About Inline Tools
There are two meanings to the term inline tool. The inline tool software construct consists of a pair of inline tool ports plus the inline tool attached to the ports. The software construct has attributes that are configured on the GigaVUE® HC Series node.
The term inline tool also refers to the pass-through device itself that performs packet inspection and selective forwarding, such as an Intrusion Protection System (IPS). This is a physical device, external to the GigaVUE node.
Use the Inline Tool page to configure the inline tool software construct. An inline tool consists of inline tool ports, always in pairs, running at the same speed, on the same medium (fiber or copper). The inline tool ports must be on the same GigaVUE‑HC3, or GigaVUE‑HC1 node. The inline tool ports must also be on the same GigaVUE‑HC3, or GigaVUE‑HC1 node as the inline network ports.
Inline tool ports are ports to which inline tools are attached. Inline tool ports are always in pairs, and must have the same line rate. Inline tool ports must be on the same GigaVUE‑HC1 node as the inline network ports.
An inline tool consists of a pair of inline tool ports plus the inline tool attached to the ports. Refer to 1 Inline Tool and Inline Tool Ports.
1 | Inline Tool and Inline Tool Ports |
Use the Inline Tools page to display of configuration of inline tools.
Inline Tool Failover Action
One of the parameters of inline tools is failover action, which controls the action taken when a tool is unhealthy or in response to a failure of an inline tool. You can configure one of the following failover actions:
ToolBypass—when the inline tool fails, the traffic that normally was directed to the inline tool is redirected to the bypass path. Use this failover action for configurations involving multiple inline tools associated with an inline network or inline network group using rule-based maps. For configurations using map passalls, tool-bypass is the same as network-bypass. |
NetworkBypass—when the inline tool fails, all traffic that would not have been dropped when the inline network or networks had a NORMAL forwarding state is directed to the bypass path. That is, all such traffic arriving at the side A inline network port or ports is forwarded to the side B inline network port or ports and all traffic arriving at the side B inline network port or ports is forwarded to the side A inline network port or ports. |
ToolDrop—when the inline tool fails, the traffic that normally was directed to the inline tool is dropped. Use this failover action for configurations involving multiple inline tools associated with an inline network or inline network group using rule-based maps. For configurations using map passalls, tool-drop is the same as network-drop. |
NetworkDrop—when the inline tool fails, all traffic coming to the respective inline network (or inline network group) is dropped. |
NetworkPortForcedDown—when the inline tool fails, the inline network ports of the respective inline network (or inline network group) are forced down. |
Note: However, after the device reload, the inline network ports become operationally up, whereas the inline tool is still down. You need to manually force down the inline network ports.
The default is ToolBypass.
The bypass path is between side A and side B of the inline network ports.
Inline Tool Failover Action with Inline Flow Mapping®
When the inline bypass solution uses inline flow mapping, the failover actions of inline tools are as follows:
ToolBypass—when the inline tool fails, the traffic that normally was directed to the inline tool is redirected to the bypass path. The traffic going to the healthy inline tools (through rule-based maps) remains unchanged. |
ToolDrop—when the inline tool fails, the traffic that normally was directed to the inline tool is dropped. The traffic going to the healthy inline tools (through rule-based maps) remains unchanged. |
Inline Tool Recovery Mode
An inline tool detects failures in the traffic path between port pairs and automatically diverts traffic away to avoid disruption. After an inline tool goes down, the following modes specify how to bring it back up after it has recovered:
automatic—Specifies automatic recovery, which redirects traffic back to the inline tool as soon as it has recovered from all faulty conditions. |
manual—Specifies manual recovery, which lets you control when to put an inline tool back into service after the tool has recovered. For example, you may wait for a maintenance window to return the inline tool to service. |
The default is automatic.
By selecting the tool and selecting the Recover button, users can set the recovery of the inline tools to manual or automatic.
Refer to 2 Automatic and Manual Inline Tool Recovery from Failover for automatic and manual inline tool recovery from failover.
2 | Automatic and Manual Inline Tool Recovery from Failover |
The left side of 2 shows an inline tool that has failed and the bypass failover action has been executed.
Automatic recovery is shown on the right side of 2. When the inline tool recovers, traffic is automatically directed back to it.
Manual recovery is shown in the center of 2. When the recovery mode is configured as manual, an SNMP notification, if enabled, will send a notification when the inline tool is ready to be put back into service. The failover action, in this case, bypass, will be enforced until you manually put the inline tool back into service.
When the recovery mode is configured as manual, an SNMP notification, when enabled, will notify you when the inline tool is ready to be put back into service.
Use the following steps to configure notification that will be sent when the inline tool is ready:
1. | Select Settings > SNMP Traps. |
2. | Click Trap Settings. The Edit SNMP Trap Settings page displays. |
3. | On the Edit SNMP Trap Settings page, select Enable for Inlinetool Recovery. |
4. | Click Save. |
The default for Inlinetool Recovery is disabled.
Use the following steps to put an inline back in service when the recovery mode is manual and the inline tool has an operational state of ready.
1. | Select Inline Bypass > Inline Tools. |
2. | On the Inline Tools page, select the inline tool. |
3. | Click Recover. |
Note: Also use Recover after the GigaVUE® HC Series node is reloaded or rebooted (even though the inline tool has not failed). Issue the Recover on all the inline tools that are configured with manual recovery after a reload or Actions > Shut Down from the Chassis page on a selected card in Chassis Table View followed by Actions > Start Up. Refer to the “Chassis” section in the GigaVUE Administration Guide for more details.
Note: In certain circumstances while using classic inline, if the recovery mode is set to "manual" and the inline-tool is in “ready” state, traffic may still be forwarded to the inline-tool ports . This occurs because the recovery state shifts from “ready” to “up” when "inline-tool disable/enable” is used. When the recovery mode for the inline-tool is "manual" and is in “ready” state, do not disable/enable the inline-tool . Instead, disable/enable the port.
The Inline Tool page displays the operational state of each inline tool as up, down, disable, or ready. Refer to Aggregate Inline Tool States for detailed descriptions of the states.
Inline Tool Sharing Mode
Inline tool sharing mode specifies how an inline tool is going to be shared as follows:
Enable—Specifies that the inline tool is going to be shared by different sources. |
Not enabled—Specifies that the inline tool will not be shared by different sources. |
The default is not enabled.
When sharing is enabled, the inline tool can receive traffic from multiple sources (the inline networks in the inline network group) and can be used in a map in which the source is an inline network group.
An inline tool group or inline series does not have its own shared setting. The shared setting is derived from the inline tools. Therefore all the members in an inline tool group or inline series must have the same setting. For example, if an inline tool group has three inline tool members, the shared setting of all three inline tools must be the same.
When an inline tool has sharing mode enabled, the traffic will be VLAN tagged. The connected inline device is expected to receive VLAN tagged packets. When an inline tool does not have sharing mode enabled, the extra VLAN tag is not added.
Go to Inline Bypass > Inline Tools and select an inline tool or click New. Under Configuration, Inline tool sharing mode, select Enable.
How to Use SNMP Polling to Obtain Inline Tool State
The inline tool state can also be obtained through SNMP polling using an SNMP-compliant network management application or a MIB browser. The names of the MIB files that need to be loaded in order to poll the inline tool state are: GIGAMON-COMMON-SMI and GIGAMONINLINEBYPASS.
The inline tool states are described in Table 3: Aggregate Inline Tool States. They are an aggregate of the inline tool port statuses and the heartbeat status.
Status |
Description |
up |
The heartbeat is up and all the inline tool ports are up. The inline tool is operational and is forwarding traffic to the tool. |
down |
Either the heartbeat is down or one or more of the inline tool ports are down or disabled. The inline tool is in a failed state and is not ready to recover. The tool is not receiving any traffic. |
disable |
The inline tool is disabled. |
ready |
The inline tool is in a failed state but is ready to recover. The tool is not receiving any traffic. |