Create a New Map (AWS)

You must have the flow map license to deploy a map in the monitoring session.

For new users, the free trial bundle will expire after 30 days, and the GigaVUE-FM prompts you to buy a new license. For licensing information, refer to GigaVUE Licensing Guide.

A map is used to filter the traffic flowing through the GigaVUE V Series Nodes. It is a collection of one or more rules (R). The traffic passing through a map can match one or more rules defined in the map.

Keep in mind the following when creating a map:

Parameter Description

Rules

A rule (R) contains specific filtering criteria that the packets must match. The filtering criteria lets you determine the targets and the (egress or ingress) direction of tapping the network traffic.

Priority

Priority determines the order in which the rules are executed. The priority value can range from 1 to 5, with 1 being the highest and 5 is the lowest priority.

Pass

The traffic from the virtual machine will be passed to the destination.

Drop

The traffic from the virtual machine is dropped when passing through the map.

Traffic Filter Maps

A set of maps that are used to match traffic and perform various actions on the matched traffic.

Inclusion Map

An inclusion map determines the instances to be included for monitoring. This map is used only for target selection.

Exclusion Map

An exclusion map determines the instances to be excluded from monitoring. This map is used only for target selection.

Automatic Target Selection (ATS)

A built-in feature that automatically selects the cloud instances based on the rules defined in the traffic filter maps, inclusion maps, and exclusion maps in the monitoring session.

The below formula describes how ATS works:

Selected Targets = Traffic Filter Maps ∩ Inclusion Maps - Exclusion Maps

Below are the filter rule types that work in ATS:

mac Source
mac Destination
ipv4 Source
ipv4 Destination
ipv6 Source
ipv6 Destination
VM Name Destination
VM Name Source
VM Tag Destination - Not applicable to Nutanix.
VM Tag Source - Not applicable to Nutanix.
VM Category Source - Applicable only to Nutanix
VM Category Destination - Applicable only to Nutanix.
Host Name -Applicable only to Nutanix and VMware.

The traffic direction is as follow:

For any rule type as Source - the traffic direction is egress.
For Destination rule type - the traffic direction is ingress.
For Hostname - As it doesn't have Source or Destination rule type, the traffic direction is Ingress and Egress.
Notes
■   For OpenStack environment, Subnet Name Source and Subnet Name Destination are the exclusion filters available as part of Exclusion Maps with Traffic Acquisition method as OVS Mirroring in the Monitoring Domain.
■  If no ATS rule filters listed above are used, all VMs and vNICS are selected as targets. When any ATS rule results in a null set, no target is selected and V Series Node does not receive traffic from any VM or vNIC.

Group

A group is a collection of maps that are pre-defined and saved in the map library for reuse.

To create a new map:

  1. After creating a new monitoring session, or click Actions > Edit on an existing monitoring session, the GigaVUE-FM canvas appears.
  2. In the canvas, select New > New Map, drag and drop a new map template to sthe workspace. The New Map quick view appears.

  3. On the New Map quick view, click on General tab and enter the required information as described in the following table:

    Field

    Description

    NameName of the new map

    Description

    Description of the map
    Pass and Drop rule selection with Automatic Target Selection (ATS) differ with the Map type as follows:
    • Traffic Map—Only Pass rules for ATS
    • Inclusion Map—Only Pass rules for ATS
    • Exclusion Map—Only Drop rules for ATS
  4. Click on Rule Sets tab. Through the map, packets can be dropped or passed based on the highest to lowest rule priority. You can add 5 rule sets on a map. Use the + and - buttons to add or remove a rule set in the map. Each rule set can have only 25 rules per map and each rule can have a maximum of 4 conditions. To add ATS rules for an Inclusion/Exclusion map, you must select at least one rule condition. Refer to Example- Create a New Map using Inclusion and Exclusion Maps for more detailed information on how to configure Inclusion and Exclusion maps using ATS.
    1. To create a new rule set:
      1. Click Actions > New Rule Set.
      2. Enter a Priority value from 1 to 5 for the rule with 1 being the highest and 5 is the lowest priority.
      3. Enter the Application Endpoint in the Application EndPoint ID field.
      4. Select a required condition from the drop-down list.
      5. Select the rule to Pass or Drop through the map.
    2. To create a new rule:
      1. Click Actions > New Rule.
      2. Select a required condition from the drop-down list. Click and select Add Condition to add more conditions.
      3. Select the rule to Pass or Drop through the map.
  5. Click Save.

Note:  If a packet is fragmented then all the fragments will be destined to the same application end point. You can find the stats of mapped fragmented traffic in GigaVUE-FM. Refer to Map Statistics for detailed information.

To edit a map, select the map and click Details, or click Delete to delete the map.

To apply threshold template to maps, select the required map on the canvas and click Details. The quick view appears, click on the Threshold tab. For more details on how to create or apply threshold templates, refer to Monitor Cloud Health.

Rules and Notes:

  • Directional rules do not work on single NIC VMs that are running a Windows UCT-V.
  • Loopback captures bidirectional traffic from both ingress and egress. To prevent duplicate tapping, only egress tapping is permitted.
  • If you are running GigaVUE Cloud Suite on OpenStack, you can add a subnet to the exclusion map. To do this, create an exclusion map and select the Subnet name in the ruleset.

You can also perform the following action in the Monitoring session canvas.

  • Click a map and select Details to edit the map
  • Click a map and select Delete to delete the map.
  • Click the Show Targets button to refresh the subnets and monitored instances details that appear in the Instances dialog box.
  • Click to expand the Targets dialog box. To view details about a GigaVUE V Series Node, click the arrow next to the VM.
  • In the Instances window, click to filter the list of instances.

Example- Create a New Map using Inclusion and Exclusion Maps

Consider a monitoring session with 5 cloud instances. Namely target-1-1, target-1-2, target-1-3, target-2-1, target-2-2.

  1. Drag and drop a new map template to the workspace. The New map quick view appears.
  2. In the General tab, enter the name as Map 1 and enter the description. In the Rule sets tab, enter the priority and Application Endpoint ID.
  3. Select the condition as VM Name and enter the target. This includes the instances target-1-1, target-1-2, target-1-3, target-2-1, and target-2-2.
  4. Click on the Expand icon at the bottom of the Monitoring session canvas. The Inclusion Maps and Exclusion Maps section appears.
  5. Drag and drop a new map template to the Inclusion Maps region. The New Map quick view appears. Enter the Name and Description of the map.
    1. In the General tab, enter the name as Inclusionmap1 and enter the description. In the Rule Sets, enter the priority and Application Endpoint ID.
    2. Select the condition as VM Name and enter the VM Name as target-1. Then the instance with VM name target-1-1, target-1-2, and target-1-3 will be included.
  6. Drag and drop a new map template to the Exclusion Maps region. The New Map quick view appears. Enter the details as mentioned in the above section.
    1. In the General tab, enter the name as Exclusionmap1 and enter the description. In the Rule Sets tab, enter the priority and Application Endpoint ID.
    2. Select the condition as VM Name and enter the VM Name as target-1-3. Then the instance target-1-3 will be excluded.

    Based on this configuration, the Automatic Target Selection will select the instances target-1-1 and target-1-2 as target.