gsop
Required Command-Line Mode = Configure
Use the gsop command to create GigaSMART operations. GigaSMART operations consist of a name and a supported combination of the available GigaSMART applications you have licensed.
This command does not apply to GigaVUE TA Series nodes.
Note: Refer to the “Combining GigaSMART Operations” section in the GigaVUE Fabric Management Guide for details on supported combinations of GigaSMART operations.
Note: Refer to the “Order of GigaSMART Operations” section in the GigaVUE Fabric Management Guide for information on the order in which GigaSMART components are applied in a single operation.
Note: Refer to Configure GigaSMART Operations for examples of how to configure the various GigaSMART operations.
Note: SNAP/LLC packets are not supported in GigaVUE‑HC1-Plus.
The gsop command has the following syntax:
gsop alias <alias>
add-header vlan <1-4094>
apf set
asf enhanced <enhanced asf alias> port-list <gsgroup name> asf <ASF alias>
dedup set
flow-ops <flow-filtering <gtp> | flow-sampling | gtp-flowsample | gtp-whitelist | netflow | sip-flowsample | sip-whitelist | 5g-whitelist | 5g-flowsample>
inline-ssl <inline SSL profile alias>
lb
app <asf | gtp | tunnel | 5G> metric <lt-bw | lt-pkt-rate | round-robin | lt-conn | lt-tt-traffic | wt-lt-bw |
wt-lt-pkt-rate | wt-round-robin | wt-lt-conn | wt-lt-tt-traffic | wt-supi | wt-imsi | hashing <key <imsi | imei | msisdn>>
app <sip> metric hashing key caller-id
user-name
command-code
session-id
end-to-end id
hop-by-hop-id
app <<5g> metric hashing key <supi | pei | gpsi>>
application-id
avp-code
hash <ip-only <inner | outer> | ip-and-port <inner | outer> | 5-tuple <inner | outer> | gtpu-teid> masking protocol
enhanced <elb-name>
none offset <0-9000>
ipv4 offset <1-9000>
ipv6 offset <1-9000>
udp offset <1-9000>
tcp offset <1-9000>
ftp-data offset <1-9000>
https offset <1-9000>
ssh offset <1-9000>
gtp offset <1-9000>
gtp-ipv4 offset <1-9000>
gtp-udp offset <1-9000>
gtp-tcp offset <1-9000>
<pattern: 1-byte-hex>
<length: 1-9600>
sip content-type message/cpim
port-list <GigaSMART group alias>
slicing protocol
none offset <64-9000>
ipv4 offset <4-9000>
ipv6 offset <4-9000>
udp offset <4-9000>
tcp offset <4-9000>
ftp-data offset <4-9000>
https offset <4-9000>
ssh offset <4-9000>
gtp offset <4-9000>
gtp-ipv4 offset <4-9000>
gtp-udp offset <4-9000>
gtp-tcp offset <4-9000>
ssl-decrypt in-port <<ingress port> | any> out-port <<egress port> | auto>
strip-header
erspan <0-1023>
fabric-path <dst-switch-id <0-(2^12-1)>> <src-switch-id <0-(2^12-1)>>
fm6000-ts <gs | none | x12-ts>
generic anchor-hdr1 <none | eth | vlan | mpls | ipv4 | ipv6><offset <start | end | <integer>>
<header-count<1-32> [custom-len <1-1500>]<anchor-hdr2 <none | eth | vlan | mpls | ipv4 | ipv6 | tcp | udp | any>>
gre
gtp
isl
mpls
mpls+vlan
vlan <outer | all>
vntag
vxlan <0-(2^24-1)>
trailer
add crc <enable | disable> <srcid <enable | disable>
remove
tunnel-decap type
tunnel-decap type tcp add <listener>
custom <portsrc <0-65535> portdst <0-65535>>
erspan flow-id <0-1023>
gmip portdst <0-65535>
l2gre key <0~(2^32-1)>
vxlan <portsrc <0-65535> portdst <1-65535> vni <0~(2^24-1)>>
tunnel-encap type
gmip <portsrc <0-65535> portdst <0-65535> ipdst <IP address>> [dscp <0-63>] [prec <0-7>]
[ttl <1-255>]
l2gre
ip6dst <IPv6 destination address> key <0~(2^32-1)> [dscp <0-63>] [flow-label <0~(2^20-1)>]
[prec <0-7>] [ttl <1-255>]
ipdst <IP address> key <0~(2^32-1)>
pgdst <port group name> key <0~(2^32-1)> session-field <3-tuple-any | 3-tuple-ipv4 | 3-tuple-ipv6 |
5-tuple-any | 5-tuple-ipv4 | 5-tuple-ipv6 | ip-any | ipv4-only | ipv6-only> <inner | outer>
vxlan <portsrc <1-65536> portdst <1-65536> vni <0~(2^24-1) ipdst | ip6dst <ipv4/ipv6 address>>
The following table describes the arguments for the gsop command:
Argument |
Description |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
alias <alias> |
Specifies the alias for this GigaSMART operation. Use the alias for all management of a GigaSMART operation, including binding it to a map rule. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
add-header vlan <1-4094> |
Specifies the add-header GigaSMART operation. Packets processed by this GigaSMART operation are tagged with the specified VLAN tag. This feature can be used in conjunction with the strip-header operation to differentiate stripped packets using common IP ranges (10.x.x.x or 192.168.x.x) from non-stripped packets in the same IP range. Refer to the “GigaSMART Header Addition” section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
apf set |
Specifies the APF GigaSMART operation. Packets processed by this operation are evaluated using Adaptive Packet Filtering rules configured with the map command’s gsrule argument. Refer to the “GigaSMART Adaptive Packet Filtering (APF)” section in the GigaVUE Fabric Management Guide. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
asf enhanced <enhanced asf alias> port-list <gsgroup name> |
Specifies the enhanced Application Session Filtering (ASF) GigaSMART operation by configuring an alias. Examples: (config) # gsop alias <gsop alias> apf set asf enhanced <enhanced asf alias> port-list <gsgroup name>
Refer to the “GigaSMART EnhancedApplication Session Filtering (ASF) " section in the GigaVUE Fabric Management Guide for details.
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
asf <ASF alias> |
Specifies the Application Session Filtering (ASF) GigaSMART operation by configuring an alias. Examples: (config) # gsop alias gsop2 asf asf2 port-list gsgrp1 (config) # gsop alias gsop1 apf set asf asf1 port-list gsg1 Refer to the “GigaSMART Application Session Filtering (ASF) and Buffer ASF” section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
dedup set |
Specifies the de-duplication GigaSMART operation. Packets processed by this operation are analyzed for duplicates. A packet is considered to be a duplicate if its bits are identical to the original packet from Layer 3 (Network layer) onwards, including the payload (differences in Layer 2 are not considered). For example, if two packets are identical except for Time-to-Live (TTL), they will be counted as duplicates. If you use this operation, you can also use gsparams to set the following:
For details of the gsparams command, refer to gsparams. Refer to the “GigaSMART De-duplication” section in the GigaVUE Fabric Management Guide. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
flow-ops <flow-filtering <gtp> | flow-sampling | gtp-flowsample | gtp-whitelist | netflow | sip-flowsample | sip-whitelist | | |5g-whitelist |5g-flowsample> |
Configures GigaSMART operations as follows:
For example: (config) # gsop alias gtpFilter flow-ops flow-filtering gtp port-list gsgrp1 Refer to the GigaSMART GTP Correlation section in the GigaVUE Fabric Management Guide for details and examples.
For example: (config) # gsop alias gsfvue flow-ops flow-sampling port-list gsgrp2 Refer to the “GigaSMART FlowVUE” section in the GigaVUE Fabric Management Guide for details and examples.
For example: (config) # gsop alias fs1 flow-ops gtp-flowsample port-list gsgrp3 Refer to the “GigaSMART GTP Whitelisting and GTP Flow Sampling” section in the GigaVUE Fabric Management Guide for details and examples.
For example: (config) # gsop alias wlf1 flow-ops gtp-whitelist port-list gsgrp4 Refer to the “GigaSMART GTP Whitelisting and GTP Flow Sampling” section in the GigaVUE Fabric Management Guide details and examples.
For example: (config) # gsop alias gsop2 flow-ops netflow port-list gsgrp5 Refer to the “GigaSMART NetFlow Generation” section in the GigaVUE Fabric Management Guide for details and examples.
Examples: (config) # gsop alias sip-flowsample-no-lb flow-ops sip-flowsample port-list gsg2 (config) # gsop alias sip-flowsample flow-ops sip-flowsample lb app sip metric hashing key caller-id port-list gsg1 Refer to the GigaSMART SIP/RTP Correlation section in the GigaVUE Fabric Management Guide for details and examples.
Examples: (config) # gsop alias sip-whitelist-no-lb flow-ops sip-whitelist port-list gsg2 (config) # gsop alias sip-whitelist flow-ops sip-whitelist lb app sip metric hashing key caller-id port-list gsg1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
inline-ssl <inline SSL profile alias> |
Attaches the inline SSL profile to a GigaSMART operation by specifying the alias of the profile. For example: (config) # gsop alias issl1-gsop inline-ssl sslprofile port-list gsgrp1 Refer to apps inline-ssl for information on profiles for inline SSL decryption. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
lb app <asf | gtp | tunnel> metric <lt-bw | lt-pkt-rate | round-robin | lt-conn | lt-tt-traffic | wt-lt-bw | wt-lt-pkt-rate | wt-round-robin | wt-lt-conn | wt-lt-tt-traffic | | wt-lt-tt-traffic | wt-imsi | wt-supi | hashing [key <imsi | imei | msisdn]> hash <ip-only <inner | outer> | ip-and-port <inner | outer> | 5-tuple <inner | outer> | gtpu-teid> apps enhanced-lb alias <elb-name> hash-field <add |delete><LIST><inner|outer>exit |
Configures stateful or stateless load balancing.
Also, configures the following field locations for hash:
Note: There is no inner or outer field location for gtpu-teid.
Also, configures the following field locations for hash:
Note: There is no inner or outer field location for gtpu-teid. Refer to the “GigaSMART Load Balancing” section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
lbapp <sip> metric hashing key caller-id |
Configures stateful load balancing for SIP/RTP. Examples: (config) # gsop alias sip-fs-lb lb app sip metric hashing key caller-id flow-ops sip-flowsample port-list gsgrp (config) # gsop alias sip-wl-lb lb app sip metric hashing key caller-id flow-ops sip-whitelist port-list gsgrp |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
app <<5g> metric hashing key <supi | pei | gpsi>> |
Configures the stateless load balancing for 5G. You must provide any of the following three keys for multi-hashing:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
masking protocol none offset <0-9000> ipv4 offset <1-9000> ipv6 offset <1-9000> udp offset <1-9000> tcp offset <1-9000> ftp-data offset <1-9000> https offset <1-9000> ssh offset <1-9000> gtp offset <1-9000> gtp-ipv4 offset <1-9000> gtp-udp offset <1-9000> gtp-tcp offset <1-9000> <pattern: 1-byte-hex> <length: 1-9600> sip content-type message/cpim |
Specifies the masking GigaSMART operation. Packets processed by this GigaSMART operation mask the specified field with the supplied pattern. You can specify the field to be masked either in terms of a static, hard-coded offset or by using a relative offset from a specified packet header as follows:
(config) # gsop alias mymask masking protocol none offset 14 pattern ff length 88 port-list GS1
Refer to the “GigaSMART Masking” section in the GigaVUE Fabric Management Guide for details. For SIP/RTP:
Examples: (config) # gsop alias sip-content-mask masking protocol sip content-type message/cpim port-list gsgrp (config) # gsop alias sip-fs-lb flow-ops sip-flowsample lb app sip metric hashing key caller-id masking protocol sip content-type message/cpim port-list gsgrp (config) # gsop alias sip-wl-lb flow-ops sip-whitelist lb app sip metric hashing key caller-id masking protocol sip content-type message/cpim port-list gsgrp |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
port-list <GigaSMART group alias> |
Specifies the GigaSMART group that will be used to process this GigaSMART operation. Use the gsgroup command to create groups of GigaSMART engine ports in a given chassis as follows:
GigaSMART engine ports are numbered with an e prefix using <bid/sid/e1..e2> nomenclature—1/1/e1, for example. Note: The ports in a GigaSMART group can be on different line cards in the same chassis. However, they must all be on the same chassis. Note: The slot ID for a GigaVUE‑HC1 chassis is fixed at 1. Note: The bay ID for a GigaVUE‑HC2 with a rear GigaSMART module is fixed at 5. The bay ID for a GigaVUE‑HC2 with GigaSMART front modules or a GigaVUE‑HC3, will be 1 to 4, depending on where the module or modules are installed. The number of GigaSMART engine ports available in a chassis will depend on the number of GigaSMART line cards or modules in the chassis—up to four in the GigaVUE‑HC3, and up to five in the GigaVUE‑HC2 (four front GigaSMART modules with one GigaSMART engine port each, and one rear GigaSMART module with one GigaSMART engine). The GigaVUE‑HC1 has one GigaSMART engine port. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
slicing protocol none offset <64-9000> ipv4 offset <4-9000> ipv6 offset <4-9000> udp offset <4-9000> tcp offset <4-9000> ftp-data offset <4-9000> https offset <4-9000> ssh offset <4-9000> gtp offset <4-9000> gtp-ipv4 offset <4-9000> gtp-udp offset <4-9000> gtp-tcp offset <4-9000> |
Specifies the slicing GigaSMART operation. Packets processed by this GigaSMART operation are sliced after the specified packet header and offset or offset. Refer to the “GigaSMART Packet Slicing” section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
ssl-decrypt in-port <<ingress port> | any> out-port <<egress port> | auto> |
Specifies the Passive SSL decryption GigaSMART operation as follows:
Port: in-port—out-port: IMAP: 993—143 POP3: 995—110 SMTP: 465—25 LDAP: 636—389 NNTP: 563—119 HTTP: 443—80 For example: (config) # gsop alias ssl_dec ssl-decrypt in-port any out-port auto port-list GSGROUP1 Optionally, the de-duplication GigaSMART operation can be applied before SSL decryption. For example: (config) # gsop alias ssl_dec ssl-decrypt in-port any out-port 333 dedup set port-list gsgrp1 Refer to the “GigaSMART SSL Decryption for Out-of-Band Tools” section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
strip-header erspan <0-1023> fabric-path <dst-switch-id <0-(2^12-1)>> <src-switch-id <0-(2^12-1)>> fm6000-ts <gs | none | x12-ts> generic anchor-hdr1 <none | eth | vlan | mpls | ipv4 | ipv6 ><offset <start | end | integer>><header-count<1-32> [custom-len <1-1500>]<anchor-hdr2 <none | eth | vlan | mpls | ipv4 | ipv6 | tcp | udp | any>> gre gtp isl mpls mpls+vlan vlan <outer | all> vntag vxlan <0-(2^24-1)> |
Specifies the strip-header GigaSMART operation to identify and remove the following:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
strip-header (continued) |
For VXLAN headers, you can either strip all VXLAN packets with a matching header value or, alternatively, enter a value of 0 for the VXLAN ID to strip the headers from all VXLAN packets. The syntax is as follows: (config) # gsop alias <alias> strip-header vxlan <0-(2^24-1)> Refer to the “GigaSMART Header Stripping” section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
trailer add crc <enable | disable> <srcid <enable | disable> remove |
Specifies the trailer GigaSMART operation and whether to include or remove the GigaSMART trailer with this operation. The Gigamon trailer is mandatory for some features (for example, including a Source ID field indicating the port where a packet arrived on the GigaVUE H Series node) and optional for others (slicing and masking). The arguments are as follows:
Note: The modified packet’s actual CRC is always recalculated to reflect its new length. This argument only specifies whether to include the original packet’s CRC as a field in the trailer.
Refer to the “Using GigaSMART Trailers” section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
tunnel-decap type custom <portsrc <0-65535> portdst <0-65535>> erspan flow-id <0-1023> gmip portdst <0-65535> l2gre key <0~(2^32-1)> vxlan <portsrc <0-65535> portdst <1-65535> vni <0~(2^24-1)>> |
Specifies the tunnel-decap GigaSMART operation to use in conjunction with a tunneled network port to configure the receiving end of a tunnel. You can use a tunnel-decap port on a GigaVUE H Series node to receive and decapsulate tunneled traffic. Specify the type of tunnel in the command as follows:
Examples: (config) # gsop alias tun_decap tunnel-decap type l2gre key 12314 port-list gsport1 (config) # gsop alias de_tunnel1 tunnel-decap type custom portsrc 100 portdst 4789 port-list gsgroup1 (config) # gsop alias de_tunnel2 tunnel-decap type vxlan portsrc 100 portdst 100 vni 10 port-list gsgroup1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
tunnel-encap type gmip <portsrc <0-65535> portdst <0-65535> ipdst <IP address>> [dscp <0-63>] [prec <0-7>] [ttl <1-255>] |
Specifies the tunnel-encap type, GMIP, to use in conjunction with a network port that is associated with an IP interface to configure the sending end of a tunnel. GigaSMART tunnels send traffic arriving from a GigaSMART-enabled node over the Internet to a second GigaSMART-enabled node where the traffic is decapsulated and made available to local packet distribution. The arguments are as follows:
By default, the tunnel-encapsulation application copies the ToS byte from the inner packet to the header of the tunnel packet, ensuring the same values. Similarly, TTL is automatically set to ensure delivery of packets from the sending node to the receiving node. However, you can use the following options to change the QoS assigned to tunneled packets:
Refer to the GigaSMART IP Encapsulation/Decapsulation (GigaSMART Tunnel) section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
tunnel-encap type l2gre ip6dst <IPv6 destination address> key <0~(2^32-1)> [dscp <0-63>] [flow-label <0~(2^20-1)>] [prec <0-7>] [ttl <1-255>] |
Specifies the type of tunnel, Layer 2 GRE, to encapsulate the packet. The arguments are as follows:
Note: Use the same GRE key at tunnel-encap and tunnel-decap ends for successful tunneling.
For example: (config) # gsop alias gs_tunnel tunnel-encap type l2gre ip6dst 2001::3 key 5 flow-label 2452 ttl 25 dscp 62 prec 3 port-list gsop1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
tunnel-encap type l2gre ipdst <IP address> key <0~(2^32-1)> pgdst <port group name> key <0~(2^32-1)> session-field <3-tuple-any | 3-tuple-ipv4 | 3-tuple-ipv6 | 5-tuple-any | 5-tuple-ipv4 | 5-tuple-ipv6 | ip-any | ipv4-only | ipv6-only> <inner | outer> |
Specifies the tunnel-encap type, Layer 2 GRE, to use in conjunction with a tunneled network port to configure the sending end of a tunnel. The arguments are as follows:
In addition, for all session fields, specify the following:
Examples: (config) # gsop alias tun_encap tunnel-encap type l2gre ipdst 1.1.1.1 key 123214 port-list gsport1 (config) # gsop alias gsop1 tunnel-encap type l2gre pgdst pg1 key 10 session-field 5-tuple-ipv4 outer lb app tunnel metric round-robin port-list gsport1 (config) # gsop alias gsop2 tunnel-encap type l2gre pgdst pg1 key 123 lb hash 5-tuple outer port-list gsport1 Refer to the GigaSMART Layer 2 GRE Tunnel Encapsulation/Decapsulation section in the GigaVUE Fabric Management Guide for details. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
tunnel-encap type vxlan <portsrc <1-65536> portdst <1-65536> vni <0~(2^24-1) ipdst | ip6dst <ipv4/ipv6 address> |
Specifies the type of tunnel, VxLAN, to encapsulate the packet. The arguments are as follows:
For example: (config) # gsop alias en-tunnel tunnel-encap type vxlan portsrc 100 portdst 100 vni 10 ip6dst 2001:0db8:85a3:0000:0000:8a2e:0370:7334 |
Related Commands
The following table summarizes other commands related to the gsop command:
Task
|
Command |
Displays all GigaSMART operations. |
# show gsop |
Displays a specified GigaSMART operation. |
# show gsop alias gsop1 |
Displays all GigaSMART operations. |
# show gsop all |
Displays GigaSMART operations by application.
|
<add-header | dedup | apf | asf | flow-sampling | flow-filtering | lb | masking | slicing | strip-header | trailer | tunnel-decap | ssl-decrypt> |
Displays statistics for all GigaSMART operations. |
# show gsop stats |
Displays statistics for a specified GigaSMART operation. |
# show gsop stats alias gsop1 |
Displays IP fragmentation statistics for a specified GigaSMART operation. |
# show gsop stats alias gsop1 ip-frag |
Displays statistics for all GigaSMART operations. |
# show gsop stats all |
Displays detailed statistics for all GigaSMART operations. |
# show gsop stats all detail |
Displays statistics of all GigaSMART operations using a particular GigaSMART application. |
by-application <add-header | dedup | apf | asf | flow-sampling | flow-filtering | lb | masking | slicing | strip-header | trailer | tunnel-decap | ssl-decrypt> |
Displays statistics in a particular GigaSMART group. |
by-gsgroup gsg1 |
Deletes a specified GigaSMART operation. |
(config) # no gsop alias gsop1 |
Deletes all GigaSMART operations. |
(config) # no gsop all |