Managing Maps

This section provides the basic steps for doing the following tasks:

Map Aliases
Create a New Map
Clone Map
Edit Maps
Delete Maps
Create Map Groups

It also includes information about the following:

About Comments to Map Rules
How to Use the Quick Editor for Pass and Drop Rules

Map Aliases

A map alias specifies the name of the map. The alias must be unique and can contain up to 128 alphanumeric characters. Aliases are case-sensitive.

Most special characters are supported in map aliases. However, map aliases that are only one period (.) or two periods (..) should not be created. These aliases cannot be accessed for editing.

Create a New Map

The following are the steps for creating a map:

1.   Check the status of the nodes and ports that you plan to use with the map.

For information about how to check the status of the nodes and ports, refer to Status of Line Cards/Nodes and Ports.

2. From the device view, go to Maps > Maps > Maps to open the Maps page.
3. Click New.
4. Enter the Map Information:
a. Enter an alias for the map.

Use an alias that helps identify the task and destination. For example netflix_traffic_to_wireshark.

b. (Optional) Enter a comment about the map. When adding comments, consider the following:
Use up to 128 characters, including spaces.
Enclose the comment in quotation marks, if the comment is longer than one word.
To include double quotation marks (") inside the quotation marks, precede it with a backslash (\).

See also About Comments to Map Rules.

c. Select the Type.

The map type can be Regular, First Level, Second Level, or Inline.

For detailed information about the types of maps, refer to Map Types

d. Select the map Subtype.

The map subtype can be By Rule, Pass All, or Collector.

For detailed information about Pass All, refer to About Map-passall Maps. For detailed information about Collector, refer to About Shared Collectors.

5. Specify the Map Source and Destination.
a. From the Source and Destination drop-down list, select the required source and destination ports for the map. To create a port list, click Port Editor.

Note:  You can add a maximum of 324 ports in the Source drop-down list, if the ports are not attached to a GigaStream.

Note:  For details about port types that are supported for the different types of maps, refer to Port Lists.

b. If you have selected a circuit port in the Destination drop-down list, select the required circuit tunnel from the Encapsulation Tunnel drop-down list to encapsulate the traffic.

Note:  For details about circuit tunnels, refer to About Circuit-ID Tunnels.

c. If the map is used to redirect the decapsulated traffic to the required tool ports, ensure that you select the IP interface in the Source drop-down list. You must have attached the IP interface to the VXLAN or L2GRE tunnel. For details about VXLAN or L2GRE tunnels, refer to About Virtual Extensible LAN (VXLAN) Tunnels and About Layer 2 Generic Routing Encapsulation (L2GRE) Tunnels. From the Destination drop-down list, select the required tool ports.
d. If the map will use a GigaSMART operation, select the operation from the GigaSMART Operations (GSOP) drop-down list.
6. Add rules to the map.

To add rules to the map, do any of the following:

Use the Quick Editor. For details, refer to the How to Use the Quick Editor for Pass and Drop Rules.
Import a map template by clicking Import.
Create a rule by clicking Add a Rule.

For detailed information about map rules, refer to Map Rules.

7. Set the Map Order by selecting the priority from the Priority list.

For details about map priority, refer to Map Priority.

8. Set the Map Permissions.

For details about map permissions, refer to Port Access and Map Sharing.

Clone Map

You can create a copy of an existing map by doing the following:

1.   Select Maps > Maps > Maps to open the Maps page.
2. Select the check box of the map that you to clone.
3. Click Clone.
4. Make changes to the map as necessary, such as specifying an alias.
5. Click Save.

Edit Maps

To edit an existing map:

1.   Click the List view button.
2. Select the map on the Maps page by either selecting the check box and then clicking Edit, or click on the row in the table and clicking Edit in the Map Quick View.

1Make the changes to the map.

When editing a map, you can only modify the following:

Map alias
Comments
Change the source and destination.
Select a different GS Operation.
Modify rules.
Add rules.
Delete rules.
Permissions as allowed.
3. Click Save.

Delete Maps

If you have configured an active visibility policy action for a map, ensure that you delete the active visibility policy before you delete the map. If you delete the map before deleting the active visibility policy, it would result in errors in the policy action.

To delete a map or maps, do the following:

1.   Select Maps > Maps > Maps to open the Maps page.
2. Select the check box for the map or maps to delete, and then Click Delete.
3. When the message appears, asking if you want to delete the selected maps, click OK.

Note:  In the GRIP configuration, when you delete a map on the primary node, irrespective of the inline-network traffic-path, the traffic is switched to the secondary node. The port utilization must be 0% on the primary node and active on the secondary node.

Create Map Groups

Map Groups are a collection of maps that are used with GTP Flow Sampling Overlap and GTP Whitelisting Overlap GigaSMART solutions.

Use the Map Groups page to create a group of maps for GTP whitelisting and GTP flow sampling. All the maps in a map group receive traffic according to map rules, rather than map priority. Thus, multiple copies of a GTP packet can be sent to more than one tool. This functionality is referred to as overlapping maps.

The virtual port for specified as the source for GTP whitelisting and GTP flow sampling must have GTP Overlap enabled.

When creating Map Groups keep the following in mind:

A map group can be associated with only one GigaSMART group (gsgroup).
All maps within a map group must be connected to the same vport.
A map group can consist of only one GTP whitelisting map or only one GTP flow sampling map but it cannot contains two maps of the same type.
Once you have created a map group, you cannot edit it to change the type or subtype of the map. However, you can add or edit the map rules for a map, which is configured in a map group. Similarly, you cannot edit the map group alias but you can edit the aliases of the maps that are configured in the map group.
If multiple map groups are configured, the maps within each map group must point to the same port groups as the other map groups.

To create a Map Group, do the following:

1.   Select Maps > Maps > Map Groups to open the Maps page.
2. Click New.
3. Enter an alias for the map group.

Use an alias that helps identify the map group.

4. (Optional) Enter a comment about the map group. Refer to About Comments to Map Rules for the considerations regarding comments.
5. Click in the Maps field and select the maps to add to the map group.
6. Click Save.

About Comments to Map Rules

Use comments to label the purpose of a rule or the type of traffic covered by a rule. To add a map rule comment to a map select Maps > Maps > Edit.

Consider the following when adding map rule comments:

Use up to 128 characters, including spaces.
Enclose the comment in quotation marks, if the comment is longer than one word.
To include double quotation marks (") inside the quotation marks, precede the quote mark with a backslash (\).
Error Messages

Error messages are displayed when a comment is invalid, for example:

if the comment is longer than one word and does not include double quotation marks
if the comment is longer than 128 characters
if the rule with which the comment is included is not valid.
Edit Map Rule Comment

To edit a map rule comment, do the following:

1.   Select Maps > Maps
2. Select the map to edit.
3. Click Edit.
4. Change the comments the Comments field
5. Click Save to recreate the with a different comment.

How to Use the Quick Editor for Pass and Drop Rules

When creating a map, you can use the Quick Rule Editor to quickly select custom port numbers for a map rule or add a range of IP address.

How to Use the Quick Editor to Add Port Numbers

To use the Quick Rule Editor, do the following:

1.   While on an Edit Map or New Map page, click Quick Editor under Map Rules. This opens the Quick Rule Editor.

 

Figure 598: Selecting Quick Editor

2. On the Quick Rule Editor view, select the port number or numbers to add for a pass or drop rule or both.

The Quick Rule Editor has two columns of custom port numbers, one for pass rules and one for drop rules. In each column, the ports are categorized by type. For example, Web provides a list of HTTP ports as shown in Figure 599: Custom Port Number Selected in Quick Rule Editor, where HTTPS port 443 is selected for pass and HTTP port 80 is selected for drop.

 

Figure 599: Custom Port Number Selected in Quick Rule Editor

3. Click Add.

A rule with a port source is added for each custom port number selected in the Quick Rule Editor. If the port was selected from the custom port numbers under Pass, the rule is a pass rule. If the port was selected from the port numbers under Drop, the rule is a drop rule. Figure 600: Rules Added with the Quick Rule Editor shows two rules added by the example shown in the previous step.

 

Figure 600: Rules Added with the Quick Rule Editor

How to Use the Quick Port Editor to Add IP Address

Rather than enter IP address for map rules one at a time, the Quick Rule Editor makes it possible to enter a range to quickly add the IP addresses, saving time.

To enter a range of IP address with the Quick Rule Editor, do the following:

1.   While on an Edit Map or New Map page, click Quick Editor under Map Rules. This opens the Quick Rule Editor.
2. Enter an IP address range in the List field under IPv4 Source or IPv4 Destination or both. For example, 10.10.10.9..11/32 in the List field under IPv4 Source as shown in the following figure.

 

3. Click Add.

The Quick Rule Editor adds the IPv4 Source rules with the IP addresses. For example, if you entered 10.10.9..11 for the IPv4 Source, the editor adds three Ipv4 Source rules with the IP addresses 10.10.10.9/32, 10.10.10.10/32, 10.1010.11/32 as shown in the Figure 600: Rules Added with the Quick Rule Editor.

 

Figure 601: IPv4 Source Rules Added Through Quick Rule Editor