GigaSMART IP Encapsulation/Decapsulation (GigaSMART Tunnel)
Required License for IP Decapsulation: Base (GigaVUE‑HC3), Tunneling (GigaVUE‑HC1)Required License for IP Encapsulation: Advanced Tunneling (GigaVUE‑HC3), Tunneling (GigaVUE‑HC1)
Use GigaSMART encapsulation and decapsulation operations to send traffic arriving on one GigaSMART-enabled node over the Internet to a second GigaSMART-enabled node. There, the traffic is decapsulated and made available to local tool ports.
This feature is useful when instrumenting remote data centers – you can tunnel selected portions of the traffic from the remote GigaSMART-enabled node to tools in a central location. Traffic is encapsulated at the sending end of the tunnel and decapsulated at the receiving end.
GigaSMART drops packets when it receives packets with multiple encapsulation headers that are added due to unpredictable looping in the network.
IP fragmentation and reassembly are supported. Refer to IP Fragmentation and Reassembly on L2GRE and GMIP Tunnels.
The source of the GigaSMART tunnel can be any of the following:
|
■
|
GigaSMART-Enabled GigaVUE H Series Node
|
|
o
|
Standalone GigaVUE‑HC3 node with SMT-HC3-C05 modules installed. |
|
o
|
Standalone GigaVUE‑HC1 nodes. |
|
o
|
Any GigaVUE H Series node operating in a cluster with the previous node types. |
|
■
|
GigaVUE V Series node or a GigaVUE-VM |
Note: You can also create GigaSMART operations that allow a GigaVUE H Series node to act as the receiving end of an ERSPAN tunnel for data mirrored over the Internet from Cisco equipment. However, this feature requires the Advanced Tunneling license; refer to GigaSMART ERSPAN Tunnel Decapsulation.
Example: GigaSMART Encapsulation/Decapsulation (GigaVUE-VM)
The following figures demonstrate how to create a sample IP tunnel between a sending GigaVUE-VM node in Sydney and a receiving GigaVUE H Series in Melbourne. First, the overall tunnel is summarized, followed by configuration descriptions for the sending and receiving ends.
Configure Sending End of Tunnel: GigaVUE-VM vMap in Sydney
A GigaVUE-VM node in this location is configured with a vMap that will send data over the Internet to the IP interface associated with a network port on a GigaVUE H Series with a GigaSMART-HD0 line card installed.
VMaps are created in the GigaVUE‑FM user interface – Step 2 in the Create Map wizard includes Tunnel Traffic To settings that specify where matching traffic should be sent:
Create vMap “Tunnel Traffic To” Option
|
Setting
|
UDP IP
|
This is the destination IP address for the IP interface associated with network port on the GigaVUE H Series in Melbourne. We will set it to 10.150.68.222
|
UDP Source Port
|
This is the UDP source port from which tunneled packets will be sent. We will set this to 5000.
|
UDP Destination Port
|
This is the listening port on the receiving GigaVUE H Series IP interface associated with network port. We will set this to 10000.
|
Configure Receiving End of Tunnel: GigaVUE H Series with GigaSMART in Melbourne
Now we need to configure the receiving end of the tunnel with an IP interface associated with network port. The GigaVUE H Series in this location will have an IP interface associated with network port configured on network port 1/1/3 with an IP address of 10.150.68.222 and a GigaSMART decapsulation operation that listens on UDP port 10000.
The following table summarizes the steps necessary to configure the receiving end of the tunnel using the UI:
Task
|
UI Steps
|
Start by designating port 1/1/x3 as an IP interface with network port, configuring its IP profile, and assigning its GigaSMART operations to a GigaSMART group. This command sets the IP address, subnet mask, default gateway, and MTU for the IP interface associated with a tool port on port 1/1/x3.
|
|
1.
|
Select Ports > IP Interfaces. |
|
3.
|
Configure the IP Interface: |
|
■
|
IP Address: 10.150.68.222 |
|
■
|
IP Mask: 255.255.255.255 |
|
Now, create an IP decapsulation GigaSMART operation (gmipdecap) that will decapsulate traffic received on UDP port 10000. Recall that we configured the sending end of the tunnel to send to that UDP port. The operation has the alias gv_ipdecap.
Note that this operation uses the same GigaSMART group (GS2) as the IP interface associated with network port we set up in the first step.
|
|
1.
|
From the device view, select GigaSMART > GigaSMART Operations > GigaSMART Operation. |
|
3.
|
Configure the GigaSMART Operation: |
|
■
|
GigaSMART Operations (GSOP): Tunnel Decapsulation |
|
4.
|
Configure the Tunnel Encapsulation: |
|
Once we have our IP decapsulation operation, we can include it as part of a map.
|
■
|
Open the map configuration page to create a map named decapper. |
|
■
|
The Source field specifies the ingress ports for this map. |
|
■
|
The GSOP field applies the gv_ipdecap GigaSMART operation to all packets matching the rules in the map, decapsulating them from the tunnel. |
|
■
|
The Destination field specifies where matching packets will be sent (tool port 1/1/x11). |
|
■
|
The rule with Pass selected specifies that packets arriving on this port with an IP Source address of 10.10.10.10 /32 will be processed by the gv_ipdecap GSOP and sent to tool port 1/1/x11. |
|
|
1.
|
Select Maps > Maps > Maps |
|
■
|
GigaSMART Operation (GSOP): gv_ipdecap (GS2) |
|
■
|
Select IPv4 Source for Rule 1. |
|
■
|
Set the IPv4 Address to 10.10.10.10 |
|
■
|
Set the Net Mask to 255.255.255.255 |
|