No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Network Management and Monitoring

CloudEngine 12800 and 12800E V200R005C10

This document describes the configurations of Network Management and Monitoring, including SNMP, RMON, LLDP, NQA, Service Diagnosis, Mirroring, Packet Capture, sFlow, and NETCONF.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Licensing Requirements and Limitations for NetStream

Licensing Requirements and Limitations for NetStream

Involved Network Elements

The switch needs to work with a NetStream server.

Licensing Requirements

NetStream IPv4 is a basic feature of the CE12800 and CE12800E series switches and is not under license control.

The NetStream IPv6 function can be used only after the IPv6 feature is enabled, whereas the IPv6 feature of the CE12800 and CE12800E series switches is under license control. By default, the IPv6 feature is disabled on newly purchased CE12800 and CE12800E series switches. To use the IPv6 feature of the CE12800 and CE12800E series switches, apply for and purchase the license from the equipment supplier.

Version Requirements

Table 13-3 Products and minimum version supporting NetStream

Product Model

Minimum Version Required

CE12804/CE12808/CE12812

V100R002C00

CE12816

V100R003C00

CE12804S/CE12808S

V100R005C00

CE12800E

V200R002C50

Feature Limitations

Supported sub-features
  • The CE12800E does not support statistics collection on MPLS IPv4 packets.
  • The CE12800E does not support NetStream Top Talkers when configured with ED-E, EG-E, and EGA-E series cards.

Restrictions of using NetStream with other features

Table 13-4 Restrictions of using NetStream with other features

Feature

Use Precautions

sFlow

NetStream and sFlow cannot be configured together on the same LPU in a VS.

Mirroring

  • After ED-E, EG-E, and EGA-E series cards are installed on a CE12800E, NetStream and port mirroring can be configured on the same interface, and NetStream does not conflict with MQC-based traffic mirroring, simplified traffic mirroring, or VLAN mirroring.

  • After FD-X series cards are installed on a CE12800E, NetStream and port mirroring cannot be configured on the same interface. NetStream conflicts with MQC-based traffic mirroring, simplified traffic mirroring, and VLAN mirroring. After NetStream is configured on an interface, do not configure any MQC-based traffic mirroring, simplified traffic mirroring, or VLAN mirroring to contain this interface. If the NetStream and mirroring functions (MQC-based traffic mirroring, simplified traffic mirroring, or VLAN mirroring) are configured on the same interface, they cannot take effect simultaneously.

  • On a CE12800:
    • When inbound NetStream sampling is configured to use snoop resources, you can configure port mirroring and inbound NetStream on the same interface, and inbound NetStream does not conflict with MQC-based traffic mirroring, simplified traffic mirroring, or VLAN mirroring.
    • When inbound NetStream sampling is not configured to use snoop resources, port mirroring and NetStream cannot be configured on the same interface, and NetStream conflicts with MQC-based traffic mirroring, simplified traffic mirroring, and VLAN mirroring. After NetStream is configured on an interface, do not configure any MQC-based traffic mirroring, simplified traffic mirroring, or VLAN mirroring to contain this interface. If the NetStream and mirroring functions (MQC-based traffic mirroring, simplified traffic mirroring, or VLAN mirroring) are configured on the same interface, they cannot take effect simultaneously.

FCoE

On an FCoE network, the switch collects statistics only about Layer 2 attributes in packets.

BFD

In V200R003C00 and later versions, after NetStream sampling is configured on the CE12800E or the CE-L36CQ-FD, CE-L36CQ-FG, CE-L36CQ-FD1, CE-L36CQ-SD, CE-L36LQ-FD, CE-L24LQ-FD, CE-L16CQ-FD, CE-L12CQ-FD, CE-L48XS-FG, CE-L08CF-FG1, and CE-L48XS-FD1 card, BFD packets sampled by NetStream cannot be exported.

TRILL

On a TRILL network, the device collects statistics only about Layer 2 attributes in packets.

VLAN

  • In V200R003C00 and earlier versions, the CE12800 still performs NetStream sampling for packets discarded in VLAN check. In V200R005C00 and later versions, the CE12800 and CE12800E still perform NetStream sampling for packets discarded in VLAN check.

  • For packets from super-VLANs or sub-VLANs, the device creates a NetStream flow based only on outer VLAN IDs.

QinQ

For packets carrying multiple tags, the switch creates a NetStream flow based on outer VLAN IDs.

VPN

  • When NetStream sampling is configured for outbound Layer 3 traffic between VPNs, routing information cannot be collected.
  • When a main interface and its Layer 3 sub-interfaces are in different VPNs and NetStream is configured on the main interface, the traffic passing through the Layer 3 sub-interface can be sampled. Routing information about the main interface is collected, but routing information about the Layer 3 interface is not collected.

VPLS

VPLS packets cannot be sampled.

MPLS

When inbound NetStream sampling is configured on a Layer 3 sub-interface, the switch cannot sample incoming MPLS packets on the Layer 3 sub-interface.

QoS

NetStream sampling is on the basis of original packets. After the forwarding behavior is modified (for example, policy routing is applied) or information about the packets to be forwarded is modified (for example, ACL or QoS is applied), the modification cannot be shown in the NetStream statistics.

VXLAN

  • Starting from V200R001C00, NetStream can sample the original Ethernet frame information in VXLAN packets. When VXLAN flexible flow statistics collection is configured, flows can be created based only on the inner IPv4 packets of VXLAN packets, but cannot be created based on the IPv6 packets or Ethernet frame headers in VXLAN packets. After VXLAN flexible flow statistics collection is configured on an interface, this interface cannot collect statistics on IPv4 original flows.

  • After IPv4 original flow sampling is configured on a switch, the switch cannot obtain routing information from forwarded VXLAN packets.

  • On a CE12800 series switch that decapsulates VXLAN packets, when inbound NetStream sampling is configured on a Layer 3 sub-interface, incoming VXLAN packets cannot be sampled on the Layer 3 sub-interface.

Local attack defense

  • On a CE12800E configured with ED-E, EG-E, and EGA-E series cards, NetStream sampling can be performed only in enhanced mode. In this mode, sampled packets are not sent to the CPU for processing.

  • On other models:
    • Since V200R001C00, the card sends sampled packets to the CPU for processing. When the CPU usage of the card exceeds 65%, the card decreases the CAR value of sampled packets sent to the CPU to 1000 pps. As a result, some sampled packets to be sent to the CPU are discarded, decreasing the NetStream sampling ratio. When the CPU usage falls below 65%, the card increases the CAR value of sampled packets by 500 pps every 20 seconds until the CAR value is restored to the original setting.
    • The FD-X, CE-L36CQ-FD, CE-L36CQ-FG, CE-L36CQ-FD1, CE-L36CQ-SD, CE-L36LQ-FD, CE-L24LQ-FD, CE-L16CQ-FD, CE-L12CQ-FD, CE-L48XS-FG, CE-L08CF-FG1, and CE-L48XS-FD1 cards support NetStream sampling in enhanced mode. In this mode, sampled packets are not sent to the CPU for processing.

NetStream use restrictions

Common use restrictions:
  • NetStream cannot sample protocol packets to be sent to the CPU.
  • NetStream Top Talkers, NetStream IP traffic statistics collection, and NetStream Layer 2 flow statistics collection cannot be configured on the same interface.

  • For packet fragments, NetStream can sample only the first fragment of a packet.
  • The FlowSequence field of NetStream packets is generated by the chip of each card. When NetStream sampling is configured on the inter-card Eth-Trunk interface, the FlowSequence field of NetStream packets may be the same.

  • In the NetStream sampling service, there may be a difference of 5% or lower between collected statistics and actual traffic statistics.

  • When sampling outgoing packets, the device does not record source VLAN information in the packets. Source VLAN information is recorded as 0. When sampling incoming packets, the device does not record destination VLAN information. Destination VLAN information is recorded as 0.

  • When sampling packets, NetStream does not resolve the option fields in IPv4 packets and extended headers in IPv6 packets.

  • When a packet has multiple next hops, the device records any one of these next hops in routing information during sampling. The route field in NetStream packets is updated periodically based on the aging time of NetStream flows, but not updated based on the routing table in real time.

  • The switch cannot encapsulate NetStream packets using VXLAN or MPLS before forwarding them. When configuring NetStream sampling, do not choose to send NetStream packets to the collector over the VXLAN or MPLS tunnel.

Restrictions on the CE12800E configured with ED-E, EG-E, and EGA-E series cards:
  • When sampling is configured in the outbound direction of an interface, packets discarded by the interface cannot be sampled. When sampling is configured in the inbound direction of an interface, the packets discarded in the chip (on which the sampling interface resides) cannot be sampled, but packets discarded across chips can be sampled.

  • NetStream does not sample packets to be sent to the CPU.

  • After NetStream sampling is configured on the physical interface, Eth-Trunk, and Eth-Trunk member interface, the switch can sample packets on their Layer 3 and Layer 2 sub-interfaces. However, if NetStream sampling is configured on the physical interface, Eth-Trunk, and its Layer 3 and Layer 2 sub-interfaces, the switch can sample only the packets on these interfaces.

  • The switch cannot send NetStream packets through the management interface.

  • When inbound NetStream sampling is configured on an interface, only the inbound interface information is displayed in the statistics. When outbound NetStream sampling is configured on an interface, only the outbound interface information is displayed in the statistics.

  • In a fast stack upgrade or downgrade scenario, when a stack is downgraded from V200R005C00 or a later version to V200R003C00, interfaces on the standby device enter the Error-Down state.

Restrictions on the CE12800E configured with FD-X series cards:
  • When NetStream sampling is configured in the inbound direction of a physical interface or an Eth-Trunk, the switch can sample packets on the Layer 3 and Layer 2 sub-interfaces. When NetStream sampling is configured in the outbound direction of a physical interface or an Eth-Trunk, the switch can sample packets on Layer 3 sub-interfaces but cannot sample packets on Layer 2 sub-interfaces. The interface index in the sampled packets is the main interface index, and the routing information in the packets on Layer 2 and Layer 3 sub-interfaces cannot be collected.
  • When NetStream sampling is configured on a physical interface, an Eth-Trunk, and its Layer 3 and Layer 2 sub-interfaces, the switch can sample only the packets on these interfaces.

  • In enhanced mode, the switch cannot send NetStream packets through the management interface.

  • In enhanced mode: When inbound NetStream sampling is configured on an interface, only the inbound interface information is displayed in the statistics. When outbound NetStream sampling is configured on an interface, only the outbound interface information is displayed in the statistics.

  • In enhanced mode, when outbound NetStream sampling is configured on an interface, unknown unicast packets cannot be sampled.
  • In non-enhanced mode: When NetStream sampling is configured for incoming multicast, broadcast, and unknown unicast packets, the packet statistics do not contain outbound interface information. When NetStream sampling is configured for incoming known unicast packets, the packet statistics contain outbound interface information. If the outbound interface is a Layer 3 or Layer 2 sub-interface, the packet statistics are about the main interface corresponding to this Layer 3 or Layer 2 sub-interface.

Restrictions on the CE12800:
  • The following services are in descending order of priority: M-LAG unidirectional isolation, MQC (traffic policing, traffic statistics collection, and packet filtering), querying the outbound interface of packets with specified 5-tuple information, source MAC address, and destination MAC address, local VLAN mirroring, sFlow, NetStream, and statistics collection on VLANIF interfaces or Layer 3 sub-interfaces. When the services are configured on an interface in the outbound direction, only the service with the highest priority takes effect. For example, when both packet filtering and statistics on VLANIF interfaces are configured on a VLANIF interface, only packet filtering takes effect.

    For sFlow and NetStream, the preceding limitations apply to all interfaces in V100R005C10 and earlier versions and only to Layer 2 sub-interfaces and Layer 3 sub-interfaces in V100R006C00 and later versions.

  • On the device that encapsulates or decapsulates tunneling protocol packets, outbound NetStream cannot sample the encapsulated tunneling protocol packets on Layer 3 sub-interfaces.

  • Configuring outbound NetStream sampling is not recommended because it will lower the forwarding capability of the switch.

  • Restrictions in enhanced mode:
    • Since V200R002C50, the switch can perform NetStream sampling in enhanced mode.
    • The following cards support NetStream sampling in enhanced mode: CE-L36CQ-FD, CE-L36CQ-FG, CE-L36CQ-FD1, CE-L36CQ-SD, CE-L36LQ-FD, CE-L24LQ-FD, CE-L16CQ-FD, CE-L12CQ-FD, CE-L48XS-FG, CE-L08CF-FG1, and CE-L48XS-FD1.
    • The switch cannot send NetStream packets through the management interface.

    • After NetStream sampling is configured on the physical interface, Eth-Trunk, and Eth-Trunk member interface, the switch can sample packets on their Layer 3 and Layer 2 sub-interfaces. However, if NetStream sampling is configured on the physical interface, Eth-Trunk, and its Layer 3 and Layer 2 sub-interfaces, the switch can sample only the packets on these interfaces.

    • When inbound NetStream sampling is configured on an interface, only the inbound interface information is displayed in the statistics. When outbound NetStream sampling is configured on an interface, only the outbound interface information is displayed in the statistics.

    • In a fast stack upgrade or downgrade scenario, when a stack is downgraded from V200R005C00 or a later version to V200R003C00, interfaces on the standby device enter the Error-Down state.

  • Restrictions in non-enhanced mode:
    • In V200R003C00 and earlier versions, when NetStream sampling is configured in the inbound direction of a physical interface, an Eth-Trunk, or an Eth-Trunk member interface, the switch cannot sample packets on Layer 3 or Layer 2 sub-interfaces. When NetStream sampling is configured in the outbound direction of a physical interface, an Eth-Trunk, or an Eth-Trunk member interface, the switch can sample only the packets on Layer 2 sub-interfaces, but cannot sample packets on Layer 3 sub-interfaces. The interface index in the sampled packets is the main interface index, and routing information in the packets on Layer 2 sub-interfaces cannot be sampled.
    • In V200R005C00 and later versions, when NetStream sampling is configured on a physical interface, an Eth-Trunk, or an Eth-Trunk member interface, the switch can sample packets on Layer 2 and Layer 3 sub-interfaces. The interface index in the sampled packets is the main interface index, and the routing information in the packets on Layer 2 and Layer 3 sub-interfaces cannot be collected.
    • When NetStream sampling is configured on a physical interface, an Eth-Trunk, and its Layer 3 and Layer 2 sub-interfaces, the switch can sample only the packets on these interfaces.

    • When NetStream sampling is configured for incoming multicast, broadcast, and unknown unicast packets, the packet statistics do not contain outbound interface information. When NetStream sampling is configured for incoming known unicast packets, the following events occur:
      • If the outbound interface is a Layer 3 main interface, the packet statistics contain outbound interface information.
      • If the outbound interface is a Layer 3 sub-interface, the packet statistics are about the Layer 3 main interface corresponding to this sub-interface.
      • If the outbound interface is an interface of other types, the packet statistics do not contain outbound interface information.

NetStream Top Talkers use restrictions

  • A device in non-VS mode supports a maximum of 16 NetStream Top Talkers templates. When a device works in VS mode, a VS supports a maximum of 16 NetStream Top Talkers templates.
  • After the NetStream Top Talkers function is enabled, modifying the NetStream Top Talkers template within the statistics collection period will make the NetStream Top Talkers function invalid.

Restrictions on the use of NetStream, sFlow, and port mirroring on Eth-Trunk and its Layer 3 sub-interfaces, Layer 2 sub-interfaces, and member interfaces

Restrictions on CE12800&12800E configured with FD-X series cards:
Table 13-5 Restrictions on the use of NetStream, sFlow, and port mirroring on Eth-Trunk and its Layer 3 sub-interfaces, Layer 2 sub-interfaces, and member interfaces

Interface with NetStream Configured

Eth-Trunk

Layer 3 Sub-interface

Layer 2 Sub-interface

Member Interface

Eth-Trunk

  • sFlow: N
  • Port mirroring: N
  • NetStream: Y
  • sFlow: N
  • Port mirroring: N
  • NetStream: Y
  • sFlow: N
  • Port mirroring: N
  • NetStream: N
  • sFlow: N
  • Port mirroring: N

Layer 3 sub-interface of an Eth-Trunk

  • NetStream: Y
  • sFlow: N
  • Port mirroring: Y
  • sFlow: N
  • Port mirroring: N
  • NetStream: Y
  • sFlow: N
  • Port mirroring: N
  • NetStream: N
  • sFlow: N
  • Port mirroring: Y

Layer 2 sub-interface of an Eth-Trunk

  • NetStream: Y
  • sFlow: N
  • Port mirroring: Y
  • NetStream: Y
  • sFlow: N
  • Port mirroring: N
  • sFlow: N
  • Port mirroring: N
  • NetStream: N
  • sFlow: N
  • Port mirroring: Y

Member interface of an Eth-Trunk

  • NetStream: N
  • sFlow: N
  • Port mirroring: N
  • NetStream: N
  • sFlow: N
  • Port mirroring: N
  • NetStream: N
  • sFlow: N
  • Port mirroring: N
  • NetStream and sFlow cannot be configured together on the same LPU in a VS.
  • When inbound NetStream sampling is configured to use snoop resources, you can configure port mirroring and inbound NetStream on the same interface. When inbound NetStream sampling is not configured to use snoop resources, NetStream and port mirroring cannot be configured on the same interface.

N: indicates that this function cannot be configured. Y: indicates that this function can be configured.

Since V200R002C50, NetStream can be configured on Eth-Trunk member interfaces and Layer 2 sub-interfaces.

A CE12800E having FD-X series cards installed does not support NetStream configuration on Eth-Trunk member interfaces and Eth-Trunk Layer 2 sub-interfaces.

On CE12800E (configured with ED-E, EG-E, and EGA-E series cards):
  • NetStream can be configured on Eth-Trunks, Eth-Trunk Layer 3 sub-interfaces, Eth-Trunk Layer 2 sub-interfaces, and Eth-Trunk member interfaces.

  • NetStream cannot be configured on an Eth-Trunk and its member interfaces simultaneously.

Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100075344

Views: 28973

Downloads: 29

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next