show app cflowd flows
show app cflowd flows—Display cflowd flow information (on vEdge routers only).
Command Syntax
show app cflowd flows [vpn vpn-id]
show app cflowd flows [vpn vpn-id] [flow-parameter]
show app cflowd flows vpn vpn-id src-ip ip-address dest-ip ip-address src-port port-number dest-port port-number dscp value ip-proto protocol-number
vManage Equivalent
For vEdge routers only:
Monitor ► Network ► Real Time ► App Log Flows
Options
- None
- Display cflowd flow information for all flows.
- Flow Key Elements
- vpn vpn-id src-ip ip-address dest-ip ip-address src-port port-number dest-port port-number dscp value ip-proto protocol-number
Display cflowd flow information for a specific flow key element. You must specify all the key elements as shown in the syntax and in the order shown in the syntax. You can also just specify all the key elements until the last one that you are interested in, and again you must specify them in the order shown. For example, if you are interested only in filtering on the source and destination ports, you include only the VPN, source and destination addresses, and source and destination ports in the command; you can omit the last two key elements (DSCP and IP protocol). To select all values for a key elements, specify an asterisk (*) as a wildcard in place of the variable; for example, src-ip *. - Flow Parameter
- flow-parameter
Display the flow that matches the specified flow parameter. These parameters correspond to a number of the column headers in the output of the plain show app cflowd flows command. flow-parameter can be one of the following:
• egress-intf-name interface-name—Flow's outgoing interface.
• icmp-opcode value—Flow's ICMP operational code.
• ingress-intf-name interface-name—Flow's incoming interface.
• max-length bytes—Maximum IP packet length in the flow.
• min-length bytes—Minimum IP packet length in the flow.
• nhop-ip ip-address—IP address of the flow's next hop.
• start-time time—Flow's start time.
• tcp-cntrl-bits bit—Flow's TCP control bit value.
• time-to-expire seconds—Time until the flow expires.
• total-bytes number—Total number of bytes in the flow.
• total-packets number—Total number of packets in the flow. - VPN
- vpn vpn-id
Display cflowd information for flows in a specific VPN.
Output Fields
The time to expire is shown in seconds.
The other output fields are self-explanatory.
Example Output
vEdge# show app cflowd flows
TCP TIME
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN START TIME EXPIRE
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1 172.16.19.1 172.16.248.5 58659 179 0 6 16 0 172.16.248.5 ge0/0 ge0/0 66 6038 78 322 Thu Nov 20 10:56:43 2014 26
1 172.16.248.5 172.16.19.1 179 58659 0 6 24 0 173.19.1.1 ge0/0 ge0/0 45 4164 78 150 Thu Nov 20 10:56:43 2014 26
1 16.1.0.1 19.1.0.1 1024 1024 0 17 0 0 173.19.1.1 ge0/0 ge0/0 6303 6315606 1002 1002 Thu Nov 20 11:02:30 2014 29
1 16.1.8.1 19.1.8.1 1024 1024 0 17 0 0 173.19.1.1 ge0/0 ge0/0 6289 6301578 1002 1002 Thu Nov 20 11:02:32 2014 29
1 16.1.16.1 19.1.16.1 1024 1024 0 17 0 0 173.19.1.1 ge0/0 ge0/0 6294 6306588 1002 1002 Thu Nov 20 11:02:31 2014 29
1 16.1.24.1 19.1.24.1 1024 1024 0 17 0 0 173.19.1.1 ge0/0 ge0/0 6331 6343662 1002 1002 Thu Nov 20 11:02:28 2014 29
1 16.1.32.1 19.1.32.1 1024 1024 0 17 0 0 173.19.1.1 ge0/0 ge0/0 6328 6340656 1002 1002 Thu Nov 20 11:02:28 2014 29
1 16.1.40.1 19.1.40.1 1024 1024 0 17 0 0 173.19.1.1 ge0/0 ge0/0 6332 6344664 1002 1002 Thu Nov 20 11:02:28 2014 29
1 16.1.48.1 19.1.48.1 1024 1024 0 17 0 0 173.19.1.1 ge0/0 ge0/0 6330 6342660 1002 1002 Thu Nov 20 11:02:28 2014 29
Release Information
Command introduced in Viptela Software Release 14.3.
Options for flow parameters and IP address, ports, DSCP, and protocol added in Release 15.4.