp • Vxlan • Drop • VlanPri |
cpu-class cpu-class name |
Specify the CPU class name. |
Defaults None.
Access CLI
History
Version 1.2 |
Command introduced. |
Version 2.2 |
The options, to-span, and to-port-set-nat added. |
Version 2.2.3 |
The options, cpu-rx|cpu-rx-tx|set-dscp|set-vlan-pri, added to the parameter, action. |
Version 2.2.5 |
The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror. |
Version 2.3 |
The parameters, set-src, set-dst, set-src-port, and set-dst-port, added. |
Version 2.3.1 |
The parameter, table, added. |
Version 2.4 |
The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats added. |
Version 2.4.1 |
The parameters, dur, metadata, vxlan, vxlan-ether-type, vxlan-proto, and transient, deprecated. |
Version 2.5.3 |
The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added. |
Version 2.5.4 |
The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB. |
Version 2.6.0 |
The parameter, table-name, added. |
Version 2.6.2 |
The parameter, dscp-map, added. |
Usage Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.
Examples This example shows how to modify the flow statistics capture for a flow named flow3 to specify that a duplicate of all matching traffic be forwarded to the switch controller for further analysis.
CLI network-admin@switch > vflow-modify name flow3 action copy-to-cpu
This example, shows how to create a vFlow with a burst size of 12MB. This is useful because different burst-sizes can be used for different types of metered traffic. For example, if a metered application produces bursty traffic patterns, such as clicking on a Web page link redirecting you to a media-rich page, you can now configure higher burst levels than the pre-calculated default burst levels.
CLI network-admin@switch > vflow-modify name flow1 scope local in-port 12 bw-max 5G burst-size 12M
vflow-show
This command is used to display information about configured vflows.
Syntax vflow-show
name name-string |
Specifies the vFlow name. |
id number |
Specifies the ID assigned to the vFlow. |
scope local|fabric |
Specifies the scope for the vFlow. |
Specify any of the following options: |
|
table vflow-table name |
Specifies the vFlow table name for the flow. |
type system|ofp|vflow|ofp-default|acl-ip|acl-mac|vxlan|nat |
Specifies the type of vFlow. |
vlan vlan-id |
Specifies the VLAN identifier for the flow. |
vnet vnet-name |
Specifies the virtual network (VNET) for the flow |
in-port port-list |
Specifies the ingress (input) port for the flow. |
out-port port-list |
Specifies the egress (output) port for the flow. |
ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe| dot1X|lldp|ecp|macsec| |
Specifies the EtherType for the flow. |
src-mac mac-address |
Specifies the source MAC address for the flow . |
src-mac-mask mac-address |
Specifies the source MAC address wildcard mask for the flow. |
dst-mac mac-address |
Specifies the destination MAC address for the flow. |
dst-mac-mask mac-address |
Specifies the destination MAC address wildcard mask for the flow. |
src-ip ip-address |
Specifies the source IP address for the flow. |
src-ip-mask ip-address |
Specifies the source IP address wildcard mask for the flow. |
dst-ip ip-address |
Specifies the destination IP address for the flow. |
dst-ip-mask ip-address |
Specifies the destination IP address wildcard mask for the flow. |
src-port src-port-number |
Specifies the Layer 3 protocol source port for the flow. |
src-port-mask src-port-mask-number |
Specifies the source port mask. |
dst-port dst-port-number |
Specifies the Layer 3 protocol destination port for the flow. |
dst-port-mask dst-port-mask-number |
Specifies the destination port mask. |
dscp-start number |
Specifies the starting DSCP number. This is a value between 0 and 63. |
dscp-end number |
Specifies the ending DSCP number. This is a value between 0 and 63. |
dscp dscp-number |
Specifies the 6-bit Differentiated Services Code Point (DSCP) of the flow. |
dscp-map dscp-map name | none |
Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated. |
tos-start tos-start-number |
Specifies the starting ToS number. |
tos-end tos-end-number |
Specifies the ending ToS number. |
tos tos-number |
Specifies the Type of Service (ToS) number for the flow. |
vlan-pri number |
Specifies the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest). |
ttl ttl-number |
Specifies the time to live in seconds. |
proto tcp|udp|icmp|igmp|ip |
Specifies the Layer 3 protocol for the flow. |
tcp-flags fin|syn|rst|push|ack|urg|ece|cwr |
Specify the TCP flags to fileter a vFlow. |
flow-class vflow-class name |
Specifies the vflow class. |
ingress-tunnel |
Specifies the name of the ingress tunnel. |
egress-tunnel tunnel name |
Specifies the name of the egress tunnel. |
bw-min bw-min-number |
Specifies the minimum bandwidth in Gbps for the vflow. |
bw-max bw-max-number |
Specifies the maximum bandwidth in Gbps for the vflow. |
burst-size auto |
Specify the burst size. |
precedence default |
Specifies the traffic priority for the flow (between 0 and 10) |
action none|drop|to-port|to-cpu|trap|copy-to-cpu|check|setvlan| tunnel-pkt|set-tunnel-id|to-span|cpu-rx|cpu-rx-tx| |
Specifies the forwarding action to apply to the flow. |
action-value number |
Specifies an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64. |
action-set-mac-value mac-address |
Specifies a MAC address to apply the action. |
action-to-ports-value port-list |
Specifies a port list to apply the action. |
mirror mirror-name |
Specifies the name of the mirror configuration. |
process-mirror| |
Specifies to process mirrored traffic for the vflow. |
log-packets|no-log- |
Specifies whether to log the packets in the flow. |
packet-log-max packet-log-max-number |
Specifies the maximum packet count for log rotation in the flow. |
log-stats|no-log-stats |
Specifies if you want to log statistics or not. |
stats-interval seconds |
Specifies the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800. |
dur dur-number |
Specifies the minimum duration required for the flow to be captured (in seconds). |
metadata metadata-number |
Specifies a metadata number for the flow. |
metadata-mask metadata-mask-number |
Specifies a metadata mask for the flow. |
transient|no-transient |
Specifies whether to capture transient flows. |
vxlan vxlan-name |
Specifies the name of the VXLAN. |
vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe|dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq |
Specifies the type of VXLAN. |
vxlan-proto tcp|udp|icmp|igmp|ip |
Specifies the Layer 3 protocol for the flow. |
hw-stats|no-hw-stats |
Specifies if hardware statistics is enabled or disabled. |
set-src ip-address |
Specifies the source IP address of IPv4 packets. |
set-dst ip-address |
Specifies the destination IP address of IPv4 packets. |
set-src-port set-src-port-number |
Specifies the source port of IPv4 packets. |
set-dst-port set-dst-port-number |
Specifies the destination port of IPv4 packets. |
udf-name1 udf name |
Specify the User-Defined Field name. |
udf-data1 udf-data1-number |
Specify the User-Defined Field data. |
udf-data1-mask udf-data1-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name2 udf name |
Specify the User-Defined Field name. |
udf-data2 udf-data2-number |
Specify the User-Defined Field data. |
udf-data2-mask udf-data2-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name3 udf name |
Specify the User-Defined Field name. |
udf-data3 udf-data3-number |
Specify the User-Defined Field data. |
udf-data3-mask udf-data3-mask-number |
Specify the mask for the User-Defined Field data. |
enable|no-enable |
Specify if you want to enable or disable flows in hardware |
table-name vflow-table name |
Specify a table name from the following list: • SrcMac • DstMac • SrcIp • DstIp • OuterVlanId • OuterVlanPri • EtherType The following actions are supported for this parameter: • InnerVlan • OuterVlan • Dscp • Vxlan • Drop • VlanPri |
cpu-class cpu-class name |
Specify the CPU class name. |
Defaults None.
Access CLI
History
Version 1.2 |
Command introduced. |
Version 2.1 |
The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror, and bw-min added. The options, to-span|to-port-set-nat| cpu-rx|cpu-rx-tx added to the parameter action. |
Version 2.2 |
The options, to-cpu-l2-miss|set-metadata| flow-flood|set-dscp added to the parameter, type. |
Version 2.2.3 |
The parameters, dscp-start, dscp-end, tos-start, tos-end, and vlan-pri added. |
Version 2.2.5 |
The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror. |
Version 2.3 |
The parameters, set-src, set-dst, set-src-port, and set-dst-port, added. |
Version 2.3.1 |
The parameter, table, added. |
Version 2.4 |
The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats, metadata-mask, and hw-stats added. |
Version 2.5.3 |
The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added. |
Version 2.5.4 |
The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB. |
Version 2.6.0 |
The parameter, table-name, added. |
Version 2.6.2 |
The parameter, dscp-map, added. |
Usage Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command displays information about vflows configured on the switch.
Examples To display vflow information, use the following command:
CLI network-admin@switch > vflow-show name flow1
name id scope vlan vnet src dst subnet class bw pri action stats dur mask
----- -- ----- ---- ---- --- --- ------ ----- -- --- ------ ----- --- ----
flow1 64 local 4091 :: :: :: normal 0 0 flow_normal no 0 13
vflow-snoop
This command is used to display the packet headers of flows directed to the switch CPU.
Syntax vflow-snoop
count count-number |
Specify the packet count. |
display-packets-bytes display-packets-bytes |
Specify the number packet bytes. |
name name-string |
Specify the flow name. |
Specify any of the following options: |
|
id |
Specify the ID assigned to the vFlow. |
scope local|fabric |
Specify the scope for the vFlow. |
type ofp|vflow|ofp-default|acl-ip|acl-mac|vxlan|nat|qos|nat-twice| hog-violator|pbr|iptable |
Specify the type of vFlow. |
hidden true|false |
Specify if the vFlow is hidden or not. |
vlan vlan-id |
Specify the VLAN identifier for the vFlow. |
vnet vnet-name |
Specify the virtual network (VNET) for the vFlow |
in-port port-list |
Specify the ingress (input) port for the vFlow. |
out-port port-list |
Specify the egress (output) port for the vFlow. |
ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe| dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq |
Specify the EtherType for the vFlow. |
src-mac mac-address |
Specify the source MAC address for the vFlow. |
src-mac-mask mac-address |
Specify the source MAC address wildcard mask for the vFlow. |
dst-mac mac-address |
Specify the destination MAC address for the vFlow. |
dst-mac-mask mac-address |
Specify the destination MAC address wildcard mask for the vFlow. |
src-ip ip-address |
Specify the source IP address for the vFlow. |
src-ip-mask ip-address |
Specify the source IP address wildcard mask for the vFlow. |
dst-ip ip-address |
Specify the destination IP address for the vFlow. |
dst-ip-mask ip-address |
Specify the destination IP address wildcard mask for the vFlow. |
src-port src-port-number |
Specify the Layer 3 protocol source port for the vFlow. |
src-port-mask src-port-mask-number |
Specify the source port mask. |
dst-port dst-port-number |
Specify the Layer 3 protocol destination port for the vFlow. |
dst-port-mask dst-port-mask-number |
Specify the destination port mask. |
dscp-start number |
Specify the starting DSCP number. This is a value between 0 and 63. |
dscp-end number |
Specify the ending DSCP number. This is a value between 0 and 63. |
dscp dscp-number |
Specify the 6-bit Differentiated Services Code Point (DSCP) of the flow. |
dscp-map dscp-map name | none |
Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated. |
[tos-start tos-start-number] |
Specify the starting ToS number. |
[tos-end tos-end-number] |
Specify the ending ToS number. |
tos tos-number |
Specify the Type of Service (ToS) number for the vFlow. |
vlan-pri number |
Specify the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest). |
proto tcp|udp|icmp|igmp|ip |
Specify the Layer 3 protocol for the flow. |
local-subnet|no-local-subnet |
Specify a local subnet. |
flow-class vflow-class name |
Specify the vflow class. |
ingress-tunnel tunnel-name |
Specify the name of the ingress tunnel. |
egress-tunnel tunnel-name |
Specify the name of the egress tunnel. |
bw-min bw-min-number |
Specify the minimum bandwidth for the vFlow. |
bw-max bw-max-number |
Specify the maximum bandwidth for the vFlow (in Gbps). |
precedence priority |
Specify the traffic priority for the flow (between 0 and 10) |
action none|drop|to-port|to-cpu|trap|copy-to-cpu|check|setvlan|tunnel-pkt|set-tunnel-id|to-span| |
Specify the forwarding action to apply to the flow. |
action-value number |
Specify an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64. |
action-value1 number |
Specify a VLAN ID from 1 to 4096. |
action-set-mac-value mac-address |
Specify a MAC address value. |
action-to-ports-value port-list |
Specify a port list. |
mirror mirror name |
Specify a mirror name for the configuration. |
process-mirror| |
Specify if the vFLow processes mirrored traffic or not. |
log-packets| |
Specify whether to log the packets in the flow. |
packet-log-max packet-log-max-number |
Specify the maximum packet count for log rotation in the flow. |
log-stats|no-log-stats |
Specify whether to enable packet statistics or logs for the flow. |
stats-interval seconds |
Specify the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800. |
dur dur-number |
Specify the minimum duration required for the flow to be captured (in seconds). |
[metadata metadata-number] [metadata-mask metadata-mask-number] |
Specify the metadata number and mask for the vflow. |
transient|no-transient |
Specify whether to capture transient flows. |
vxlan vxlan-name |
Specify the name of the VXLAN. |
vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi| jumbo|aoe| |
Specify the type of VXLAN. |
vxlan-proto tcp|udp|icmp|igmp|ip|icmpv6 |
|
hw-stats|no-hw-stats |
|
set-src ip-address |
Specify the source IP address of IPv4 packets. |
set-dst ip-address |
Specify the destination IP address of IPv4 packets. |
set-src-port set-src-port-number |
Specify the source port of IPv4 packets. |
set-dst-port set-dst-port-number |
Specify the destination port of IPv4 packets. |
enable|no-enable |
Specify if you want to enable or disable flows in hardware |
table-name vflow-table name |
Specify a table name from the following list: • SrcMac • DstMac • SrcIp • DstIp • OuterVlanId • OuterVlanPri • EtherType The following actions are supported for this parameter: • InnerVlan • OuterVlan • Dscp • Vxlan • Drop • VlanPri |
cpu-class cpu-class name |
Specify the CPU class name. |
Defaults None.
Access CLI
History
Version 1.2 |
Command introduced. |
Version 2.1 |
The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror, bw-min, and metadata added. The options, to-span|to-port-set-nat| cpu-rx|cpu-rx-tx added to the parameter action. |
Version 2.2.3 |
The parameters, dscp-start, dscp-end, tos-start, tos-end, vlan-pri, action-value, mirror, and process-mirror added. |
Version 2.3 |
The parameters, set-src, set-dst, set-src-port, and set-dst-port, added. The parameters, vxlan-proto and hw-stats added. The parameters action-set-mac-value and action-to-ports-value added. |
Version 2.3.1 |
The parameter, table, added. |
Version 2.4 |
The options, analytics|reserved deprecated from the parameter type. The options, ofp-default|acl-ip|acl-mac|vxlan|nat added to the parameter, type. |
Version 2.5.4 |
The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB. |
Version 2.6.0 |
The parameter, table-name, added. |
Version 2.6.2 |
The parameter, dscp-map, added. |
Usage Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command displays a running output of headers as they are directed to the switch CPU based on flow definitions specified for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic. The display output is stopped by pressing Control-C in the CLI.
Examples This example displays the packet headers as they are directed to the switch CPU based on one or several flow definitions created with the command vflow-create and the action set to copy-to-cpu:
CLI network-admin@switch > vflow-snoop
vflow-snoop
switch: 471aac, flow: 40, port: 25, size: 64
smac: 02:08:20:17:26:77, dmac: 1e:1e:1e:ac:f3:62, vlan: 55, etype: arp
switch: 471aac, flow: 40, port: 13, size: 68
smac: 00:0c:fc:00:b9:6e, dmac: ff:ff:ff:ff:ff:ff, vlan: 1, etype: arp
switch: 471aac, flow: 40, port: 15, size: 68
smac: 00:0c:fc:00:b6:71, dmac: ff:ff:ff:ff:ff:ff, vlan: 1, etype: arp