Purview not receiving traffic of GRE

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved

Hello everyone,


I’m facing a simple issue actually with purview (Virtual Node)
purview is configured accordingly, netflow traffic are being received but the application response time is still missing. No traffic are being received over GRE.
From the Purview, the GRE source interface is reachable.
The necessary application services are running.
The Coreflow2 is a S8-Chassis with FW: S-84202-0012 and with following card types:

-          SK2008-0832                                                      

-          SK8008-1224-F8

The vSwitch on the ESX is in promiscuous mode!

I’m pretty sure have checked everything that should be necessary.

Note:

The Purview is connected a C5K switch which in turn is connected on the S8.

-          Jumbo frame is enabled on the Purview connected interfaces on the C5K as well as on the ESX itself.

-          Jumbo frame is also enabled on to the C5K

Any hint why the traffic  still not being received over the GRE



Regards

Gradelain

Photo of Gradelain Ngouni

Gradelain Ngouni

  • 480 Points 250 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Matthew Hum

Matthew Hum, Principal Engineer, APAC

  • 1,542 Points 1k badge 2x thumb
try tcpdump-ing the interface to see if GRE packets are coming in or not. That will tell you if the GRE tunnel is even reaching the Purview appliance or not.
tcpdump -i eth0 host (IP of the GRE source)

if you receive traffic then run "dnetconfig" and verify that both endpoints of the GRE tunnel are correct. Typically when the GRE tunnel is making it to the Purview appliance and the purview appliance isn't receiving it, it is usually because the IP endpoints were mistyped. You can also check the mirror config.

If traffic is not being received, then you need to check the GRE source. Can you post the S8 mirror config as well as the router and policy config? (show run; show config mirror; show config policy)
Photo of Mike D

Mike D, Alum

  • 3,852 Points 3k badge 2x thumb
Hello Gradelain

An easy to miss snafu (like jumbo but more random) has to do with the blank port being used for the tunnel's resources.  It sits at 10Mb-hdx but needs to be configured for 1Gb-fdx to properly allocate resources to the l2 gre tunnel.  

I'm having a bit of trouble linking you to the knowledge base doc so here's a clip of the "loopback" port treatment. 

Here, mirror destination port ge.1.1 has no physically attached ethernet user, but is to be configured as a loopback port (step 2 below) which will internally forward its received mirrored traffic into the L2 GRE Tunnel (step 3 below) for delivery to the remote destination device.
Important Note!: If this is a 10/100/1000 copper port, it will try to operate in default 10HD mode because it has no attached peer device to negotiate a higher speed and duplex. For such ports, you must change from the default speed and duplex or the tunnel will not come up error-free:

SSA Switch1(rw)->set port duplex ge.1.1 full
SSA Switch1(rw)->set port speed ge.1.1 1000

Hope that helps,

Regards,
Mike
Photo of Gradelain Ngouni

Gradelain Ngouni

  • 480 Points 250 badge 2x thumb

Hello Guys,

thanks a lot for you hints and recommendations. Unfortunately, all those steps were unsuccessfully taken into consideration.

What is not mentioned in the different documentations as well as configuration guide I read was:

If Using a Fiber Port (the dummy Port, where no cable is connected) for the Mirroring, make sure the GBIC is inserted.

I don’t know how I came to the following idea, “once I inserted the GBIC” to that port, I was able to get the traffic over GRE.

It would be great if this were documented in the configuration guide.

Nevertheless, I thank you all for your toughs.

Regards

 

Gradelain

Photo of David Coglianese

David Coglianese, Embassador

  • 5,944 Points 5k badge 2x thumb
As a side not insertion of a gbic is also required to the dummy port if using the traffic generator xmod
Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,498 Points 5k badge 2x thumb
You may want to review this article as well, although you note that promiscuous is enabled.

https://extremeportal.force.com/ExtrArticleDetail?n=000005582
(Edited)
Photo of Alex Morrissey

Alex Morrissey, Employee

  • 862 Points 500 badge 2x thumb
Hello Gradelain 

Can you confirm that your mirror destination port and the tunnel interface are both shows as up and operational?  "Show port status" will show you the status of the port and "show Tunnel" will give you the tunnel status.  You could also setup a port mirror on the C5 in the middle to confirm if you are seeing the S send the GRE packets which will allow you to isolate this problem to the switch or server side.

-Alex
Photo of Mike D

Mike D, Alum

  • 3,852 Points 3k badge 2x thumb
Hi Gradelain,

I'm adding this data to the list as one of those easily overlooked gotchas.
Nice work with the problem isolation - and for taking time to close the loop here in the community.  
Adding to and clarifying documented behavior makes for a better, more user friendly product.  I'll pass your input along to the product manager and documentation.


Thank you - Wins for all involved.  

Mike
 
Photo of Mike D

Mike D, Alum

  • 3,852 Points 3k badge 2x thumb
Hello Gradelain,

I spoke to the product manager today - requesting the Purview Deployment Guide be updated to reflect the new SFP related requirement.  That item will be wrapped up in short order. Thanks again, your valuable feedback helps us get another usability improvement off the books.  

Next step was our knowledge base - which offered me an appreciation of your plight while working through the "different documentations as well as configuration guide"


The following 5 articles were improved.  


Purview Collector checklist for S-Series, K-Series, PV-FC-18

Mirror Port in GRE Tunnel setup does not work.

Remote Mirror via L2GRE Tunnel from 7100/S/K-Series to Third-party Device

How To Configure the S-Series or PV FC-180 for Flow Collection to a Purview Appliance

Remote Mirror via L2GRE Tunnel from 7100/S/K-Series to 7100/S/K-Series


Really, really good stuff.  Looking forward to your next Hub community share. 

Best regards,
Mike D


Photo of Gradelain Ngouni

Gradelain Ngouni

  • 480 Points 250 badge 2x thumb
thanks a lot Mike.

Thanks a lot. Hopefully this will help others out there.

 

Regards

 

Gradelain

(Edited)
Photo of Ryan Mathews

Ryan Mathews, Alum

  • 8,988 Points 5k badge 2x thumb