vflow-create

Use this command to create a flow definition for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic.

Syntax   vflow-create

name name-string

Specify the flow name.

scope local|fabric

Specify the scope for the flow.

Specify any of the following options:

vnet vnet-name

Specify the virtual network (vNET) for the flow.

bd bridge-domain name

Specify the bridge domain for the vFlow.

vlan 0..4095

Specify the VLAN identifier for the flow. The value ranges between 0-4095.

inner-vlan 0..4095

Specify the inner VLAN ID of the QinQ frame.

in-port port-list

Specify the ingress (input) port for the flow.

out-port port-list

Specify the egress (output) port for the flow.

ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi|jumbo|   dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old

Specify the EtherType for the flow.

src-mac mac-address

Specify the source MAC address for the flow .

src-mac-mask mac-address

Specify the source MAC address wildcard mask for the flow.

dst-mac mac-address

Specify the destination MAC address for the flow.

dst-mac-mask mac-address

Specify the destination MAC address wildcard mask for the flow.

src-ip ip-address

Specify the IP address of the source for the flow.

src-ip-mask ip-address

Specify the source IP address wildcard mask for the flow.

dst-ip ip-address

Specify the destination IP address for the flow.

dst-ip-mask ip-address

Specify the destination IP address wildcard mask for the flow.

src-port src-port-number

Specify the Layer 3 protocol source port for the flow.

src-port-end src-port-end-number

Specify the ending port for a range of source ports.

src-port-mask src-port-mask-number 

Specify the source port mask.

dst-port dst-port-number

Specify the Layer 3 protocol destination port for the flow.

dst-port-end dst-port-end-number 

Specify the ending port for a range of destination ports.

dst-port-mask dst-port-mask-number

Specify the destination port mask.

dscp-start number

Specify the starting DSCP number. This is a value between 0, and 63.

dscp-end number

Specify the ending DSCP number. This is a value between 0, and 63.

dscp dscp-number

Specify the 6-bit Differentiated Services Code Point (DSCP) of the flow.

dscp-map dscp-map name|none

Specify the DSCP map to apply on the flow. Please reapply if map priorities are updated.

tos-start tos-start-number

Specify the starting ToS number.

tos-end tos-end-number

Specify the ending ToS number.

tos tos-number 

Specify the Type of Service (ToS) number for the flow.

dropped|no-dropped

Specify if the vFlow matches a dropped packet or forwards the packet.

vlan-pri number

Specify the priority for the VLAN. This is a value between 0 (lowest), and 7 (highest).

inner-vlan-pri number

Specify the priority for the inner VLAN. This is a value between 0 (lowest), and 7 (highest).

internal-pri 0..7

Specify the internal priority as a value between 0, and 7.

vrf vrf-name

Specify the name of the VRF.

ttl ttl-number

Specify the time to live in seconds.

proto tcp|udp|icmp|igmp|ip|icmpv6

Specify the Layer 3 protocol for the flow.

tcp-flags fin|syn|rst|push|ack|urg|ece|cwr

Specify the TCP flags to filter a vFlow.

flow-class vflow-class name

Specify the vflow class.

ingress-tunnel tunnel-name

Name of the ingress tunnel.

egress-tunnel tunnel name

Specify the name of the egress tunnel.

bw-min bw-min-number

Specify the minimum bandwidth in Gbps for the vFlow. This is a range from 0 to 40Gbps.

bw-max bw-max-number

Specify the maximum bandwidth in Gbps for the vFlow. This is a range from 0 to 40Gbps.

burst-size auto

Specify the burst size. This parameter auto-calculates the burst size based on the maximum bandwidth settings for the vFlow. You can also configure a burst-size number between 256B through 128MB.

vrouter-name vrouter name

Specify the vRouter name if you are configuring Policy-based Routing (PBR). You should not use this parameter unless you are configuring PBR.

precedence default|0..15

Specify the traffic priority for the flow (between 0, and 15)

action none|drop|to-port|to-cpu|trap|copy-to-cpu|copy-to-port|setvlan|add-outer-vlan|set-tpid|to-port-set-vlan|to-span|set-metadata|set-dscp|set-dmac|to-next-hop-ip|set-dmac-to-port|to-ports-and-cpu|set-vlan-pri|set-smac|drop-cancel-trap|to-ecmp-group|redirect-to-vrouter|strip-outer-vlan|cancel-switch-to-cpu

Specify the forwarding action to apply to the flow.

action-value number

Specify an optional value argument for the forwarding action above (for example, a switch port number to forward the packet to). This is a value between 1, and 64.

action-set-mac-value mac-address

Specify a MAC address to apply the action.

action-set-svp-value svp-value

Specify the SVP value.

action-to-next-hop-ip-value ip-address

Specify the next-hop IP address for packet redirection.

action-to-ecmp-group-value static-ecmp-group group-name

Specify the ECMP group for packet redirection.

action-to-ports-value port-list

Specify a port list to apply the action.

mirror mirror-name

Specify the name of the mirror configuration.

process-mirror|no-process-mirror

Specify to process mirrored traffic for the vflow.

packet-log-max packet-log-max-number

Specify the maximum packet count for log rotation in the flow.

log-stats|no-log-stats

Specify if you want to log statistics or not.

stats-interval seconds

Specify the interval to update packet statistics for the log (in seconds). This is a value between 1, and 604800.

dur dur-number

Specify the minimum duration required for the flow to be captured (in seconds).

metadata metadata-number

Specify a metadata number for the flow.

transient|no-transient

Specify whether to capture transient flows.

vxlan vxlan-name

Specify the name of the VXLAN.

vxlan-ether-type ipv4|arp|wake|rarp|vlan|ipv6|lacp|mpls-uni|mpls-multi|   jumbo|dot1X|aoe|qinq|lldp|macsec|ecp|ptp|fcoe|fcoe-init|qinq-old

Specify the type of VXLAN.

from-tunnel-decap|no-from-tunnel-decap

Specify if you want to include tunnel terminated VXLAN packets.

stp-state Disabled|Discarding|Learning|Forwarding packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast

Specify the STP state.

packet-res l2-unicast|l2-unknown-unicast|l2-multicast|l2-unknown-multicast|l2-broadcast

Specify the packet resolution in ASIC.

fwding-type vlan|vxlan|vle

Specify the ASIC forwarding type.

set-src ip-address

Specify the source IP address of IPv4 packets.

set-dst ip-address

Specify the destination IP address of IPv4 packets.

set-src-port set-src-port-number

Specify the source port of IPv4 packets.

set-dst-port set-dst-port-number

Specify the destination port of IPv4 packets.

src-vpg vpg-name

Specify the source vPG name for Network Packet Broker (NPB) configuration.

dst-vpg vpg-name

Specify the destination vPG name for Network Packet Broker (NPB) configuration.

bidir-vpg-1 vpg name

Specify the name of the first bidirectional vPG for NPB configuration.

bidir-vpg-2 vpg name

Specify the name of the second bidirectional vPG for NPB configuration.

transparency enable|disable

Specify if you want to enable or disable protocol transparency.

udf-name1 udf name

Specify the User-Defined Field name.

udf-data1 udf-data1-number

Specify the User-Defined Field data.

udf-data1-mask udf-data1-mask-number

Specify the mask for the User-Defined Field data.

udf-name2 udf name

Specify the User-Defined Field name.

udf-data2 udf-data2-number

Specify the User-Defined Field data.

udf-data2-mask udf-data2-mask-number

Specify the mask for the User-Defined Field data.

udf-name3 udf name

Specify the User-Defined Field name.

udf-data3 udf-data3-number

Specify the User-Defined Field data.

udf-data3-mask udf-data3-mask-number

Specify the mask for the User-Defined Field data.

enable|no-enable

Specify if you want to enable or disable flows in hardware.

table-name vflow-table name

Specify a table name from the following list:

  • Egress-Table-1-0
  • System-L1-L4-Tun-1-0
  • System-VCAP-table-1-0
  • VCAP-IPv6-table-1-0


The following actions are supported for this parameter:

  • InnerVlan
  • OuterVlan
  • Dscp
  • Vxlan
  • Drop
  • VlanPri

flow-cb default-cb|arp-cb|bcast-cb|igmp-cb|pim-cb|dhcp-cb|dhcpv6-cb|dmac-miss-cb|l2-miss-cb|no-cb

CPU to process, vFlow callback function.

cpu-class cpu-class name

Specify the CPU class name.

description description-string

Specify a vFlow description.

if mgmt|data

Specify the administrative service interface.

phy-dst-port phy-dst-port-number

Specify the packet destination port for the vFlow.


Defaults   None.

Access   CLI

History   

Version 1.2

Command introduced.

Version 2.1

The parameter type is deprecated. The option cluster for scope is deprecated. The option meter for action is deprecated. The parameters mirror|no mirror, and process-mirror|no-process-mirror added.

Version 2.2.3

The parameters dscp-start, dscp-end, tos-start, tos-end, vlan-pri, and ttl added.

Version 2.2.5

The parameters set-dscp|to-ports-and-cpu|set-vlan-pri| set-dmac|set-dmac-to-port, action-set-mac-value, and action-to-ports-value added. The parameter mirror added. The parameter mirror|no-mirror changed to process-mirror|no-process-mirror.

Version 2.3

The parameters set-src, set-dst, set-src-port, and set-dst-port added.

Version 2.3.1

The parameter table added.

Version 2.4

The parameter type, and stats, deprecated. The parameters src-port-mask, and dst-port-mask added. The action to-port-set-nat| is deprecated. The parameter log-stats added.

Version 2.5.3

The parameter tcp-flags added. The fields, UDF-, and enable|disable hardware flows also added.

Version 2.5.4

The parameter burst-size auto has added functionality. User can configure a burst-size number between 256B through 128MB.

Version 2.6.0

The parameter table-name added.

Version 2.6.2

The parameter dscp-map and cpu-class added.

Version 3.0.0

The parameter dropped|no-dropped added.

Version 5.0.0

The parameter  if mgmt|data added.

Version 5.1.0

The parameter packet-res added.

Version 5.2.0

The parameters src-port-end, and dst-port-end added

Version 6.0.0

The parameter vrf added.

Version 6.0.1

The parameters src-vpg, and dst-vpg added.

Version 6.1.0

The parameters bd, inner-vlan, inner-vlan-pri, internal-pri, dst-vpg-1, dst-vpg-2, transparency, flow-cb, phy-dst-port added.

Version 7.0.0

The option strip-outer-vlan added to parameter action.

Version 7.0.1

The options check, tunnel-pkt, cpu, set-tunnel-id, cpu-rx, cpu-rx-tx, decap, tcp-seq-offset, tcp-ack-offset, and l3-to-cpu-switch for parameter action are deprecated.

The parameter vxlan-proto is deprecated. 

Usage   Each fabric, cluster, standalone switch, or virtual network can track application flow statistics. This command initiates flow statistics capture for Layer 2 Ethernet or Layer 3 Internet Protocol (IP) packet traffic that matches defined characteristics.

Examples  

  • This example shows how to initiate statistcs for a flow named flow1 defined as the Internet Protocol (IP) traffic on VLAN 4091 within the local switch.

CLI (network-admin@switch) > vflow-create name flow1 scope local vlan 4091

  • This example shows how to initiate statistics for a flow, flow2, defined as the fabric-wide Internet Protocol (IP) traffic sourced by the host with IP address 172.168.18.2 classified as dropless.

CLI (network-admin@switch) > vflow-create name flow2 scope fabric src-ip 172.168.18.2 class dropless stats enable

  • This example shows how to initiate statistics for a flow flow3 defined as the Internet Protocol (IP)

traffic on VLAN 99 destined for the host with IP address 172.168.24.1 within the local switch. An action is specified to drop all traffic matching these flow attributes.

CLI (network-admin@switch) > vflow-create name flow3 scope local vlan 99 dst-ip 172.168.24.1 action drop stats enable

  • This example, shows how to create a vFlow with a burst size of 12MB. This is useful because different burst-sizes can be used for different types of metered traffic. For example, if a metered application produces bursty traffic patterns, such as clicking on a Web page link redirecting you to a media-rich page, you can now configure higher burst levels than the pre-calculated default burst levels.

CLI (network-admin@switch) > vflow-create name flow1 scope local in-port 12 bw-max 5G burst-size 12M

north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south