Configure Virtual Maps for VMware vCenter
To configure Virtual Maps on the virtual nodes for VMware, under VMware vCenter, go to Virtual Maps to view the Virtual Maps page.
Note: It is imperative that you create a tunnel prior to creating the maps. Verify that the tunnel is active by clicking Tunnel Validation. For information on how to create tunnels, refer to Configure Tunnel Endpoint.
This page allows you to configure maps that define the traffic to be monitored on the virtual network adapters on different virtual machines. Before configuring maps, you first need to set up the connection between the Fabric Manager and the Virtual Center.
The Virtual Maps page has controls that allow you to create virtual maps and manage the information that appears on the table. The controls are described in the following table.
Controls |
Description |
New |
Opens the Create Map dialog, allowing you to create a virtual map. (See Configure vMap for VMware |
Edit |
Opens the Edit Map dialog, allowing you to edit a virtual map. |
Delete |
Deletes the selected virtual map. |
Redeploy |
Redeploys the selected virtual map. |
Redeploy All |
Redeploys all of the virtual maps. |
Tunnel Validation |
Allows users to validate that an active tunnel exists between the GigaVUE-VM and IP interface on the Gigamon node. |
The fields displayed on the virtual maps page are defined in the following table.
Column Parameter | Description | |||||||||
Map Alias |
Alias for the virtual map that is unique and best if it describes the function of the vMap. |
|||||||||
Virtual Center |
Virtual Center where the GigaVUE-VM is deployed. |
|||||||||
Comments |
Brief description on the virtual map and its purpose. |
|||||||||
VM Name |
Name of the virtual machine that is using the virtual map. The virtual machines should belong to the virtual center listed in the 2nd column. |
|||||||||
Deployment Status |
Deployment status of the map. The three states and conditions leading to the states are:
Note: The quick view provides information under the status tab about what part of the deployment has failed. |
|||||||||
Traffic |
Traffic column provides the status of the GigaVUE-VM traffic. The two states are:
|
|||||||||
Tunnel Destination |
Destination IP of the node where the tunnel terminates including the tunnel source leader in a bidirectional clock relationship (formerly master) port and destination port. This information is pulled directly from the IP interface that is created on the node and is available in the tunnels library. |
When you select a map in the table, a quick view displays. The parameters covered in the quick view window are described in Table 3: Parameters Displayed in the Virtual Map Quick View. By clicking on Edit on the quick view, you can review or update these parameters.
Parameters |
Description |
Virtual Map Info |
The Virtual Center and Tunnel Destination information. |
Status |
The errors associated with the rule, if any. This will also list any issues that are preventing the deployment or traffic interruptions. |
VM Map Rules |
Map Rules defined for the virtual machine. |
Network Adapters Monitored |
Details relating to the vNIC. |
Configure vMap for VMware
To configure the vMap for VMware, do the following:
- Click New to open the configuration page, which is shown in the following figure.
- Enter an alias, comments (optional), and select the tunnel destination.
- Add a rule or rules to the vMap by clicking Add a Rule. You can define a rule based on the following:
- Rule Type:
- IPv4 Source
- IPv4 Destination
- IPv6 Source
- IPv6 Destination
- IPv6 Flow Label
- Protocol: TCP, UDP
- Port Source
- Port Destination
- MAC Source
- MAC Destination
- VLAN
Note: If no rules are added to the vMap, then the vMap acts as a ‘pass all’ where in all the traffic coming from the vNIC are passed through the filter.
- Traffic Flow:
- from vNIC
- to vNIC
Note: For Virtual Map rules, the bidirectional option is always selected because traffic is always monitored in both directions while From vNic and To vNic options specify the filter criteria. The rule specifies the following on the GigaVUE-VM: monitor traffic that is coming from the vNIC and that is IPv4 Source. Because traffic is also monitored in the other direction, an additional rule will be created on the GigaVUE-VM, reversing the rule filter criteria appropriately. This rule will specify: monitor traffic that is going to the vNIC and that is IPv4 Destination.
- Rule Type:
- Select a VM (Network Adapter) to associate with the vMap by clicking Virtual Machine Browser. This opens the Virtual Machine Browser where you can select the VM Network Adapter. Select the virtual center, data center, and optionally the cluster. Click Find to load the virtual machines. Select the virtual machine network adapter by selecting the checkbox to the left of the VM name.
- Click Save.
Note: The vMap deployment may occasionally fail with error messages related to failed port mirroring session or failed vDS configuration. This is due to an orphaned port mirror session on vDS that is being configured. Using VMware or web client, identify and delete the orphaned port mirror session (with the name gvn2_port number, where the referenced port number is not assigned to any interface) and redeploy the vMap.
vMap Rules and Notes
Keep in mind the following rules when working with vMaps:
-
Slicing can only be used together with other vMap rules. It cannot be used as the only criteria in a vMap.
-
While editing a vMap's "Slicing" value in the GigaVUE-FM Virtual Map page, the vMap slicing field is validated to ensure you enter valid values (from 64 to 9000).
-
After enabling slicing, you cannot disable it by editing the vMap; you must create a new vMap. You can edit the vMap later to adjust the Slicing offset values (within range); however, you cannot set them to an out-of-range value or disable Slicing after it has been enabled.
Create vMap using a vNIC on vSS
When creating a vMap using a vNIC on vSS to monitor traffic, there are no additional actions to perform. The following occurs:
- GigaVUE-VM automatically creates a port group called, GigaPG_<vswitch name> in order to monitor traffic.
- The port group is configured as Promiscuous mode with VLAN 4095.
- The port group is automatically deleted when deleting the vMap.