vflow-snoop
This command is used to display the packet headers of flows directed to the switch CPU.
Syntax vflow-snoop
name name-string |
Specify the flow name. |
scope local|fabric |
Specify the scope for the flow. |
Specify any of the following options: |
|
vnet vnet-name |
Specify the virtual network (VNET) for the flow |
bd bridge-domain name |
Specify the bridge domain for the vFlow. |
vlan 0..4095 |
Specify the VLAN identifier for the flow. The value ranges between 0-4095. |
inner-vlan 0..4095 |
Specify the inner VLAN ID of the QinQ frame. |
in-port port-list |
Specify the ingress (input) port for the flow. |
out-port port-list |
Specify the egress (output) port for the flow. |
ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi|jumbo| dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old |
Specify the EtherType for the flow. |
src-mac mac-address |
Specify the source MAC address for the flow . |
src-mac-mask mac-address |
Specify the source MAC address wildcard mask for the flow. |
dst-mac mac-address |
Specify the destination MAC address for the flow. |
dst-mac-mask mac-address |
Specify the destination MAC address wildcard mask for the flow. |
src-ip ip-address |
Specify the source IP address for the flow. |
src-ip-mask ip-address |
Specify the source IP address wildcard mask for the flow. |
dst-ip ip-address |
Specify the destination IP address for the flow. |
dst-ip-mask ip-address |
Specify the destination IP address wildcard mask for the flow. |
src-port src-port-number |
Specify the Layer 3 protocol source port for the flow. |
src-port-end src-port-end-number |
Specify the ending port for a range of source ports. |
src-port-mask src-port-mask-number |
Specify the source port mask. |
dst-port dst-port-number |
Specify the Layer 3 protocol destination port for the flow. |
dst-port-end dst-port-end-number |
Specify the ending port for a range of destination ports. |
dst-port-mask dst-port-mask-number |
Specify the destination port mask. |
dscp-start number |
Specify the starting DSCP number. This is a value between 0 and 63. |
dscp-end number |
Specify the ending DSCP number. This is a value between 0 and 63. |
dscp dscp-number |
Specify the 6-bit Differentiated Services Code Point (DSCP) of the flow. |
dscp-map dscp-map name|none |
Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated. |
tos-start tos-start-number |
Specify the starting ToS number. |
tos-end tos-end-number |
Specify the ending ToS number. |
tos tos-number |
Specify the Type of Service (ToS) number for the flow. |
dropped|no-dropped |
Specify if the vFlow matches a dropped packet or forwards the packet. |
vlan-pri number |
Specify the priority for the VLAN. This is a value between 0 (lowest) and 7 (highest). |
inner-vlan-pri number |
Specify the priority for the inner VLAN. This is a value between 0 (lowest) and 7 (highest). |
internal-pri 0..7 |
Specify the internal priority as a value between 0 and 7. |
vrf vrf-name |
Specify the name of the VRF. |
ttl ttl-number |
Specify the time to live in seconds. |
proto tcp|udp|icmp|igmp|ip|icmpv6 |
Specify the Layer 3 protocol for the flow. |
tcp-flags fin|syn|rst|push|ack|urg|ece|cwr |
Specify the TCP flags to filter a vFlow. |
flow-class vflow-class name |
Specify the vflow class. |
ingress-tunnel tunnel-name |
Specify the name of the ingress tunnel. |
egress-tunnel tunnel name |
Specify the name of the egress tunnel. |
bw-min bw-min-number |
Specify the minimum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps. |
bw-max bw-max-number |
Specify the maximum bandwidth in Gbps for the vflow. This is a range from 0 to 40Gbps. |
burst-size auto |
Specify the burst size. This parameter auto-calculates the burst size based on the maximum bandwidth settings for the vFlow. You can also configure a burst-size number between 256B through 128MB. |
vrouter-name vrouter name |
Specify the vRouter name if you are configuring Policy-based Routing (PBR). You should not use this parameter unless you are configuring PBR. |
precedence default|0..15 |
Specify the traffic priority for the flow (between 0 and 15) |
action none|drop|to-port|to-cpu|trap|copy-to-cpu|copy-to-port|check|setvlan|add-outer-vlan|set-tpid|to-port-set-vlan|tunnel-pkt|set-tunnel-id|to-span|cpu-rx|cpu-rx-tx|set-metadata|set-dscp|decap|set-dmac|to-next-hop-ip|set-dmac-to-port|to-ports-and-cpu|set-vlan-pri|tcp-seq-offset|tcp-ack-offset|l3-to-cpu-switch|set-smac|drop-cancel-trap|to-ecmp-group|redirect-to-vrouter|to-vp|set-svp|cancel-switch-to-cpu |
Specify the forwarding action to apply to the flow. |
action-value number |
Specify an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1 and 64. |
action-set-mac-value mac-address |
Specify a MAC address to apply the action. |
action-set-svp-value svp-value |
Specify the SVP value. |
action-to-next-hop-ip-value ip-address |
Specify the next-hop IP address for packet redirection. |
action-to-ecmp-group-value static-ecmp-group group-name |
Specify the ECMP group for packet redirection. |
action-to-ports-value port-list |
Specify a port list to apply the action. |
mirror mirror-name |
Specify the name of the mirror configuration. |
process-mirror|no-process-mirror |
Specify to process mirrored traffic for the vflow. |
packet-log-max packet-log-max-number |
Specify the maximum packet count for log rotation in the flow. |
log-stats|no-log-stats |
Specify if you want to log statistics or not. |
stats-interval seconds |
Specify the interval to update packet statistics for the log (in seconds). This is a value between 1 and 604800. |
dur dur-number |
Specify the minimum duration required for the flow to be captured (in seconds). |
metadata metadata-number |
Specify a metadata number for the flow. |
transient|no-transient |
Specify whether to capture transient flows. |
vxlan vxlan-name |
Specify the name of the VXLAN. |
vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi| jumbo|dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old |
Specify the type of VXLAN. |
from-tunnel-decap|no-from-tunnel-decap |
Specify if you want to include tunnel terminated VXLAN packets. |
vxlan-proto tcp|udp|icmp|igmp|ip|icmpv6 |
Specify the protocol type for the VXLAN. |
stp-state Disabled|Discarding|Learning|Forwarding packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast |
Specify the STP state. |
packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast |
Specify the packet resolution in ASIC. |
fwding-type vlan|vxlan|vle |
Specify the ASIC forwarding type. |
set-src ip-address |
Specify the source IP address of IPv4 packets. |
set-dst ip-address |
Specify the destination IP address of IPv4 packets. |
set-src-port set-src-port-number |
Specify the source port of IPv4 packets. |
set-dst-port set-dst-port-number |
Specify the destination port of IPv4 packets. |
src-vpg vpg-name |
Specify the source VPG name for Network Packet Broker (NPB) configuration. |
dst-vpg vpg-name |
Specify the destination VPG name for Network Packet Broker (NPB) configuration. |
bidir-vpg-1 vpg name |
Specify the name of the first bidirectional VPG for NPB configuration. |
bidir-vpg-2 vpg name |
Specify the name of the second bidirectional VPG for NPB configuration. |
transparency enable|disable |
Specify if you want to enable or disable protocol transparency. |
udf-name1 udf name |
Specify the User-Defined Field name. |
udf-data1 udf-data1-number |
Specify the User-Defined Field data. |
udf-data1-mask udf-data1-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name2 udf name |
Specify the User-Defined Field name. |
udf-data2 udf-data2-number |
Specify the User-Defined Field data. |
udf-data2-mask udf-data2-mask-number |
Specify the mask for the User-Defined Field data. |
udf-name3 udf name |
Specify the User-Defined Field name. |
udf-data3 udf-data3-number |
Specify the User-Defined Field data. |
udf-data3-mask udf-data3-mask-number |
Specify the mask for the User-Defined Field data. |
enable|no-enable |
Specify if you want to enable or disable flows in hardware. |
table-name vflow-table name |
Specify a table name from the following list:
The following actions are supported for this parameter:
|
flow-cb default-cb|arp-cb|bcast-cb|igmp-cb|pim-cb|dhcp-cb|dhcpv6-cb|dmac-miss-cb|l2-miss-cb|no-cb |
CPU to process, vFlow callback function |
cpu-class cpu-class name |
Specify the CPU class name. |
description description-string |
Specify a vFlow description. |
if mgmt|data |
Specify the administrative service interface. |
phy-dst-port phy-dst-port-number |
Packet destination port for the vFlow. |
Defaults None.
Access CLI
History
Version 1.2 |
Command introduced. |
Version 2.1 |
The parameter, type, is deprecated. The option, cluster, for scope is deprecated. The option, meter, for action is deprecated. The parameters, mirror|no mirror, and process-mirror|no-process-mirror added. |
Version 2.2.3 |
The parameters, dscp-start, dscp-end, tos-start, tos-end, vlan-pri and ttl added. |
Version 2.2.5 |
The parameters, set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value, added. The parameter, mirror, added. The parameter, mirror|no-mirror changed to process-mirror|no-process-mirror. |
Version 2.3 |
The parameters, set-src, set-dst, set-src-port, and set-dst-port, added. |
Version 2.3.1 |
The parameter, table, added. |
Version 2.4 |
The parameter, type and stats, deprecated. The parameters, src-port-mask and dst-port-mask, added. The action, to-port-set-nat|, is deprecated. The parameter, log-stats added. |
Version 2.5.3 |
The parameter, tcp-flags, added. The fields, UDF- and enable|disable hardware flows also added. |
Version 2.5.4 |
The parameter, burst-size auto, has added functionality. You can configure a burst-size number between 256B through 128MB. |
Version 2.6.0 |
The parameter table-name added. |
Version 2.6.2 |
The parameter dscp-map and cpu-class added. |
Version 3.0.0 |
The parameter dropped|no-dropped added. |
Version 5.0.0 |
The parameter if mgmt|data added. |
Version 5.1.0 |
The parameter packet-res added. |
Version 5.2.0 |
The parameters src-port-end and dst-port-end added |
Version 6.0.0 |
The parameter vrf added. |
Version 6.0.1 |
The parameters src-vpg, dst-vpg added. |
Version 6.1.0 |
The parameters bd, inner-vlan, inner-vlan-pri, internal-pri, dst-vpg-1, dst-vpg-2, transparency, flow-cb, phy-dst-port added. |
Usage Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command displays a running output of headers as they are directed to the switch CPU based on flow definitions specified for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic. The display output is stopped by pressing Control-C in the CLI.
Examples This example displays the packet headers as they are directed to the switch CPU based on one or several flow definitions created with the command vflow-create and the action set to copy-to-cpu:
CLI network-admin@switch > vflow-snoop
vflow-snoop
switch: 471aac, flow: 40, port: 25, size: 64
smac: 02:08:20:17:26:77, dmac: 1e:1e:1e:ac:f3:62, vlan: 55, etype: arp
switch: 471aac, flow: 40, port: 13, size: 68
smac: 00:0c:fc:00:b9:6e, dmac: ff:ff:ff:ff:ff:ff, vlan: 1, etype: arp
switch: 471aac, flow: 40, port: 15, size: 68
smac: 00:0c:fc:00:b6:71, dmac: ff:ff:ff:ff:ff:ff, vlan: 1, etype: arp