TCP Tunnel between GigaVUE-VM and GigaVUE HC Series Nodes
TCP tunnel feature routes the mirrored traffic from GigaVUE-VM to remote GigaVUE HC Series nodes reliably and without any reorder issues. TCP tunnel encapsulation is supported in the GigaVUE-VM node and the TCP tunnel decapsulation is supported in the GigaVUE HC Series node. Tunnel decapsulation can terminate more than one TCP connection initiated by the GigaVUE-VM node.
The following are the steps to configure TCP tunnel between GigaVUE-VM and GigaVUE HC Series Nodes:
- Configure GigaVUE-VM For Encapsulation
- Configure vMap for VMware
- Configure HC Series Nodes for Decapsulation
Create TCP Tunnel in GigaVUE-VM
The section provides the steps for creating a GigaVUE-VM tunnel to a GigaSMART device from a virtual environment. Before you create the tunnel refer to the following sections in this guide:
- How to Use GigaVUE-VM vCenter Management
- Set up Connection between GigaVUE‑FM and Virtual Center
- Bulk Deploy GigaVUE-VM Nodes in Standalone or Cluster
To create a tunnel:
- From the left navigation pane, select Inventory > VIRTUAL > VMware > vCenter > Management. The Management page appears.
- In the Tunnels Library tab, select Add. The Add Tunnel Endpoint(wu) page appears.
- In the Add Tunnel Endpoint(wu), select Other.
- For Type, select GTCP and specify the following:
- Destination Tunnel IP
- Tunnel Destination Port
- Tunnel Source Port
- Select the DSCP value. This is optional.
- Enable Fragmentation to allow GigaVUE-VM to fragment large packets. This is optional.
- Click OK.
Configure Virtual Maps for VMware VCenter
To configure the virtual maps for VMWare VCenter, refer to the following section in this guide:
Configure Virtual Maps for VMware vCenter
Configure GigaVUE HC Series Devices for Decapsulation through CLI
To configure GigaVUE HC series devices for decapsulation:
- Create a GigaSMART Group with the required engine.
gsgroup alias gsgrp1 port-list 1/1/e1
- Create an IP interface and attach the required network port. Add GigaSMART group to the IP interface.
- Create a listener with type tunnel and l4 protocol tcp.
- Create a tunnel-decap gsop with type tcp and add listener to the GSOP.
gsop alias decap_gsop tunnel-decap type tcp add lis1 port-list gsgrp1
- Designate the port connected to tool as tool-port.
port 1/1/x7 type tool
- Create a map with the above IP interface port as from port and tool connected port as tool port.
- Use the above GSOP in the map.
- Use map rules with base L4 port of listener as the portdst and source leader in a bidirectional clock relationship (formerly master) L4 port of the GVM as portsrc.
ip interface alias ip1
attach 1/1/g1
ip address 2.2.2.3 /24
gw 2.2.2.5
gsgroup add gsgrp1
exit
apps listener alias lis1
type tunnel
l4 port-list 3456
l4 protocol tcp
l3 protocol ipv4
l3 ttl 64
l3 dscp 0
mode l3 interface
exit
map alias decap
type regular byRule
roles replace admin to owner_roles
use gsop decap_gsop
rule add pass ipver 4 portdst 3456 portsrc 12346
to 1/1/x7
from 1/1/g1
exit
Configure GigaVUE HC Series Devices for Decapsulation through GigaVUE‑FM
- Configure the GigaSMART engine group.
- Configure the IP interface on network port.
- Validate the ARP state.
- Configure the listener profile.
Note: From your Physical Node Overview page, select GigaSMART > TCP/IP Host > Listeners to reach the Listener page.
- Configure the GigaSMART operation..
- Configure the Map as shown in the image.
Supported Devices
TCP tunnel decapsulation is supported in the following devices:
- GigaVUE‑HC1
- GigaVUE‑HC2
- GigaVUE‑HC3
Limitations
The following are the limitation of the TCP tunnel decapsulation feature:
- On tunnel decap IP interface, MTU value should not be more than 1500.
- Only IPv4 is supported.
- GigaSMART engine grouping is not supported.
- TCP tunnel feature should not co-exist with GTP or iSSL.