Create Ingress and Egress Tunnels
Traffic from the GigaVUE V Series Node is distributed to tunnel endpoints in a monitoring session. A tunnel endpoint can be created using a standard VXLAN, UDP, and TLS-PCAPNG tunnel.
Note: GigaVUE-FM allows you to configure Ingress Tunnels in the Monitoring Session, when the Traffic Acquisition Method is UCT-V.
To create a new tunnel endpoint:
- After creating a new monitoring session, or click Actions > Edit on an existing monitoring session, the GigaVUE-FM canvas appears.
- In the canvas, select New > New Tunnel, drag and drop a new tunnel template to the workspace. The Add Tunnel Spec quick view appears.
- On the New Tunnel quick view, enter or select the required information as described in the following table.
Field
Description
Alias
The name of the tunnel endpoint.
Note: Do not enter spaces in the alias name.
Description
The description of the tunnel endpoint.
Type
VXLAN and TLS-PCAPNG are the only supported tunnel types for Azure.
Traffic Direction
The direction of the traffic flowing through the GigaVUE V Series Node.
In
Choose In (Decapsulation) for creating an Ingress tunnel, traffic from the source to the GigaVUE V Series Node.
IP Version
The version of the Internet Protocol. Select IPv4 or IPv6.
Remote Tunnel IP
For Ingress tunnel, Remote Tunnel IP is the IP address of the tunnel source.
VXLAN Network Identifier
Unique value which is used to identify the VXLAN. The value ranges from 1 to 16777215.
Source L4 Port
Port from which the connection will be established to the target. For Example, if A is the source and B is the destination, this port value belongs to A.
Destination L4 Port
Port to which the connection will be established from the source. For Example, if A is the source and B is the destination, this port value belongs to B.
Out
Choose Out (Encapsulation) for creating an Egress tunnel from the V Series node to the destination endpoint.
Remote Tunnel IP
For Egress tunnel, Remote Tunnel IP is the IP address of the tunnel destination endpoint.
MTU
The Maximum Transmission Unit (MTU) is the maximum size of each packet that the tunnel endpoint can carry. The default value is 1500 for Azure.
Note: Increasing the MTU value will impact the performance and may even result in packet loss. By default, Azure VNet will attempt to fragment jumbo frames even if sending and receiving VMs are configured with a higher MTU.
Time to Live
Enter the value of the time interval for which the session needs to be available. The value ranges from 1 to 255. The default value is 64.
DSCP
Differentiated Services Code Point (DSCP) are the values, which network devices use to identify traffic to be handled with higher or lower priority. The values ranges from 0 to 63 with 0 being the highest priority and 63 as the lowest priority.
Flow Label
Unique value which is used to identify packets that belong to the same flow. A flow is a sequence of packets that need to be treated as a single entity that may require special handling. Accepted value is between 0 and 1048575
VXLAN Network Identifier
Unique value which is used to identify the VXLAN. The value ranges from 1 to 16777215.
Source L4 Port
Port from which the connection will be established to the target. For Example, if A is the source and B is the destination, this port value belongs to A.
Destination L4 Port
Port to which the connection will be established from the source. For Example, if A is the source and B is the destination, this port value belongs to B.
TLS-PCAPNG Traffic Direction
The direction of the traffic flowing through the GigaVUE V Series Node.
In
IP Version
The version of the Internet Protocol. only IPv4 is supported.
Remote Tunnel IP
For Ingress tunnel, Remote Tunnel IP is the IP address of the tunnel source.
MTU
The Maximum Transmission Unit (MTU) is the maximum size of each packet that the tunnel endpoint can carry. The default value is 1500 for Azure.
Note: Increasing the MTU value will impact the performance and may even result in packet loss. By default, Azure VNet will attempt to fragment jumbo frames even if sending and receiving VMs are configured with a higher MTU.
Source L4 Port
Port from which the connection will be established to the target. For Example, if A is the source and B is the destination, this port value belongs to A.
Destination L4 Port
Port to which the connection will be established from the source. For Example, if A is the source and B is the destination, this port value belongs to B.
Key Alias
Select the Key Alias from the drop-down.
Cipher
Only SHA 256 is supported.
TLS Version
Only TLS Version1.3.
Selective Acknowledgments
Enable to receive the acknowledgments.
Sync Retries
Enter the value for number of times the sync has to be tried. The value ranges from 1 to 6.
Delay Acknowledgments
Enable to receive the acknowledgments when there is a delay.
Out
IP Version
The version of the Internet Protocol. only IPv4 is supported.
Remote Tunnel IP
For Ingress tunnel, Remote Tunnel IP is the IP address of the tunnel source.
MTU
The Maximum Transmission Unit (MTU) is the maximum size of each packet that the tunnel endpoint can carry. The default value is 1500 for Azure.
Note: Increasing the MTU value will impact the performance and may even result in packet loss. By default, Azure VNet will attempt to fragment jumbo frames even if sending and receiving VMs are configured with a higher MTU.
Time to Live
Enter the value of the time interval for which the session needs to be available. The value ranges from 1 to 255. The default value is 64.
DSCP
Differentiated Services Code Point (DSCP) are the values, which network devices use to identify traffic to be handled with higher or lower priority. The values ranges from 0 to 63 with 0 being the highest priority and 63 as the lowest priority.
Flow Label
Unique value which is used to identify packets that belong to the same flow. A flow is a sequence of packets that need to be treated as a single entity that may require special handling. Accepted value is between 0 and 1048575
Source L4 Port
Port from which the connection will be established to the target. For Example, if A is the source and B is the destination, this port value belongs to A.
Destination L4 Port
Port to which the connection will be established from the source. For Example, if A is the source and B is the destination, this port value belongs to B.
Cipher
Only SHA 256 is supported.
TLS Version
Only TLS Version1.3.
Selective Acknowledgments
Enable to receive the acknowledgments.
Sync Retries
Enter the value for number of times the sync has to be tried. The value ranges from 1 to 6.
Delay Acknowledgments
Enable to receive the acknowledgments when there is a delay.
UDP: Out L4 Destination IP Address
Enter the IP address of the tool port or when using Application Metadata Exporter (AMX), enter the IP address of the AMX application. Refer to Application Metadata Exporter for more detailed information on what AMX application is and how to configure it.
Source L4 Port
Port from which the connection will be established to the target. For Example, if A is the source and B is the destination, this port value belongs to A.
Destination L4 Port
Port to which the connection will be established from the source. For Example, if A is the source and B is the destination, this port value belongs to B.
- Click Save.
To delete a tunnel, select the required tunnel and click Delete.
To apply threshold template to Tunnel End Points, select the required tunnel end point on the canvas and click Details. The quick view appears, click on the Threshold tab. For more details on how to create or apply threshold template, refer to Monitor Cloud Health.
Tunnel End Points configured can also be used to send or receive traffic from GigaVUE HC Series and GigaVUE TA Series. Provide the IP address of the GigaVUE HC Series and GigaVUE TA Series as the Source or the Destination IP address as required when configuring Tunnel End Points.
After configuring the tunnels and deploying the monitoring session, you can view the names of egress tunnels configured for a monitoring session, on the Monitoring Session details page. The Egress Tunnel column displays the name of the egress tunnel configured for a particular monitoring session. When multiple egress tunnels are configured for a monitoring session, then the Egress Tunnel column displays the number of egress tunnels configured in that monitoring session. Hover over the number of egress tunnels to display the names of the egress tunnels used in that particular monitoring session.