Flow monitoring is critical to diagnosing network problems. From the Orchestrator, you can simultaneously view flows for one or more appliances using real-time data.
The Flow Details page for a given flow provides information about the rules matched on a given session or connection. Clicking the Flow Chart icon for a flow immediately produces a flow bandwidth chart for that flow, providing a view of how it is operating from moment to moment.
Flow details are extremely useful for diagnosing problems, as they include flow statistics and specific information associated with the flow. To access this information in Orchestrator, click Monitoring, and then click Active & Recent Flows.
NOTE The Orchestrator provides the best view of this information, but the information can also be accessed from the appliance’s user interface.
Select the affected appliances from the tree view and use the filters at the top to find an affected flow. When the table shows that flow, click the Information icon in the Detail column. If the Detail column is not displayed in the table, right-click anywhere on the table header row to display a complete list of column options. Make sure the Detail column is selected.
Analyze Flow Details
To troubleshoot a flow, pay close attention to three specific areas of a flow detail, explained below.
This section shows which overlay the flow matched into (in this example, BUSINESS) and the exact ACL entry in the overlay match (1950). If this information does not represent the desired configuration, click Configuration, click Business Intent Overlays, and then make the appropriate changes.
This section shows a high-level overview of the identified application. If this classification is not unexpected, click the AVC/DNS tab to gather more information and take corrective action.
This section includes the following information:
- Subnet. This indicates the route prefix the flow matched (0.0.0.0/0), the metric of that route (50), and where it was learned (non-local). If any of these metrics are unexpected, see Routing for troubleshooting steps.
- Internet Flow. Generally, if the destination IP address is non-RFC 1918 address space, the flow is marked as an internet flow and follows the Breakout Traffic to Internet & Cloud Services policy on the Business Intent Overlays page. Confirm that the flow exhibits the expected behavior.
Outbound and Inbound in Aruba EdgeConnect refer to the direction of traffic as it flows from the LAN-side to the WAN-side of an appliance, or from the WAN-side to the LAN-side of an appliance. These are different from actual interface names, such as WAN0 or LAN0.
|Description||Counter Type||Traffic Received On||Traffic Forwarded To|
|Inbound LAN||LAN TX||WAN-side interface||LAN-side interface|
|Outbound LAN||LAN RX||LAN-side interface||WAN-side interface|
|Inbound WAN||WAN RX||WAN-side interface||LAN-side interface|
|Outbound WAN||WAN TX||LAN-side interface||WAN-side interface|
WAN optimization data reduction is calculated using the following formula:
Data Reduction % = (LAN Bytes - WAN Bytes) / LAN Bytes