I’m facing a simple issue
actually with purview (Virtual Node)
purview is configured accordingly, netflow traffic are being received but the application response time is still missing. No traffic are being received over GRE.
From the Purview, the GRE source interface is reachable.
The necessary application services are running.
The Coreflow2 is a S8-Chassis with FW: S-84202-0012 and with following card types:
The vSwitch on the ESX is in promiscuous mode!
I’m pretty sure have checked everything that should be necessary.
The Purview is connected a C5K switch which in turn is connected on the S8.
- Jumbo frame is enabled on the Purview connected interfaces on the C5K as well as on the ESX itself.
- Jumbo frame is also enabled on to the C5K
Any hint why the traffic still not being received over the GRE
tcpdump -i eth0 host (IP of the GRE source)
if you receive traffic then run "dnetconfig" and verify that both endpoints of the GRE tunnel are correct. Typically when the GRE tunnel is making it to the Purview appliance and the purview appliance isn't receiving it, it is usually because the IP endpoints were mistyped. You can also check the mirror config.
If traffic is not being received, then you need to check the GRE source. Can you post the S8 mirror config as well as the router and policy config? (show run; show config mirror; show config policy)
An easy to miss snafu (like jumbo but more random) has to do with the blank port being used for the tunnel's resources. It sits at 10Mb-hdx but needs to be configured for 1Gb-fdx to properly allocate resources to the l2 gre tunnel.
I'm having a bit of trouble linking you to the knowledge base doc so here's a clip of the "loopback" port treatment.
Here, mirror destination port ge.1.1 has no physically attached ethernet user, but is to be configured as a loopback port (step 2 below) which will internally forward its received mirrored traffic into the L2 GRE Tunnel (step 3 below) for delivery to the remote destination device.
Important Note!: If this is a 10/100/1000 copper port, it will try to operate in default 10HD mode because it has no attached peer device to negotiate a higher speed and duplex. For such ports, you must change from the default speed and duplex or the tunnel will not come up error-free:
SSA Switch1(rw)->set port duplex ge.1.1 full
SSA Switch1(rw)->set port speed ge.1.1 1000
Hope that helps,
What is not mentioned in the different documentations as well as configuration guide I read was:
If Using a Fiber Port (the dummy Port, where no cable is connected) for the Mirroring, make sure the GBIC is inserted.
I don’t know how I came to the following idea, “once I inserted the GBIC” to that port, I was able to get the traffic over GRE.
It would be great if this were documented in the configuration guide.
Nevertheless, I thank you all for your toughs.
Can you confirm that your mirror destination port and the tunnel interface are both shows as up and operational? "Show port status" will show you the status of the port and "show Tunnel" will give you the tunnel status. You could also setup a port mirror on the C5 in the middle to confirm if you are seeing the S send the GRE packets which will allow you to isolate this problem to the switch or server side.
I'm adding this data to the list as one of those easily overlooked gotchas.
Nice work with the problem isolation - and for taking time to close the loop here in the community.
Adding to and clarifying documented behavior makes for a better, more user friendly product. I'll pass your input along to the product manager and documentation.
Thank you - Wins for all involved.
I spoke to the product manager today - requesting the Purview Deployment Guide be updated to reflect the new SFP related requirement. That item will be wrapped up in short order. Thanks again, your valuable feedback helps us get another usability improvement off the books.
Next step was our knowledge base - which offered me an appreciation of your plight while working through the "different documentations as well as configuration guide"
The following 5 articles were improved.
Purview Collector checklist for S-Series, K-Series, PV-FC-18
Mirror Port in GRE Tunnel setup does not work.
Remote Mirror via L2GRE Tunnel from 7100/S/K-Series to Third-party Device
How To Configure the S-Series or PV FC-180 for Flow Collection to a Purview Appliance
Remote Mirror via L2GRE Tunnel from 7100/S/K-Series to 7100/S/K-Series
Really, really good stuff. Looking forward to your next Hub community share.