Specifications

ManualsBrandsExtreme Networks ManualsComputers & AccessoriesScalable Network Visibility and Monitoring for Virtual Networks

Table Of Contents

11788-Virtual-Packet-Broker-DS_v7

W W W.EXTREMENETW ORKS.COM 2

Improved Operational Efficiency and Scale

Our vPB and vTAP eliminate typical long deployment

cycles associated with hardware through automated scale

orchestration and simplified provisioning. They allow

dynamic modification of flow-definitions and traffic

optimization functions in the network visibility

infrastructure when changes occur in the production

network (such as the addition or removal of VMs,

variations in traffic volume, and new flow patterns). This

capability improves monitoring productivity and offers

greater network agility. Our vPB is designed to also mask

patterns in specific packets to protect sensitive

information from unauthorized usage.

Customers typically deploy one or more vTAPs on a host,

switch, or subnet to monitor traffic to and from application

VMs. (see Figure 1) vTAPs can directly interact with

special-purpose probes as well as export IPFIX metadata

(to gain insights into network traffic) to analytical tools.

Customers can deploy a vPB to aggregate traffic from a

large number of vTAPs and implement filtering actions on

aggregated traffic and extract metadata information.

When traffic flows between VMs (see Figure 1) the vTAP

instances process tapped traffic for monitoring purposes

and forward configured flows or packets using tunnels or

VLANs to the vPB. The vTAP also exports IPFIX metadata

to the IPFIX collector for the desired traffic flow. The vPB

terminates the tunnels from the vTAPs, aggregates the

forwarded traffic and routes selected flows or packets to

the probes. The vPB also exports IPFIX metadata to the

IPFIX collector.

Session and Packet Mode

The vTAP and vPB can be configured to run in two

different modes that can be specified as part of the

Interface Configuration.

Session mode:

The session mode identifies each unique traffic flow in the

network and maintains this information in its memory

during the lifecycle of each flow session. This mode

enables the vPB and vTAP to apply policies, such as

filtering, header stripping, and packet slicing on a per-flow

session basis based on advanced criteria, such as signature

or pattern matching in any packet payload.

It enables the following:

- Offloads flow session management from

special-purpose probes to vTAP/ vPB

- Samples out know n application flow sessions using

vTAP/ vPB

- Forwards application flows based on custom-pattern

and signature identification for further analysis

- Extracts and generates metadata for desired flows ?

all flows, specific flows, sampled-out flows, etc.

Packet Mode:

The packet mode configures the vTAP and vPB to apply

policies on a per-packet basis. This is useful in

deployments where flow session awareness is not required.

This mode enables the vPB and vTAP to apply policies,

such as filtering, header stripping, and packet slicing at

per-packet granularity based on advanced criteria, such as

signature or pattern matching in any packet payload. It

enables the following:

- Offloads packet-level policy management from

special-purpose probes to the vTAP/ vPB

- Forwards and drops packets based on custom-pattern

and signature identification for further analysis

Tunnel Management

The vTAP and the vPB can initiate and terminate tunnels.

They support these tunnel initiation types:

- NVGRE

- VxLAN

They supported these tunnel termination types:

- GRE

- ERSPAN Type II

- VxLAN

- IPIP

Figure 1: Sample traffic flow between VMs