Configuring Virtual Port Group State Tracking
Starting from release 7.0.1, NetVisor OS leverages a BFD-based state tracking logic to support mirroring the port state across VXLAN connections for interconnected virtual Port Group (vPG). BFD is used automatically when the connection is established and so does not require any additional configuration. This logic is shared with vLE.
Note: The vPG state tracking is supported only with bidirectional point-to-point vPG.
When configuring vSGs, state tracking can be enabled when creating new vFlow policies using the vflow-create command, or by using the vflow-modify command on existing policies.
A new tracking configuration parameter has been added to enable or disable vPG state tracking. A new tracking-status column shows the vFlow-related state of the vPGs, which can be one of the following values:
- up: the ports of both the local and remote vPGs of the vFlow are up.
- local-down: the port of the local vPG is down.
- remote-down: the port of the remote vPG is down.
- down: from the perspective of a node on which neither of the vPGs are local, it means that the ports of both vPGs are down.
- disabled: state tracking is disabled for a vFlow entry.
- unknown: the status could not be determined (which is possible during corner cases, for example due to errors).
For instance, the unknown status may be displayed when vflow-show is executed on a switch that is not a vPG state tracking endpoint and there is a communication error. Or when a user executes the vpg-port-remove command on a vPG that is being tracked: in such case, the status will be unknown until a port is added back.
Tracking is disabled by default. When in disable state, the tracking-status column shows disabled.
You can enable state tracking during vFlow creation like so:
CLI (network-admin@switch) > vflow-create name bivf scope fabric bidir-vpg-1 bi1 bidir-vpg-2 bi2 tracking enable
Then you can show the administrative and operational statuses like so:
CLI (network-admin@switch) > vflow-show format type,in-port,bidir-vpg-1,bidir-vpg-2,tracking,tracking-status,enable,table-name
name type in-port bidir-vpg-1 bidir-vpg-2 tracking tracking-status enable table-name
---- ----- ------- ----------- ----------- -------- --------------- ------ ---------------------
bivf vflow 25 bi1 bi2 enable up enable System-VCAP-table-1-0
You can enable/disable state tracking during vFlow modification like so:
CLI (network-admin@switch) > vflow-create name bivf scope fabric bidir-vpg-1 bi1 bidir-vpg-2 bi2
CLI (network-admin@switch) > vflow-modify name bivf tracking enable
CLI (network-admin@switch) > vflow-show format type,in-port,bidir-vpg-1,bidir-vpg-2,tracking,tracking-status,enable,table-name
name type in-port bidir-vpg-1 bidir-vpg-2 tracking tracking-status enable table-name
---- ----- ------- ----------- ----------- -------- --------------- ------ ---------------------
bivf vflow 25 bi1 bi2 enable up enable System-VCAP-table-1-0
CLI (network-admin@switch) > vflow-modify name bivf tracking disable
CLI (network-admin@switch) > vflow-show format type,in-port,bidir-vpg-1,bidir-vpg-2,tracking,tracking-status,enable,table-name
name type in-port bidir-vpg-1 bidir-vpg-2 tracking tracking-status enable table-name
---- ----- ------- ----------- ----------- -------- --------------- ------ ---------------------
bivf vflow 25 bi1 bi2 disable disabled enable System-VCAP-table-1-0
Below is a complete example of the behavior for the state tracking feature along with the port state changes:
a) The first configuration step is vPG creation with type bidirectional on two nodes (local and remote):
CLI (network-admin@switch2) > vpg-create name bi1 type bidirectional ports 25
CLI (network-admin@switch1) > vpg-create name bi2 type bidirectional ports 25
b) The subsequent configuration step is vFlow creation:
CLI (network-admin@switch2) > vflow-create name bivf scope fabric bidir-vpg-1 bi1 bidir-vpg-2 bi2 tracking enable
CLI (network-admin@switch2) > vflow-show format type,in-port,bidir-vpg-1,bidir-vpg-2,tracking,tracking-status,enable,table-name
name type in-port bidir-vpg-1 bidir-vpg-2 tracking tracking-status enable table-name
---- ----- ------- ----------- ----------- -------- --------------- ------ ---------------------
bivf vflow 25 bi1 bi2 enable up enable System-VCAP-table-1-0
CLI (network-admin@switch2) > switch-local port-show port 25
switch port status config
------- ---- -------------------- ------
switch2 25 up,host,LLDP,vlan-up fd,10g
CLI (network-admin@switch1) > switch-local port-show port 25
switch port status config
------- ---- -------------------- ------
switch1 25 up,host,LLDP,vlan-up fd,10g
c) When disabling the local vPG port, the remote port goes to vbt-wait state and on the local node the vFlow entry shows the tracking status to be local-down:
CLI (network-admin@switch2) > port-config-modify port 25 disable
CLI (network-admin@switch2) > switch-local port-show port 25
switch port status config
------- ---- -------- ------
switch2 25 disabled 10g
CLI (network-admin@switch2) > vflow-show format type,in-port,bidir-vpg-1,bidir-vpg-2,tracking,tracking-status,enable,table-name
name type in-port bidir-vpg-1 bidir-vpg-2 tracking tracking-status enable table-name
---- ----- ------- ----------- ----------- -------- --------------- ------ ---------------------
bivf vflow 25 bi1 bi2 enable local-down enable System-VCAP-table-1-0
Meanwhile, at the remote end:
CLI (network-admin@switch1) > switch-local port-show port 25
switch port status config
------- ---- ----------------- ------
switch1 25 disabled,vbt-wait 10g
d) After re-enabling the local port, the remote port comes out of vbt-wait state and the vFlow entry shows the tracking status to be up:
CLI (network-admin@switch2) > port-config-modify port 25 enable
CLI (network-admin@switch2) > switch-local port-show port 25
switch port status config
------- ---- -------------------- ------
switch2 25 up,host,LLDP,vlan-up fd,10g
CLI (network-admin@switch2) > vflow-show format type,in-port,bidir-vpg-1,bidir-vpg-2,tracking,tracking-status,enable,table-name
name type in-port bidir-vpg-1 bidir-vpg-2 tracking tracking-status enable table-name
---- ----- ------- ----------- ----------- -------- --------------- ------ ---------------------
bivf vflow 25 bi1 bi2 enable up enable System-VCAP-table-1-0
Meanwhile, at the remote end the port is back up:
CLI (network-admin@switch1) > switch-local port-show port 25
switch port status config
------- ---- -------------------- ------
switch1 25 up,host,LLDP,vlan-up fd,10g