Drop & Pass filter resources below threshold-gigamon-GigaVUE-OS
Vendor: gigamon
OS: GigaVUE-OS
Description:
Indeni will alert if any of the slots drop & pass rules resources are below the selected threshold
Remediation Steps:
Login to the device’s CLI, change to enable mode and issue “show filter-resource”. This would present a table with available resource (memory, TCAM) information.
How does this work?
Using the “show filter-resource” command and scrubbing screen for the percentage available under Drop/Pass and Tool Port.
Why is this important?
Each node and cluster has finite filter resourses. These are split between pass/drop filters (rules) and tool port filters. Within each map, rules determine whether specific traffic type is filtered in (passed) or filtered out (dropped). Each rule takes some memory resources. Depending on the hardware, these rule resources vary (16K rules with an HC2 CCv2, 4K rules with HC2 CCv1). The tool port filters apply only to egressing traffic from a tool port to a tool. They remove specific traffic patterns. Many customers don’t even use the tool port filters.
Without Indeni how would you find this?
Login to the device’s CLI, change to enable mode and issue “show filter-resource”. This would present a table with available resource (memory, TCAM) information.
gigamon-show-filter-resource
name: gigamon-show-filter-resource
description: Fetch filter resource
type: monitoring
monitoring_interval: 5 minutes
requires:
vendor: gigamon
os.name: GigaVUE-OS
privileged-mode: 'true'
comments:
filter-drop-pass-available:
why: |
Each node and cluster has finite filter resourses. These are split between pass/drop filters (rules) and tool port filters. Within each map, rules determine whether specific traffic type is filtered in (passed) or filtered out (dropped).
Each rule takes some memory resources. Depending on the hardware, these rule resources vary (16K rules with an HC2 CCv2, 4K rules with HC2 CCv1).
how: |
Using the "show filter-resource" command and scrubbing screen for the percentage available under Drop/Pass and Tool Port.
can-with-snmp: true
can-with-syslog: false
filter-tool-port-available:
why: |
Capture the tool ports available. The tool port filters apply only to egressing traffic from a tool port to a tool. They remove specific traffic patterns.
how: |
Using the "show filter-resource" command and scrubbing screen for the percentage available under Drop/Pass and Tool Port.
can-with-snmp: true
can-with-syslog: false
steps:
- run:
type: SSH
command: show filter-resource
parse:
type: AWK
file: gigamon-show-filter-resource.parser.1.awk
GigamonDropAndPassResourcesRule
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/gigamon/GigamonDropAndPassResourcesRule.scala