vflow-mgmt-show
This command is used to display the management flow details for the configured vFlows.
Syntax vflow-mgmt-show
name name-string |
The flow name. |
scope local|fabric |
The scope for the flow. |
Specify any of the following options: |
|
vnet vnet-name |
The virtual network (vNET) for the flow. |
bd bridge-domain name |
The bridge domain for the vFlow. |
vlan 0..4095 |
The VLAN identifier for the flow. The value ranges between 0-4095. |
inner-vlan 0..4095 |
The inner VLAN ID of the QinQ frame. |
in-port port-list |
The ingress (input) port for the flow. |
out-port port-list |
The egress (output) port for the flow. |
ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi|jumbo| dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old |
The EtherType for the flow. |
src-mac mac-address |
The source MAC address for the flow . |
src-mac-mask mac-address |
The source MAC address wildcard mask for the flow. |
dst-mac mac-address |
The destination MAC address for the flow. |
dst-mac-mask mac-address |
The destination MAC address wildcard mask for the flow. |
src-ip ip-address |
The source IP address for the flow. |
src-ip-mask ip-address |
The source IP address wildcard mask for the flow. |
dst-ip ip-address |
The destination IP address for the flow. |
dst-ip-mask ip-address |
The destination IP address wildcard mask for the flow. |
src-port src-port-number |
The Layer 3 protocol source port for the flow. |
src-port-end src-port-end-number |
The ending port for a range of source ports. |
src-port-mask src-port-mask-number |
The source port mask. |
dst-port dst-port-number |
The Layer 3 protocol destination port for the flow. |
dst-port-end dst-port-end-number |
The ending port for a range of destination ports. |
dst-port-mask dst-port-mask-number |
The destination port mask. |
dscp-start number |
The starting DSCP number. This is a value between 0 and 63. |
dscp-end number |
The ending DSCP number. This is a value between 0 and 63. |
dscp dscp-number |
The 6-bit Differentiated Services Code Point (DSCP) of the flow. |
dscp-map dscp-map name|none |
The DSCP map to apply on the flow. Please reapply if map priorities are updated. |
tos-start tos-start-number |
The starting ToS number. |
tos-end tos-end-number |
The ending ToS number. |
tos tos-number |
The Type of Service (ToS) number for the flow. |
dropped|no-dropped |
Specify if the vFlow matches a dropped packet or forwards the packet. |
vlan-pri number |
The priority for the VLAN. This is a value between 0 (lowest) and 7 (highest). |
inner-vlan-pri number |
The priority for the inner VLAN. This is a value between 0 (lowest) and 7 (highest). |
internal-pri 0..7 |
The internal priority as a value between 0 and 7. |
vrf vrf-name |
The name of the VRF. |
ttl ttl-number |
The time to live in seconds. |
proto tcp|udp|icmp|igmp|ip|icmpv6 |
The Layer 3 protocol for the flow. |
tcp-flags fin|syn|rst|push|ack|urg|ece|cwr |
The TCP flags to filter a vFlow. |
flow-class vflow-class name |
The vflow class. |
ingress-tunnel tunnel-name |
The name of the ingress tunnel. |
egress-tunnel tunnel name |
The name of the egress tunnel. |
bw-min bw-min-number |
The minimum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps. |
bw-max bw-max-number |
The maximum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps. |
burst-size auto |
The burst size. This parameter auto-calculates the burst size based on the maximum bandwidth settings for the vFlow. You can also configure a burst-size number between 256B through 128MB. |
vrouter-name vrouter name |
The vRouter name if you are configuring Policy-based Routing (PBR). You should not use this parameter unless you are configuring PBR. |
precedence default|0..15 |
The traffic priority for the flow (between 0 and 15) |
action none|drop|to-port|to-cpu|trap|copy-to-cpu|copy-to-port|check|setvlan|add-outer-vlan|set-tpid|to-port-set-vlan|tunnel-pkt|set-tunnel-id|to-span|cpu-rx|cpu-rx-tx|set-metadata|set-dscp|decap|set-dmac|to-next-hop-ip|set-dmac-to-port|to-ports-and-cpu|set-vlan-pri|tcp-seq-offset|tcp-ack-offset|l3-to-cpu-switch|set-smac|drop-cancel-trap|to-ecmp-group|redirect-to-vrouter|to-vp|set-svp|cancel-switch-to-cpu |
The forwarding action to apply to the flow. |
action-value number |
An optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64. |
action-set-mac-value mac-address |
MAC address to apply the action. |
action-set-svp-value svp-value |
The SVP value. |
action-to-next-hop-ip-value ip-address |
The next-hop IP address for packet redirection. |
action-to-ecmp-group-value static-ecmp-group group-name |
The ECMP group for packet redirection. |
action-to-ports-value port-list |
Port list to apply the action. |
mirror mirror-name |
The name of the mirror configuration. |
process-mirror|no-process-mirror |
Process mirrored traffic for the vFlow. |
packet-log-max packet-log-max-number |
The maximum packet count for log rotation in the flow. |
log-stats|no-log-stats |
Log packet statistics for the flow |
stats-interval seconds |
The interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800. |
dur dur-number |
The minimum duration required for the flow to be captured (in seconds). |
metadata metadata-number |
Metadata number for the flow. |
transient|no-transient |
Capture transient flows. |
vxlan vxlan-name |
The name of the VXLAN. |
vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi| jumbo|dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old |
The type of VXLAN. |
from-tunnel-decap|no-from-tunnel-decap |
Include tunnel terminated VXLAN packets. |
vxlan-proto tcp|udp|icmp|igmp|ip|icmpv6 |
The protocol type for the VXLAN. |
stp-state Disabled|Discarding|Learning|Forwarding packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast |
The STP state. |
packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast |
The packet resolution in ASIC. |
fwding-type vlan|vxlan|vle |
The ASIC forwarding type. |
set-src ip-address |
The source IP address of IPv4 packets. |
set-dst ip-address |
The destination IP address of IPv4 packets. |
set-src-port set-src-port-number |
The source port of IPv4 packets. |
set-dst-port set-dst-port-number |
The destination port of IPv4 packets. |
src-vpg vpg-name |
The source VPG name for Network Packet Broker (NPB) configuration. |
dst-vpg vpg-name |
The destination VPG name for Network Packet Broker (NPB) configuration. |
bidir-vpg-1 vpg name |
The name of the first bidirectional VPG for NPB configuration. |
bidir-vpg-2 vpg name |
The name of the second bidirectional VPG for NPB configuration. |
transparency enable|disable |
Transparency for protocol packets |
udf-name1 udf name |
The User-Defined Field name. |
udf-data1 udf-data1-number |
The User-Defined Field data. |
udf-data1-mask udf-data1-mask-number |
The mask for the User-Defined Field data. |
udf-name2 udf name |
The User-Defined Field name. |
udf-data2 udf-data2-number |
The User-Defined Field data. |
udf-data2-mask udf-data2-mask-number |
The mask for the User-Defined Field data. |
udf-name3 udf name |
The User-Defined Field name. |
udf-data3 udf-data3-number |
The User-Defined Field data. |
udf-data3-mask udf-data3-mask-number |
The mask for the User-Defined Field data. |
enable|no-enable |
Enable or disable flows in hardware. |
table-name vflow-table name |
Table name from the following list:
The following actions are supported for this parameter:
|
flow-cb default-cb|arp-cb|bcast-cb|igmp-cb|pim-cb|dhcp-cb|dhcpv6-cb|dmac-miss-cb|l2-miss-cb|no-cb |
CPU to process, vFlow callback function. |
cpu-class cpu-class name |
The CPU class name. |
description description-string |
The vFlow description. |
if mgmt|data |
The administrative service interface. |
phy-dst-port phy-dst-port-number |
The packet destination port for the vFlow. |
Defaults None.
Access CLI
History
Version 1.2 |
Command introduced. |
Version 2.1 |
The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror added. |
Version 2.2.3 |
The parameters, dscp-start, dscp-end, tos-start, tos-end, vlan-pri and ttl added. |
Version 2.2.5 |
The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror. |
Version 2.3 |
The parameters, set-src, set-dst, set-src-port, and set-dst-port, added. |
Version 2.3.1 |
The parameter, table, added. |
Version 2.4 |
The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats added. |
Version 2.5.3 |
The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added. |
Version 2.5.4 |
The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB. |
Version 2.6.0 |
The parameter table-name added. |
Version 2.6.2 |
The parameter dscp-map and cpu-class added. |
Version 3.0.0 |
The parameter dropped|no-dropped added. |
Version 5.0.0 |
The parameter if mgmt|data added. |
Version 5.1.0 |
The parameter packet-res added. |
Version 5.2.0 |
The parameters src-port-end and dst-port-end added |
Version 6.0.0 |
The parameter vrf added. |
Version 6.0.1 |
The parameters src-vpg and dst-vpg added. |
Version 6.1.0 |
The parameters inner-vlan, inner-vlan-pri, dst-vpg-1, dst-vpg-2, transparency, flow-cb, phy-dst-port added. |
Usage Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command displays information about vFlow configured on the switch.
Examples To display the configured vflow rules from the IPTables, use the command:
CLI (network-admin@spine1) > vflow-mgmt-show
name |
scope |
type |
src-ip |
dst-port |
precedence |
action |
enable |
data1 |
local |
iptable |
153.1.1.120/255.255.255.255 |
22 |
15 |
|
enable |
implicitv4_drop_tcp_22_vmgmt0 |
local |
iptable |
|
22 |
15 |
drop |
enable |
mgmt_ipv4 |
local |
iptable |
2.1.1.1 |
|
default |
none |
enable |
implicitv4_drop_icmp_vmgmt0 |
local |
iptable |
|
0 |
15 |
drop |
enable |
mgmt1_ipv6 |
local |
iptable |
2000::2/ffff:ffff:ffff:ffff:: |
|
default |
none |
enable |
mgmt_ipv6 |
local |
iptable |
2000::1/ffff:ffff:ffff:ffff:: |
|
default |
none |
enable |
implicitv6_drop_ipv6-icmp_vmgmt0 |
local |
iptable |
|
0 |
15 |
drop |
enable |