TCP Tunnel between GigaVUE-VM and GigaVUE HC Series Nodes

TCP tunnel feature routes the mirrored traffic from GigaVUE-VM to remote GigaVUE HC Series nodes reliably and without any reorder issues. TCP tunnel encapsulation is supported in the GigaVUE-VM node and the TCP tunnel decapsulation is supported in the GigaVUE HC Series node. Tunnel decapsulation can terminate more than one TCP connection initiated by the GigaVUE-VM node.

The following are the steps to configure TCP tunnel between GigaVUE-VM and GigaVUE HC Series Nodes:

  • Configure GigaVUE-VM For Encapsulation
  • Configure vMap for VMware
  • Configure HC Series Nodes for Decapsulation

Create TCP Tunnel in GigaVUE-VM

The section provides the steps for creating a GigaVUE-VM tunnel to a GigaSMART device from a virtual environment. Before you create the tunnel refer to the following sections in this guide:

To create a tunnel:

  1. From the left navigation pane, select Inventory > VIRTUAL > VMware (GVM)> vCenter > Management. The Management page appears.
  2. In the Tunnels Library tab, select Add. The Add Tunnel Endpoint(wu) page appears.
  3. In the Add Tunnel Endpoint(wu), select Other.
  4. For Type, select GTCP and specify the following:
    • Destination Tunnel IP
    • Tunnel Destination Port
    • Tunnel Source Port
  5. Select the DSCP value. This is optional.
  6. Enable Fragmentation to allow GigaVUE-VM to fragment large packets. This is optional.
  7. Click OK.

Configure Virtual Maps for VMware VCenter

To configure the virtual maps for VMWare VCenter, refer to the following section in this guide:

Configure Virtual Maps for VMware vCenter

Configure GigaVUE HC Series Devices for Decapsulation through CLI

To configure GigaVUE HC series devices for decapsulation:

  1. Create a GigaSMART Group with the required engine.gsgroup alias gsgrp1 port-list 1/1/e1
  2. Create an IP interface and attach the required network port. Add GigaSMART group to the IP interface.
  3. ip interface alias ip1

    attach 1/1/g1

    ip address 2.2.2.3 /24

    gw 2.2.2.5

    gsgroup add gsgrp1

    exit

  4. Create a listener with type tunnel and l4 protocol tcp.
  5. apps listener alias lis1

    type tunnel

    l4 port-list 3456

    l4 protocol tcp

    l3 protocol ipv4

    l3 ttl 64

    l3 dscp 0

    mode l3 interface

    exit

  6. Create a tunnel-decap gsop with type tcp and add listener to the GSOP.gsop alias decap_gsop tunnel-decap type tcp add lis1 port-list gsgrp1
  7. Designate the port connected to tool as tool-port.port 1/1/x7 type tool
  8. Create a map with the above IP interface port as from port and tool connected port as tool port.
  9. Use the above GSOP in the map.
  10. Use map rules with base L4 port of listener as the portdst and source L4 port of the GVM as portsrc.

map alias decap

type regular byRule

roles replace admin to owner_roles

use gsop decap_gsop

rule add pass ipver 4 portdst 3456 portsrc 12346

to 1/1/x7

from 1/1/g1

exit

Configure GigaVUE HC Series Devices for Decapsulation through GigaVUE‑FM

  1. Configure the GigaSMART engine group.
  2. Configure the IP interface on network port.
  3. Validate the ARP state.
  4. Configure the listener profile.

    Note:  From your Physical Node Overview page, select GigaSMART > TCP/IP Host > Listeners to reach the Listener page.

  5. Configure the GigaSMART operation..
  6. Configure the Map as shown in the image.

Supported Devices

TCP tunnel decapsulation is supported in the following devices:

  • GigaVUE‑HC1
  • GigaVUE‑HC2
  • GigaVUE‑HC3

Limitations

The following are the limitation of the TCP tunnel decapsulation feature:

  • On tunnel decap IP interface, MTU value should not be more than 1500.
  • Only IPv4 is supported.
  • GigaSMART engine grouping is not supported.
  • TCP tunnel feature should not co-exist with GTP or iSSL.