GigaSMART Advanced Flow Slicing
Required License: Advanced Flow Slicing
Advanced Flow Slicing (AFS) allows you to slice traffic on multiple network protocols, each with different offset. In Advanced Flow Slicing, you can configure multiple protocols within a profile with rules for slicing of a packet which in turn reduces the number of GigaSMART Operations (GSOP) and the maps to be configured. In this feature, the slicing of packets occurs after the packet count has reached a configured value thereby preventing the slicing of control information and other important data of the networking protocols.
Limitations
Supports up to five enhanced profiles. |
Supports up to ten protocol rules for each profile. |
Slicing profile cannot be edited after attaching it to GSOP. |
Supports up to 80 million sessions per GigaSMART group. |
When enhanced slicing or AFS profile is configured with 7-tuple, the protocol rule must be configured with "flow-session inner" only. |
Note: Only 5-tuple hashing is supported for Gen2. The 7-tuple hashing is supported for Gen3.
Note: It is recommended not to edit an Advanced Flow Slicing (AFS) or the enhanced-slicing profile once created. For any changes to a profile, the user must always delete and recreate with new configurations.
To create an advanced flow slicing profile, follow these steps:
1. | Go to Physical > Physical Nodes. |
2. | Click the required cluster ID. |
3. | On the left navigation pane, go to GigaSMART> Advanced Flow Slicing. The Advanced Flow Slicing page appears. |
4. | Click New. |
Enter an allias. |
Enter the Maximum Sessions. In a profile, you can configure from 4 to 80 million sessions. |
Select the Protocol from the drop-down list. |
Choose the protocol type as Inner or Outer. |
Enter the value for Offset. The value specifies the number of bytes that should be sliced after the protocol header. The value ranges from 64 to 9000, if there is no protocol selected. The value ranges from 0 to 9000 when other protocol is selected. |
Select the Flow Session from the drop-down list. For a profile with flow-session defined, a session is created when a packet is received and when there is no existing flow-session for that flow. |
Slicing or dropping starts on the next packet of a session after the number of packets reaches the specified value in the packet count.
Choose either to Slice or Drop the session. The default action is Slice. |
The slicing or drop occurs for the first matching rule in a profile.
Enter the timeout sessions from 10 to 300 seconds. The default value is 30 seconds. |
Enter the Skip Packet Count value to slice or drop the packet after it reaches the given count value. |
Each profile must have atleast one protocol field. You can add a maximum of 10 rules in a profile. Click + to add new rules in a profile.
5. | Click OK. |
Slicing or drop cannot be performed in the following conditions:
- When the traffic does not match any rule in the profile.
- When a packet does not contain the configured inner or outer IP and l4-port in a defined flow-session.
Note: It is recommended not to edit an Advanced Flow Slicing (AFS) or the enhanced slicing profile once created. For any changes to a profile, you must always delete the existing profile and recreate the profile with the new configurations.
This example shown in creates a GigaSMART Advanced slicing operation named eslice-gtpu. In this operation, slicing occurs at HTTPS (port 443) over GTPu-TCP and GTPu-UDP traffic after 10 packets for each TLS connection. This operation truncates all packet data starting 40 bytes after the TCP header. The slicing starts after TCP header gets encapsulated by GTP.
1 | Advanced Flow Slicing |
To display Advanced Slicing statistics, select GigaSMART> Advanced Flow Slicing> Statistics. You can view the statistics of the Advanced Flow Slicing.
Refer the following Gigamon Validated Designs for more detailed information on use Advanced Flow Slicing in different ways: