Refreshing vFlow Level Statistics for Long-lived Connections
Prior to Netvisor ONE 5.1.1 release, the connection analytics displayed the connection statistics ( incoming bytes, outgoing bytes, total bytes, and the age of the connection) only after the connection is completed, which worked well for short-timed connections. However, for long-lived TCP connections, the connection statistics was unreliable. This was due to the fact that the parameters involved were calculated with reference to the TCP sequence numbers, which, for a long-lived connection, always wrapped around.
To eliminate inaccuracies in long-lived TCP connection statistics, the TCP data packets with sequence numbers that are about to wrap around are sent to the CPU. This is implemented by defining a new vflow rule (policy). Netvisor ONE provides an option to enable this functionality through the vflow-settings-modify command. When the feature is active, the connection-stats-show and connection-show commands show accurate outputs for long-lived TCP connections.
Note:
- To enable long-lived TCP connection statistics, you must first enable the user-defined-flow knob.
- Disable vxlan-analytics before enabling the long-lived TCP connection statistics knob.
- You cannot enable long-lived TCP connection statistics knob if the inflight-vxlan-analytics is enabled or vice-versa.
Note: You must restart nvOSd when you enable or disable the long-lived TCP connection statistics knob.
Use the vflow-settings-modify command to enable long-lived TCP connection statistics:
CLI (network-admin@switch) > vflow-settings-modify
|
vflow-settings-modify |
Use this command to update a user vflow setting. |
|
Specify one or more of the following options: |
|
|
enable-user-defined-flow|no-enable-user-defined-flow |
Specify to enable or disable the user defined flows. Note: You must enable the user-defined-flow before enabling the longlived tcp connection statistics. |
|
vxlan-analytics|no-vxlan-analytics |
Specify to enable or disable VXLAN analytics. Note: You must disable VXLAN analytics before enabling the longlived tcp connection |
|
inflight-vxlan-analytics|no-inflight-vxlan-analytics |
Specify to enable or disable the inflight VXLAN analytics. Note: You must disable inflight VXLAN analytics before enabling the longlived tcp connection. |
|
longlived-tcp-conn-stats|no-longlived-tcp-conn-stats |
Specify to enable or disable the long-lived TCP connection statistics. |
For example, to enable the long-lived TCP connection statistics, use the commands below:
CLI (network-admin@Leaf1) > vflow-settings-modify enable-user-defined-flow
CLI (network-admin@Leaf1) > vflow-settings-modify no-vxlan-analytics no-inflight-vxlan-analytics
CLI (network-admin@Leaf1) > vflow-settings-modify longlived-tcp-conn-stats
To view the user vflow settings, use the command vflow-settings-show. For example, after enabling long-lived TCP connection statistics, the typical output would be:
CLI (network-admin@Leaf1) > vflow-settings-show
enable-user-defined-flow: on
vxlan-analytics: off
inflight-vxlan-analytics: off
longlived-tcp-conn-stats: on
To view the connection statistics, use the show commands:
CLI (network-admin@Leaf1) > connection-stats-show
vlan ip port iconns oconns ibytes obytes total-bytes
---- ------------ ---- --------- ------ ------ ------ -----------
100 132.10.3.152 32 402617119 813G 809G 1.58T
100 132.10.3.113 32 402439803 822G 818G 1.60T
100 132.10.3.191 32 402379008 828G 822G 1.61T
100 132.10.3.160 32 402531295 828G 824G 1.61T
100 132.10.3.147 32 402620992 833G 829G 1.62T
100 132.10.3.131 32 402466573 840G 836G 1.64T
CLI (network-admin@Leaf1) > connection-show
vlan src-ip dst-ip dst-port cur-state latency obytes ibytes total-bytes age
---- ---------- ------------ -------- --------- ------- ------ ------ ----------- ---
100 132.10.3.2 132.10.3.127 http fin 67.9us 198 188 386 1s
100 132.10.3.2 132.10.3.186 http fin 62.3us 198 188 386 1s
100 132.10.3.2 132.10.3.153 http fin 511us 198 188 386 1s
100 132.10.3.2 132.10.3.205 http fin 66.4us 198 188 386 1s
100 132.10.3.1 132.10.3.160 http fin 305us 198 188 386 1s