The following section describes operational considerations for deploying Application Telemetry, including general considerations that apply to all platforms, followed by a summary of platform-specific considerations.
The following section describes general Application Telemetry operational considerations for all platforms.
When you enable Application Telemetry, it is globally enabled on all ports. You cannot disable the feature on a per-port basis.
Application Telemetry supports IPv4 and IPv6 packets, although host monitoring is available for IPv4 hosts only.
Application Telemetry filter rules are not user configurable. However, an updated app-telemetry.pol file can be installed through the Extreme Management Center.
If a user-created filter rule (ACL) conflicts with an Application Telemetry defined filter, the user-created rule always takes precedence.
There are two configurable sFlow collectors (Collector 1 and Collector 2). However, Application Telemetry uses Collector 1 only and you must configure it before enabling Application Telemetry.
In a Fabric Extend deployment on VSP 4450 Series, VSP 7200 Series, VSP 8000 Series, or VSP 8400 Series, Application Telemetry does not mirror ingressing NNI to UNI IP Shortcut traffic.
The following tables provide a summary of operational considerations for different VOSS switches.
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
Flows that ingress standard VLAN ports |
Supported |
Supported |
Flows that ingress UNI ports |
Supported |
Supported |
Flows that ingress NNI ports and egress UNI ports (Layer 2 VSN) |
Supported |
Not supported |
Flows that ingress NNI ports and egress UNI ports (Layer 3 VSN) |
Supported |
Not supported |
Flows that ingress NNI ports and terminate locally |
Supported |
Not supported |
Flow that ingress NNI ports and egress NNI ports |
Not supported |
Not supported |
Flows on DvR Controllers or DvR Leafs |
Supported |
Supported |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
GRT |
Yes |
Yes |
VRF |
No |
Yes Exception: management VRF |
Fabric Connect – Layer 2 VSNs |
Yes When the Analytics Engine is reachable over a Layer 2 VSN, the GRE packets are encapsulated with MAC-in-MAC (IEEE 802.1ah) at the originating BEB. The MAC-in-MAC header is removed at the terminating BEB and the original GRE packet is sent to the collector. Note also that the MAC-in-MAC encapsulation plus the GRE encapsulation adds 60 bytes to the original packet. Therefore, if the original packet is close to the maximum transmission unit (MTU), the mirrored copy can exceed the MTU and be dropped. |
Yes When the Analytics Engine is reachable over a Layer 2 VSN, the GRE packets are encapsulated with MAC-in-MAC (IEEE 802.1ah) at the originating BEB. The MAC-in-MAC header is removed at the terminating BEB and the original GRE packet is sent to the collector. Note also that the MAC-in-MAC encapsulation plus the GRE encapsulation adds 60 bytes to the original packet. Therefore, if the original packet is close to the maximum transmission unit (MTU), the mirrored copy can exceed the MTU and be dropped. |
Fabric Connect – IP Shortcut Routing |
Yes |
Yes |
Fabric Connect – Layer 3 VSNs |
No |
No |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
If you enable sFlow and Application Telemetry simultaneously on the same port |
The switch sends the sFlow datagrams and Application Telemetry packets to the collector. |
If the packet matches the Application Telemetry rules, the switch mirrors the packet to the GRE tunnel and sends it to the Analytics Engine and it cannot be sampled by sFlow. If the packet does not match the Application Telemetry rules and the packet gets sampled, the switch sends it as an sFlow datagram to the sFlow Collector. |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
IPv6 security filters or IPv6 source guard |
Not supported (consistency checks in place) Exception: Allowed on 5520 Series and VSP 7400 Series |
Allowed |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
Mirroring resources |
Only 3 mirror ports can be configured for general port mirroring |
No impact to number of mirror ports |
If rx port mirroring is enabled on a port, and Application Telemetry is enabled, when a packet that matches oneApplication Telemetry entry criterion comes to this port |
The switch generates the remote mirrored packet, and the port-based mirroring copy. |
The switch generates the remote mirrored packet only. The switch does not generate the port-based mirroring copy. If a packet does not match an Application Telemetry rule, the switch generates the port-based mirroring copy. |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
If you enable uRPF mode on the switch |
The MTU values for both IPv4 and IPv6 packets on the same VLAN are always matched. Different Layer 3 MTU sizes on the same VLAN are not allowed in uRPF mode. |
The URPF boot config flag is not applicable. Even when uRPF is enabled, IPv6 MTU can be different from IPv4 MTU; both need not be the same. |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
Application Telemetry deployed in a High Availability environment |
Not applicable |
Supported |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
If packets match both user defined filters (ACLs) and Application Telemetry rules, and if both rules have counters |
Both counters incremented |
ACL counters incremented only |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
smb, kerberosasreq2 and kerberostgsreq packet types |
kerberosasreq2 and kerberostgsreq packet types supported. Smb – not available |
kerberosasreq2 and kerberostgsreq packet types supported with an off-set of 24 bytes only; an off-set of 40 bytes is not supported |
Attribute |
5520 Series, VSP 4450 Series, VSP 4900 Series, VSP 7200 Series, VSP 7400 Series, VSP 8200 Series, VSP 8400 Series |
VSP 8600 Series |
---|---|---|
Supported using Extreme Management Center |
Yes |
Yes |