Commands and Parameters Applicable to vFlow Traffic

The vFlow feature includes several commands and keyword parameters to configure and monitor various vFlow actions. Some of the important commands and parameters are explained in this section.


  • To create a new vFlow object, use the command:


CLI (network-admin@switch-1) > vflow-create name <vflow-name> scope [local|fabric] {parameters}


  • To modify an existing vFlow object,


CLI (network-admin@switch-1) > vflow-modify name <vflow-name> {parameters}


  • To delete an existing vFlow object,


CLI (network-admin@switch-1) > vflow-delete name <vflow-name> 


  • To display existing vFlow objects,


CLI (network-admin@switch-1) > vflow-show {parameters}


The key parameters required to create a vFlow object are categorized as:


  • Scope (2)
    • local OR
    • fabric


  • Tables (4)
    • table-name Egress-Table-1-0
    • table-name System-L1-L4-Tun-1-0
    • table-name System-VCAP-table-1-0
    • table-name VCAP-IPv6-table-1-0


  • Match  Conditions: Specify one or more match conditions:
    • vlan
    • inner-vlan
    • vnet
    • bd < bridge-domain name>
    • in-port <port>
    • out-port <port>
    • ether-type <type>
    • src-mac <mac> src-mac-mask <mask>
    • dst-mac <mac> dst-mac-mask<mask>
    • src-ip <ip> src-ip-mask <mask>
    • dst-ip <ip> dst-ip-mask <mask>
    • src-port <port> proto <tcp|udp>
    • dst-port <port> proto <tcp|udp>
    • src-port <port> src-port-mask <mask>
    • dst-port <port> dst-port-mask <mask>
    • src-port <port> src-port-end <port>
    • dst-port <port> dst-port-end <port>
    • dscp-start <start value> dscp-end <end value>
    • tos-start <start value> tos-end <end value>
    • tos <tos>
    • src-vpg <name> dst-vpg <name>
    • bidir-vpg-1 <name> bidir-vpg-2 <name>
    • vlan-prio <802.1p priority>
    • inner-vlan-pri <priority>
    • vrf <name>
    • ttl <ttl>
    • proto <IP proto>
    • tcp-flags <tcp control flags>
    • ingress-tunnel <tunnel>
    • egress-tunnel <tunnel>
    • vrouter-name <vrouter>
    • mirror <mirror-name>
    • packet-log-max <1..50G>
    • metadata <number>
    • vxlan <vxlan-id>
    • vxlan-ether-type <ether-type for VXLAN>
    • stp-state <state>
    • packet-res <packet resolution in ASIC>
    • fwding-type <vlan|vxlan>
    • udf-name1 <name> udf-data1 <data> udf-data1-mask <mask>
    • udf-name2 <name> udf-data2 <data> udf-data2-mask <mask>
    • udf-name3 <name> udf-data3 <data> udf-data3-mask <mask>
    • if <mgmt|data>
    • description <description-string>


Note: 

  • From Netvisor ONE 6.1.0 onward, the parameters src-mac and dst-mac are supported in the System-VCAP table in addition to the System-L1-L4 table. This enhancement allows you to use these parameters while configuring the Network Packet Broker (NPB) solution.
  • Netvisor ONE version 6.1.0 introduces the inner-vlan parameter to support filtering of traffic based on the inner VLAN of a QinQ frame. This parameter is supported by the System-L1-L4 hardware table and can be configured as part of NPB deployments. You can set a metadata value for the NPB vFlow in System-VCAP table, and this value can be supplied along with inner-vlan parameter in another vFlow for filtration of NPB traffic based on inner VLAN ID.


  • Special Actions
    • burst-size <size>
    • precedence <IP precedence>
    • process-mirror|no-process-mirror
    • log-stats|no-log-stats
    • from-tunnel-decap|no-from-tunnel-decap
    • log-stats stats-interval <sec> dur <sec>
    • set-src <ip> set-src-port <port>
    • set-dst <ip> set-dst-port <port>
    • dropped|no-dropped
    • log-stats|no-log-stats
    • transient|no-transient
    • enable|no-enable
    • transparency <enable|disable>
    • flow-cb default-cb|arp-cb|bcast-cb|igmp-cb|pim-cb|dhcp-cb|dhcpv6-cb|dmac-miss-cb|l2-miss-cb|no-cb


  • Specific Actions with Action Keyword
    • action none
    • action drop
    • action to-port action-to-ports-value <port>
    • action to-cpu
    • action trap
    • action copy-to-cpu
    • action copy-to-port
    • action check
    • action setvlan action-value <vlan>
    • action add-outer-vlan
    • action set-tpid
    • action to-port-set-vlan
    • action tunnel-pkt
    • action set-tunnel-id
    • action to-span
    • action cpu-rx
    • action cpu-rx-tx
    • action set-metadata
    • action set-dscp
    • action decap
    • action set-dmac
    • action to-next-hop-ip action-to-next-hop-ip-value <next-hop-ip>
    • action set-dmac-to-port
    • action to-ports-and-cpu
    • action set-vlan-pri
    • action tcp-seq-offset
    • action tcp-ack-offset
    • action l3-to-cpu-switch
    • action set-smac
    • action drop-cancel-trap
    • action to-ecmp-group action-to-ecmp-group-value <ecmp-group>
    • action to-vp
    • action set-svp action-set-svp-value <svp>
    • action redirect-to-vrouter
    • action-value
    • action strip-outer-vlan
    • action cancel-switch-to-cpu


  • Flow Class
    • flow-class meter
    • flow-class guaranteed_bw
    • flow-class lossless
    • flow-class class0
    • flow-class class1
    • flow-class class2
    • flow-class class3
    • flow-class class4
    • flow-class class5
    • flow-class class6
    • flow-class class7
    • flow-class class8
    • flow-class control
    • flow-class control2
    • flow-class control3


Note: The flow classes control2 and control3 are available only on NRU01, NRU02, NRU03, and NRU03-SFF platforms.


  • Bandwidth parameters
    • bw-min <min>
    • bw-max <max>


north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south