Configure G-vTAP Controllers

A G-vTAP Controller manages multiple G-vTAP Agents and orchestrates the flow of mirrored traffic to GigaVUE V Series nodes.

Note:  A single G-vTAP Controller can manage up to 1000 G-vTAP Agents. The recommended minimum instance type is Standard_B1s for G-vTAP Controller.

A G-vTAP Controller can only manage G-vTAP Agents that has the same version. For example, the G-vTAP Controller v1.7 can only manage G-vTAP Agents v1.7. So, if you have G-vTAP Agents v1.6 still deployed in the VM machines, you must configure both G-vTAP Controller v1.7 and v1.6.

While configuring the G-vTAP Controllers, you can also specify the tunnel type to be used for carrying the mirrored traffic from the G-vTAP Agents to the GigaVUE V Series nodes. The tunnel type must be VXLAN.

To configure the G-vTAP Controllers:

  1. From the left navigation pane, select Inventory > VIRTUAL > Azure > Configuration. The Configuration page appears.
  2. Under G-vTAP Controllers tab, click New. The G-vTAP Configuration page is displayed.
  3. Enter or select the appropriate information as described in the following table.

    Fields

    Description

    Connection

    The name of the Azure connection.

    Note:  For shared controller configuration, you must select the required connection for configuring the G-vTAP Controller. Peering must be active in the selected connection to allow the rest of the connections containing the V-series nodes to be monitored.

    Authentication Type

    Enter the password or SSH Key.

    SSH Public Key

    Paste in the SSH public key.

    Resource Group

    Select Create New or Use Existing. To use Existing, select the existing resource group you wish to use.

    Disk Type

    SSD or HDD (SSD is the default and recommended disk type)

    Controller Version(s)

    The G-vTAP Controller version you configure must always be the same as the G-vTAP Agents’ version number deployed in the VM machines. This is because the G-vTAP Controller v1.7 can only manage G-vTAP Agents v1.7. Similarly, the G-vTAP Controller v1.6 can only manage G-vTAP Agents v1.6.

    If there are multiple versions of G-vTAP Agents deployed in the VM machines, then you must configure multiple versions of G-vTAP Controllers that matches the version numbers of the G-vTAP Agents.

    Note:  If there is a version mismatch between G-vTAP controllers and G-vTAP Agents, GigaVUE-FM cannot detect the agents in the instances.

    To add multiple versions of G-vTAP Controllers:

    a. Under Controller Versions, click Add.
    b. From the Image drop-down list, select a G-vTAP Controller image that matches with the version number of G-vTAP Agents installed in the instances.
    c. From the Size down-down list, select a size for the G-vTAP Controller. The default size is Standard_B1s.
    d. In Number of Instances, specify the number of G-vTAP Controllers to launch. The minimum number you can specify is 1.

    Controller Version(s)

    (continued)

    An older version of G-vTAP Controller can be deleted once all the G-vTAP Agents are upgraded to the latest version.

    To delete a specific version of G-vTAP Controller, click x (delete) next to its G-vTAP Controller image.

    Once you delete a G-vTAP Controller image from the G-vTAP Configuration page, all the G-vTAP Controller instances of that version are deleted from Azure.

    Management Subnet

    Subnet: The subnet that is used for communication between the G-vTAP Controllers and the G-vTAP Agents, as well as to communicate with GigaVUE-FM.

    This is a required field. Every fabric node (both controllers and the nodes) need a way to talk to each other and FM. So they should share at least one management plane/subnet.

    Network Security Groups: The security group created for the G-vTAP Controller. For example, sg_gvtap-controller. For more information, refer to Network Security Groups.

    Accelerated Networking: If you select this option, GigaVUE-FM will filter out the supported VM sizes in the list to choose from.

    Note:  Some instance types are supported in Azure platform. Refer to Microsoft documentation to learn on supported instance types.

    Additional Subnet(s)

    (Optional) If there are G-vTAP Agents on subnets that are not IP routable from the management subnet, additional subnets must be specified so that the G-vTAP Controller can communicate with all the G-vTAP Agents.

    Click Add to specify additional data subnets, if needed. Also, make sure that you specify a list of security groups for each additional subnet.

    Tag(s)

    (Optional) The key name and value that helps to identify the G-vTAP Controller instances in your Azure environment. For example, you might have G-vTAP Controllers deployed in many regions. To distinguish these G-vTAP Controllers based on the regions, you can provide a name that is easy to identify such as us-west-2-gvtap-controllers. To add a tag:

    a. Click Add.
    b. In the Key field, enter the key. For example, enter Name.
    c. In the Value field, enter the key value. For example, us-west-2-gvtap-controllers.

    Use Public IP

    The IP address type. Select one of the following:

    ■  Select Private if you want to assign an IP address that is not reachable over Internet. You can use private IP address for communication between the G-vTAP Controller instances and GigaVUE-FM instances in the same network.
    ■  Select Public if you want the IP address to be assigned from Azure’s pool of public IP address. The public IP address gets changed every time the instance is stopped and restarted.

    Agent Tunnel Type

    The type of tunnel used for sending the traffic from G-vTAP Agents to GigaVUE V Series nodes. Azure only supports VXLAN tunneling.

    G-vTAP Agent MTU (Maximum Transmission Unit)

    The Maximum Transmission Unit (MTU) is the maximum size of each packet that the tunnel endpoint can carry from the G-vTAP Agent to the GigaVUE V Series node.

    For VXLAN, the default value is 1450. The G-vTAP Agent tunnel MTU should be 50 bytes less than the agent's destination interface MTU size.

    If Secure Mirror Traffic option is enabled, then to minimize fragmentation you must configure MTU value for G-vTAP Agent with agent tunnel type VXLAN:

    ■  If secure tunnel is enabled, MTU must be set as 1397
    ■  If secure tunnel is not enabled, MTU must be set as 1450.

    Note:  For Azure, platform MTU is 1500.

     

  4. Click Save.

To view the G-vTAP Controllers connection status, click Visibility Fabric > G-vTAP Controllers.

The G-vTAP Controller instance takes a few minutes to fully initialize. After the initialization is complete, the connection status is displayed as OK. The G-vTAP Controller launch is displayed as an event in the Cloud > Events page.

The G-vTAP Controller configured in your VNet is displayed in the Virtual Machines page of your Azure portal.