packetlogic product guide v12 2
DESCRIPTION
product guideTRANSCRIPT
-
7/13/2019 Packetlogic Product Guide v12 2
1/289
PacketLogic Product GuideRelease 12.2
-
7/13/2019 Packetlogic Product Guide v12 2
2/289
PacketLogic Product Guide
Copyright
Portions of the documents can be copied and pasted to your electronic mail or word-processing
applications for your personal use only, but cannot be distributed to third parties. In no eventmay you copy or use this information for any commercial purposes except the operation of prod-ucts from Procera Networks, Inc. and you may not transmit this information to third partieswithout the consent of Procera Networks, Inc.
IT IS ILLEGAL TO COPY (FOR OTHER THAN BACK-UP PURPOSES) THE CONTENTS OFTHIS DOCUMENTATION OR TO POST THE CONTENTS ON THE INTERNET WITHOUT THEEXPRESS PRIOR WRITTEN CONSENT FROM AN AUTHORIZED OFFICER OF PROCERANETWORKS, INC. OR NETINTACT AB.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MAN-UAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION,AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT
ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERSMUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
Netintact, PacketLogic, the PacketLogic logo, and Netintact logos are registered trademarks ofNetintact AB in Sweden and certain other countries. Procera Networks and the Procera Networkslogo is the registered trademark of Procera Networks, Inc. All other trademarks mentioned in thisdocument are the property of their respective owners.
Copyright 2001-2009 by Procera Networks, Inc.
Revision: 1.3
2
-
7/13/2019 Packetlogic Product Guide v12 2
3/289
PacketLogic Product Guide
About This Manual
Revision: 1.3
This document is intended as a description of and instruction for the PacketLogic Generation 2product series. This document is applicable to the third release of protocol version 12 of Packet-Logic (version 12.2).
3
-
7/13/2019 Packetlogic Product Guide v12 2
4/289
PacketLogic Product Guide
Contents
1 Introduction 18
1.1 About PacketLogic Generation 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.2 Areas of Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.3 User Interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.3.1 Integration Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4 This Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.5 TECH: Technical Sections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2 New in Version 12 21
2.1 Release 12.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.1.1 Client Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.1.2 Flow Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.1.3 PL10000 Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.1.4 Flexible Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.1.5 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.1.6 Connection Quality Measurements. . . . . . . . . . . . . . . . . . . . . . . . 22
2.2 Release 12.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.2.1 Queue Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.2.2 Injection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.2.3 Dynamically Loadable Signatures . . . . . . . . . . . . . . . . . . . . . . . . 22
2.2.4 New Flow Behaviour Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.2.5 Connection Protection can be Disabled . . . . . . . . . . . . . . . . . . . . . 22
2.2.6 Physical Monitor Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.2.7 RADIUS Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3 Release 12.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232.3.1 Local Statistics Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.2 Volume-based Shaping (VBS) . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.3 External Authentication Improved . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.4 Divert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.5 Sub-item Count in Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.6 Connection logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.3.7 Statistics Distributed by Flag . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.3.8 CSV Export of Statistical Data. . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.3.9 Statistics Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4
-
7/13/2019 Packetlogic Product Guide v12 2
5/289
PacketLogic Product Guide
2.3.10 Statistics Linking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.3.11 Total Graphs Collected in System Overview . . . . . . . . . . . . . . . . . . 24
2.3.12 Depth Limit on AS Paths in Statistics . . . . . . . . . . . . . . . . . . . . . . 24
2.3.13 Statistics Distribution for Remote Virtual Host . . . . . . . . . . . . . . . . . 24
2.3.14 Audit Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.3.15 Quality Metrics (QoE) enhanced . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.3.16 Support for Forwarding Jumbo Frames . . . . . . . . . . . . . . . . . . . . . 25
2.3.17 DSCP and Channel Information in LiveView and Ruleset. . . . . . . . . . . 25
2.3.18 Shaping Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.3.19 Channel Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.3.20 Statistics Zooming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.3.21 Statistics Peak Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.3.22 System Diagnostics Minima . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.3.23 Channel Information in System Overview . . . . . . . . . . . . . . . . . . . 25
2.3.24 Time Stamps in Channel View . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.3.25 NetObject Counters in LiveView . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.3.26 95th Percentile in Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.3.27 CommitLog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.3.28 Object Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.3.29 Other Enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
3 Key Concepts 27
3.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.2 Traffic Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.2.1 Packet-Based Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.2.2 Flow Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.2.3 Border Gateway Protocol (BGP) . . . . . . . . . . . . . . . . . . . . . . . . . 293.2.3.1 Position Representation in AS Paths. . . . . . . . . . . . . . . . . . 30
3.2.4 Quality Measurement Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . 30
3.3 TECH: Software Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.3.1 Engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.3.1.1 Engine in the PL10000. . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.3.1.2 Reaper in the PL10000. . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.3.1.3 Datastream Recognition Definition Language (DRDL) . . . . . . . 32
3.3.2 PacketLogic Daemon (PLD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.3.2.1 Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
5
-
7/13/2019 Packetlogic Product Guide v12 2
6/289
PacketLogic Product Guide
3.3.3 PacketLogic Database Daemon (PLDB) . . . . . . . . . . . . . . . . . . . . . 33
3.3.3.1 PLDB in a PLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
3.3.3.2 Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
3.3.3.3 External Authentication Sources . . . . . . . . . . . . . . . . . . . . 34
3.3.4 PacketLogic Statistics Daemon (PLSD). . . . . . . . . . . . . . . . . . . . . . 35
3.3.5 Internal Communication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.3.6 Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.3.7 Local, Remote, Incoming, and Outgoing. . . . . . . . . . . . . . . . . . . . . 35
3.3.8 Client/Server versus Source/Destination . . . . . . . . . . . . . . . . . . . . 35
3.4 Traffic Identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
3.5 Traffic Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
3.6 Objects and Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.6.1 Object Types for Traffic Identification . . . . . . . . . . . . . . . . . . . . . . 37
3.6.1.1 NetObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.6.1.2 PortObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
3.6.1.3 ProtocolObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
3.6.1.4 ServiceObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
3.6.1.5 TimeObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
3.6.1.6 ASPathObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
3.6.1.7 VLANObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
3.6.1.8 DSCPObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
3.6.1.9 ChannelObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
3.6.1.10 PropertyObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
3.6.1.11 FlagObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
3.6.1.12 MPLSObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
3.6.1.13 SystemObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
3.6.2 Nesting and Hierarchies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423.6.3 Object - Item Relationships (or, and, exclude) . . . . . . . . . . . . . . . . . . 43
3.6.3.1 Exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
3.6.4 Object Types for Traffic Management . . . . . . . . . . . . . . . . . . . . . . 44
3.6.4.1 RewriteObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
3.6.4.2 ShapingObjects. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
3.6.4.3 StatisticsObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
3.6.5 Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
3.6.5.1 Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
3.6.5.2 Filtering Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
6
-
7/13/2019 Packetlogic Product Guide v12 2
7/289
PacketLogic Product Guide
3.6.5.3 Shaping Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
3.6.5.4 Statistics Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
3.7 Network Impact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
3.7.1 MTU Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
3.7.2 Connection Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
4 PacketLogic Traffic Shaping 49
4.1 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
4.2 How Traffic Shaping Works: An Overview . . . . . . . . . . . . . . . . . . . . . . . 49
4.2.1 What PacketLogic Does . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
4.2.2 Priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
4.2.2.1 Priority 0 Fast Lane . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
4.2.3 Borrowing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
4.2.4 Split By. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
4.2.4.1 Split by Considerations . . . . . . . . . . . . . . . . . . . . . . . . . 54
4.2.5 Shaping Bits, Packets, or Connections . . . . . . . . . . . . . . . . . . . . . . 55
4.2.6 Limiting Concurrent Connections . . . . . . . . . . . . . . . . . . . . . . . . 55
4.3 Monitoring the Shaping System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
4.4 Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554.4.1 Limiting a Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
4.4.2 Limiting Each Host on a Network . . . . . . . . . . . . . . . . . . . . . . . . 56
4.4.3 Limiting Overall FTP to 2 Mbps . . . . . . . . . . . . . . . . . . . . . . . . . 56
4.5 Volume-Based Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
4.5.1 Implementation and Configuration . . . . . . . . . . . . . . . . . . . . . . . 57
4.5.2 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
4.5.2.1 ShapingObject . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
4.5.2.2 Time t2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594.5.2.3 Time t3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
4.5.2.4 Time t4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
4.5.2.5 Time t5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
4.5.3 TECH: Borrowing and VBS . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
4.6 TECH: Queueing Engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
4.6.1 Packet Queueing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
4.6.2 Flow Based Queueing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
4.6.3 Queue Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
4.6.3.1 Tuning the Queue Synchronization Algorithm. . . . . . . . . . . . 62
7
-
7/13/2019 Packetlogic Product Guide v12 2
8/289
PacketLogic Product Guide
4.6.4 Parallel Queueing Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
4.6.5 Queueing Versus Window Scaling . . . . . . . . . . . . . . . . . . . . . . . . 62
4.6.6 Latency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
4.6.7 Fairness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
4.6.7.1 Connection Fairness . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
4.6.7.2 Host Fairness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
4.6.8 Fine-tuning the Shaping System . . . . . . . . . . . . . . . . . . . . . . . . . 64
4.6.8.1 Recommended Values. . . . . . . . . . . . . . . . . . . . . . . . . . 66
5 PacketLogic Filtering 67
5.1 Maintaining Filtering Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
5.1.1 Understanding a Rule Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
5.1.2 Actions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
5.1.2.1 Accept. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
5.1.2.2 Reject . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
5.1.2.3 Drop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
5.1.2.4 Rewrite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
5.1.2.5 Divert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
5.1.2.6 Inject . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695.1.3 Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
5.1.3.1 DHCP Snooper. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
5.1.3.2 Monitor Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
5.1.3.3 PCAP/PCAP-2 Writer. . . . . . . . . . . . . . . . . . . . . . . . . . 71
5.1.3.4 PL-TAP #1/#2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
5.1.3.5 RADIUS Snooper . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
5.1.3.6 SIP Snooper. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
5.1.3.7 GRE Tunneling Monitored traffic . . . . . . . . . . . . . . . . . . . 735.1.4 Rule List Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
5.1.5 Using the Log Attribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
5.2 Monitoring the Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
5.2.1 Filtering Log View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
5.2.2 Sending the Filtering Log to Syslog . . . . . . . . . . . . . . . . . . . . . . . 75
5.3 Filtering default behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
5.3.1 Using the Accept All Except These - Approach . . . . . . . . . . . . . . . 75
5.3.2 Using the Reject All Except These - Approach . . . . . . . . . . . . . . . . 75
5.4 TECH: Divert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
8
-
7/13/2019 Packetlogic Product Guide v12 2
9/289
PacketLogic Product Guide
5.4.1 Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
5.4.2 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
5.4.2.1 Heartbeats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
5.4.2.2 Diverting to Layer 3 Routing Devices . . . . . . . . . . . . . . . . . 77
6 PacketLogic Statistics 79
6.1 Description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
6.1.1 Charts and graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
6.1.2 Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
6.1.3 Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
6.1.3.1 Depth and Object Root . . . . . . . . . . . . . . . . . . . . . . . . . 82
6.1.3.2 Depth in AS Paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
6.1.3.3 Aggregation and Linking . . . . . . . . . . . . . . . . . . . . . . . . 85
6.1.3.4 Graphing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
6.1.3.5 Peak Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
6.1.4 Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.2 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.2.1 PLR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.2.1.1 PLR with Local Statistics Storage . . . . . . . . . . . . . . . . . . . 876.2.1.2 PLR with Separate PLS . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.2.2 PLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.2.2.1 Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.3 TECH: Performance Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
6.4 TECH: Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
6.4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
6.4.2 Statistical Data Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
6.4.3 Statistical Data Storage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 896.4.3.1 Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
6.4.3.2 Storage Layout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
6.4.3.3 Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
6.4.3.4 Backup, Restore, and Archiving . . . . . . . . . . . . . . . . . . . . 90
6.5 TECH: Comparison to Alternative Storage Architectures . . . . . . . . . . . . . . . 90
6.6 Connection Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
6.7 Connection Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
6.7.1 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
6.7.2 Usage overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
9
-
7/13/2019 Packetlogic Product Guide v12 2
10/289
PacketLogic Product Guide
6.7.3 Available criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
6.7.4 Stored details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
6.7.5 Storage considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
6.8 PythonAPI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
7 The PacketLogic Client Interface 94
7.1 Command Line Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
7.2 System Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
7.2.1 Advanced Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
7.2.1.1 Use Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
7.2.1.2 Connecting to multiple PacketLogic systems. . . . . . . . . . . . . 95
7.3 Status Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
7.4 Drop-Down Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
7.4.1 File Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
7.4.2 Edit Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
7.4.2.1 Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
7.4.3 View Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
7.4.4 Tools menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
7.4.5 Help Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 987.5 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
7.5.1 Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
7.5.2 Totals Graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
7.5.3 Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
7.5.4 View Menu in System Overview . . . . . . . . . . . . . . . . . . . . . . . . . 100
7.6 LiveView . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
7.6.1 View Menu in LiveView . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
7.6.2 Local Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1037.6.3 Service Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
7.6.4 Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
7.6.5 Shaping Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
7.6.6 Filtering Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
7.6.7 Filtering Log. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
7.6.8 System Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
7.6.8.1 Alert Limits Editor. . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
7.6.9 Channel Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
7.6.10 Dynamic Items . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
10
-
7/13/2019 Packetlogic Product Guide v12 2
11/289
PacketLogic Product Guide
7.7 Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
7.7.1 Full Screen Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
7.7.2 Bar Charts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
7.7.2.1 Tool Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
7.7.2.2 Include . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
7.7.3 Pie Charts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7.3.1 Tool Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7.4 Line and Stacked Area Charts . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7.4.1 95th Percentile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7.4.2 Zooming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7.4.3 Peak Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7.5 Location Field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7.6 Calendar Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
7.7.7 Bookmark Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
7.7.7.1 Add/Edit Bookmark . . . . . . . . . . . . . . . . . . . . . . . . . . 114
7.7.8 View Menu in Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
7.7.9 Bookmarks Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
7.8 Main Toolbar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
7.9 Editors and Managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
7.9.1 Objects & Rules Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
7.9.1.1 Toolbar Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
7.9.1.2 NetObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
7.9.1.3 PortObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
7.9.1.4 ProtocolObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . 118
7.9.1.5 ServiceObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
7.9.1.6 TimeObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
7.9.1.7 VlanObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1197.9.1.8 PropertyObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . 119
7.9.1.9 FlagObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
7.9.1.10 MPLSObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
7.9.1.11 RewriteObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . 119
7.9.1.12 ShapingObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . 120
7.9.1.13 StatisticsObject Editor . . . . . . . . . . . . . . . . . . . . . . . . . . 120
7.9.1.14 Filtering Rule Editor. . . . . . . . . . . . . . . . . . . . . . . . . . . 121
7.9.1.15 Shaping Rule Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
7.9.1.16 Statistics Rule Editor . . . . . . . . . . . . . . . . . . . . . . . . . . 123
11
-
7/13/2019 Packetlogic Product Guide v12 2
12/289
PacketLogic Product Guide
7.9.2 User Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
7.9.2.1 Database Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . 124
7.9.2.2 LiveView Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . 125
7.9.2.3 Host Access List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
7.9.2.4 Toolbar Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
7.9.3 Host Trigger Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
7.9.3.1 Toolbar Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
7.9.4 Backup Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
7.9.4.1 Toolbar Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
7.9.5 File Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
7.9.5.1 Toolbar Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
7.9.6 Log Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
7.9.6.1 Toolbar Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
7.9.7 Connection Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
7.9.8 Resource Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
7.9.9 Channel Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
7.9.10 Log Levels Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
7.9.11 System Configuration Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
8 Webstatistics 134
8.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
8.2 Version 12 Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
8.3 The Webstatistics Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
8.3.1 Login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
8.3.2 Main Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
8.3.3 Statistics Views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
8.3.3.1 Right-click Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1368.3.4 Traffic Statistics Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
8.3.4.1 Speed View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
8.3.4.2 Data View. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
8.3.4.3 Distribution View . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
8.3.5 Toplist Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
8.3.5.1 Top Hosts View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
8.3.5.2 Combo Graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
8.3.5.3 Top TCP Services View . . . . . . . . . . . . . . . . . . . . . . . . . 139
8.3.6 Tool Menu Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
12
-
7/13/2019 Packetlogic Product Guide v12 2
13/289
PacketLogic Product Guide
8.3.6.1 PL2 Path Menu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
8.3.7 Pop-up Views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
8.3.7.1 CPU-Load View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
8.3.7.2 Channel-1 Speed View . . . . . . . . . . . . . . . . . . . . . . . . . 142
8.3.7.3 Connections View . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
8.3.7.4 Hosts View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
8.3.7.5 Hostinfo View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
8.3.7.6 FW log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
8.3.7.7 Collected Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
8.4 Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
8.4.1 BGP Graph Object Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 145
8.4.2 Chart Layouts Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
8.4.3 Chart and Menu Fonts Configuration . . . . . . . . . . . . . . . . . . . . . . 145
8.4.4 WebStats Language Configuration . . . . . . . . . . . . . . . . . . . . . . . . 146
8.4.5 WebStats Layout Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . 146
8.5 Custom Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
8.5.1 Magic Reports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
9 The Command Line Interface 1489.1 Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9.2 Serial Port Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9.3 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9.3.1 Network Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9.3.1.1 IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9.3.1.2 Ping IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9.3.1.3 Admin Duplex Settings . . . . . . . . . . . . . . . . . . . . . . . . . 148
9.3.1.4 AUX Duplex Settings . . . . . . . . . . . . . . . . . . . . . . . . . . 1499.3.1.5 Chassis configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 149
9.3.1.6 SFP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
9.3.1.7 Connection Sync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
9.3.1.8 Hostname. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
9.3.2 NTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
9.3.3 SNMP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
9.3.4 System Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
9.3.4.1 Change Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
9.3.4.2 Reload/Reboot. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
13
-
7/13/2019 Packetlogic Product Guide v12 2
14/289
PacketLogic Product Guide
9.3.4.3 Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
9.3.4.4 Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
9.3.4.5 Mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
9.3.4.6 Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
9.3.4.7 Timezone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
9.3.4.8 Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
9.3.4.9 Manage software raid . . . . . . . . . . . . . . . . . . . . . . . . . . 154
9.3.4.10 SSH Banner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
9.3.4.11 SSHD Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
9.3.5 PacketLogic License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
9.3.6 Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
9.3.6.1 Update firmware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
9.3.6.2 Update firmware from own server . . . . . . . . . . . . . . . . . . 155
9.3.6.3 Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
9.3.6.4 Update notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
9.3.6.5 Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
9.3.6.6 Update signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
9.3.6.7 Update signatures from own server . . . . . . . . . . . . . . . . . . 156
10 Common Procedures in PacketLogic 157
10.1 Backup and Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
10.1.1 Client Backup Versus CLI Backup . . . . . . . . . . . . . . . . . . . . . . . . 157
10.1.2 Taking a Backup in the Client . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
10.1.3 Taking a Backup in the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
10.1.4 Restoring a Backup in the Client . . . . . . . . . . . . . . . . . . . . . . . . . 160
10.1.5 Restoring a Backup in the CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . 161
10.2 Updating PacketLogic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
10.2.1 PL10000 Update Measures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
10.3 Enabling Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
10.3.1 DHCP or Radius Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
10.3.2 SIP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
10.4 Capturing Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
10.4.1 Capturing Traffic for a Specific Application . . . . . . . . . . . . . . . . . . . 166
10.4.2 Capturing Unknown Traffic in PacketLogic . . . . . . . . . . . . . . . . . . . 169
10.5 Configuring BGP Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
11 Centralized Management 173
14
-
7/13/2019 Packetlogic Product Guide v12 2
15/289
PacketLogic Product Guide
11.1 Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
11.1.1 Proxy Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
11.1.2 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
11.2 Recommended Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
12 Monitoring PacketLogic 176
12.1 Performance Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
12.1.1 Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
12.1.2 Connsync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
12.1.3 DRDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
12.1.4 Dynamic Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17912.1.5 General. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
12.1.6 Load Balancer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
12.1.7 Packet Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
12.1.8 PLDB Statwriter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
12.1.9 PLSD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
12.1.10 IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
12.1.11 TCPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
12.1.12 Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
12.1.13 Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
12.2 Configuring an SNMP Management Station . . . . . . . . . . . . . . . . . . . . . . . 185
12.2.1 Installing the PacketLogic MIB . . . . . . . . . . . . . . . . . . . . . . . . . . 185
12.2.2 Example: Polling a Value Using snmpget . . . . . . . . . . . . . . . . . . . . 185
12.2.3 Example: Polling a Set of Values Using snmpwalk . . . . . . . . . . . . . . . 186
12.2.4 Setting up a Trap Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
13 Triggers 188
13.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18813.2 Host Triggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
13.3 Filtering Triggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
13.4 Using, Adding and Modifying Triggers . . . . . . . . . . . . . . . . . . . . . . . . . 188
13.4.1 Example: Using a Trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
13.4.2 Example: Modifying an Existing Trigger . . . . . . . . . . . . . . . . . . . . 189
13.5 Trigger Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
13.5.1 Trigger Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
13.5.1.1 Filtering Trigger Attributes . . . . . . . . . . . . . . . . . . . . . . . 191
13.5.1.2 Host Trigger Attributes . . . . . . . . . . . . . . . . . . . . . . . . . 191
15
-
7/13/2019 Packetlogic Product Guide v12 2
16/289
PacketLogic Product Guide
13.5.2 Debugging Triggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
13.5.3 Trigger Code Skeletons. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
13.5.3.1 Filtering Trigger Code Skeleton . . . . . . . . . . . . . . . . . . . . 192
13.5.3.2 Host Trigger Code Skeleton . . . . . . . . . . . . . . . . . . . . . . 192
14 Appendixes 193
14.1 System Configuration Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
14.2 Keyboard Shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
14.2.1 General Shortcuts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
14.2.2 Main Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
14.2.3 Backup Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
14.2.4 File Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
14.2.5 Log Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
14.2.6 System Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
14.2.7 Objects & Rules Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
14.2.8 System Configuration Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
14.2.9 User Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
14.2.9.1 Tech Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
14.2.9.2 Resource Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20214.2.10 Statistics Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
14.2.10.1 Bookmark Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
14.2.10.2 Calendar Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
14.2.11 LiveView. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
14.3 System diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
14.3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
14.3.2 BGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
14.3.3 Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20514.3.4 Connsync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
14.3.5 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
14.3.6 DRDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
14.3.7 Dynamic Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
14.3.8 Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
14.3.9 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
14.3.10 General. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
14.3.11 IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
14.3.12 Load Balancer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
16
-
7/13/2019 Packetlogic Product Guide v12 2
17/289
PacketLogic Product Guide
14.3.13 Packet Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
14.3.14 PLDB Statwriter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
14.3.15 PLSD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
14.3.16 PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
14.3.17 Queue sync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
14.3.18 Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
14.3.19 Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
14.3.20 Shaping counter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
14.3.21 SIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
14.3.22 TCPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
14.3.23 Webstats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
14.4 SNMP in PacketLogic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
14.4.1 Channel Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
14.4.2 Channel Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
14.4.3 Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
14.4.4 Connsync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
14.4.5 DRDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
14.4.6 Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
14.4.7 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24314.4.8 General. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
14.4.9 IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
14.4.10 Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
14.4.11 PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
14.4.12 Packet Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
14.4.13 Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
14.4.14 Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
14.4.15 TCPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
14.5 Flow Sync protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
14.6 GRE Snooper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
14.7 Freeradius Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
14.8 Cisco TAC PLUS Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . 287
Index 288
17
-
7/13/2019 Packetlogic Product Guide v12 2
18/289
PacketLogic Product Guide
1 Introduction
This chapter provides a description of the PacketLogic product, its specifications and use.
1.1 About PacketLogic Generation 2
PacketLogic Generation 2 is a scalable traffic management product for all types of network en-vironments. PacketLogic performs deep packet and flow inspection on Internet Protocol (IP)packets, and classifies their content using Datastream Recognition Definition Language (DRDL)in an efficient and fast packet analysis engine. The result of this analysis is a comprehensivereal-time view of the traffic flowing in a network. This includes applications transmitting and re-ceiving the traffic (known as services in PacketLogic), server and client identification, bandwidthuse, and properties specific to services (such as the caller in a Voice over IP (VoIP) call). The list of
services identified by DRDL is updated frequently, and a user may also define traffic recognitionfor proprietary services.
This constitutes theLiveViewmodule, which is the core of PacketLogic. To put this informationto use, there are additional modules available, listed below. The modules enabled on a Packet-Logic determine the functionality available. For example, if the Traffic Shaping module is notenabled, the functions related to traffic shaping will not be visible in the client or available usingthe API.
Filtering The Filtering module adds the possibility to selectively allow or deny access topackets, based on their classification. This allows filtering rules with a greater level ofdetail than port numbers, source IP addresses, and other packet header fields. The filteringmodule also enables packet rewriting, which can be used to redirect users, for example to a
login web page. For details on the Filtering module, see section5.
Traffic ShapingThe Traffic Shaping module enables bandwidth management based on theclassification from the LiveView module. Traffic Shaping can be performed on the samelevel of detail as is available to the filtering (host identities, services, time, and many more).Traffic shaping enables both bandwidth limiting and traffic prioritization. For details onthe Traffic Shaping module, see section4.
StatisticsThe Statistics module stores data from the LiveView module over time, enablinganalysis of traffic patterns on a network to optimize the traffic (for example, by fine-tuningrules in the Filtering or Traffic Shaping modules). For detail on the Statistics module, seesection6.
There are also specialized modules to enable certain functions in PacketLogic:
BGP- enables traffic management based on BGP (AS path) information
Volume Based Shaping(VBS) - enables traffic shaping using a sophisticated volume-basedshaping algorithm which circumvents the pitfalls of regular volume-based schemes. Forinformation on VBS, see section4.5.
1.2 Areas of Use
The PacketLogic can be used for any purpose where keeping track of the traffic flowing in anetwork is useful. The following are examples of such purposes:
Protecting the network from malicious traffic
18
-
7/13/2019 Packetlogic Product Guide v12 2
19/289
PacketLogic Product Guide
Limiting the bandwidth for bandwidth-consuming applications
Troubleshooting network problems
Enforcing network policies
1.3 User Interfaces
The ClientThe PacketLogic has an intuitive client interface, allowing a low knowledge threshold forenabling effective traffic management in a network. The PacketLogic is powerful enough,however, to allow a more experienced user an almost arbitrary level of detail in the moni-toring and management of traffic. For further information on the client, see section7.
The APIFor automation of tasks and integration with other network nodes (such as billing sys-tems or customer databases), a comprehensive Application Programming Interface (API)is available as a Python module. For further information on the API, please see http://python.proceranetworks.com .
The ConsoleFor basic configuration tasks when setting up the PacketLogic, troubleshooting, and certainsystems administration tasks, a menu-based console interface is available, either locally ona serial port or remotely using a secure shell (SSH). For a description of the console interface,see section9.
SNMP
PacketLogic supports monitoring through the Simple Network Management Protocol (SNMP).For information on the values available, please see the SNMP appendix (section 14.4).
1.3.1 Integration Capabilities
The PacketLogic supports automatized interaction using the PacketLogic PythonAPI. To performmore advanced integration tasks, for example with subscriber authentication services and busi-ness systems, a PacketLogic Subscriber Manager (PSM) can be deployed together with one ormore PacketLogic systems. For more information on this, see the PSM Product Guide and con-tact the local PacketLogic sales representative.
1.4 This ManualThis manual can be read back to front or section by section as the need arises. Reading thismanual and using the PacketLogic requires only basic knowledge in IP networking, but deeperknowledge in networking will allow a more powerful and flexible use of the PacketLogic fea-tures.
This manual focuses on using and configuring the PacketLogic software. For each hardwareplatform there is a separate Hardware Guide available, containing specifications and installationdetails.
This manual will first go through what is new in version 12 of PacketLogic, for those who arealready familiar with PacketLogic and its use.
Then there is an overview of a few key conceptsin PacketLogic. This section will introduce theapproach, terminology and technology PacketLogic uses. This information applies regardless of
19
http://python.proceranetworks.com/http://python.proceranetworks.com/http://python.proceranetworks.com/http://python.proceranetworks.com/http://python.proceranetworks.com/ -
7/13/2019 Packetlogic Product Guide v12 2
20/289
PacketLogic Product Guide
which interface is used to configure and operate the PacketLogic (client or API). Some screenshotsfrom the graphical user interface (called the client) will be used to illustrate certain concepts.
After this, the main functional areas are described (Traffic Shaping, Filtering, and Statistics) interms of how they operate and what their configuration options mean.
Then the user interfaces are described in detail:Theclientis introduced, describing how to use it to configure and operate the PacketLogic.Webstatistics is described, showing how to access statistics data using a web browser.Theconsoleavailable via a SSH connection or serial connection is described, listing the varioussystem configuration options.
A section describes common procedures step by step, such as taking a backup, updating thePacketLogic software, or capturing traffic for analysis.
The possibilities ofcentralized management are discussed, and trigger functionality is described.
Methods formonitoringthe PacketLogic are described.At the end of the document, there are appendixes containing the list ofsystem configurationval-ues,keyboard shortcuts,system diagnosticsvalues,SNMPOIDs, and various code examples,and an index of keywords for easily finding information on specific topics.
1.5 TECH: Technical Sections
Interspersed with the regular sections are so-calledTechnical Sections. These aim to dissect andexplain PacketLogic in greater detail than what is necessary for normal day-to-day operation ofPacketLogic. These sections are intended for those interested, those who need more technicalinformation for advanced system configuration and those performing advanced maintenance
and troubleshooting. Technical sections are indicated by the section heading starting with TECH:,like in the heading of this section.
20
-
7/13/2019 Packetlogic Product Guide v12 2
21/289
PacketLogic Product Guide
2 New in Version 12
This section will highlight the main changes from PacketLogic version 11. It is intended primarilyfor those already familiar with PacketLogic version 11 who want to quickly get up to speed onwhat is new in version 12.
2.1 Release 12.0
2.1.1 Client Interface
The version 12 client retains the look and feel of the version 11 client, but there are some changesto the available functions and views:
LiveView is the new name of what was formerly know as the Surveillance view.
Filtering is now applied as the name for the functionality formerly known as firewall in theclient.
Dynamic Items has a view of its own in LiveView.
2.1.2 Flow Synchronization
Version 12 introducesflow synchronization(flow sync). Flow sync allows multiple packet pro-cessing CPUs (engines) to exchange connection information on connections that are seen by bothengines.
Flow sync provides a means of handling asymmetric traffic, which has been difficult in earlierversions. By ensuring that there is a PacketLogic on each link, and that they are connected ina flow sync network, connection information will be available to all interconnected PacketLogicunits, regardless of whether the same connection has packets on different links.
For further information on flow sync, see section3.2.2.
2.1.3 PL10000 Support
Version 12 of the PacketLogic software will be the first to support the new PL10000 platform.
Note: For full information on functionality in the PL10000, it is recommended to read the PL10000Hardware Description in conjunction with this document.
2.1.4 Flexible Statistics
The statistics handling has been fundamentally redesigned in version 12. Statistics are no longerstored in any way by default, but can be configured to a high level of detail and flexibility usingStatistics Objects and Statistics Rules, which are new in the ruleset in version 12. As withshaping rules, the statistics rules define what traffic that shall be selected for the particular rule(using conditions), and what statistics object to use. The statistics object defines how statisticsshall be extracted and stored for the traffic.
The main improvements are:
Flexible selection of traffic to write statistics for, and what statistics data to write
Configurable resolution per statistics object (instead of five minute intervals for everything)
21
-
7/13/2019 Packetlogic Product Guide v12 2
22/289
PacketLogic Product Guide
On-demand writing to disk (instead of once per hour)
2.1.5 Scalability
The PacketLogic Daemon, which controls the real-time interaction with the packet processingengine in PacketLogic, has been redesigned to scale with multiple engines. The protocol forcommunication between engines and pld has also been optimized to this end.
Brought together, this gives PacketLogic the possibility to scale with the number of connectionsin the traffic seen.
2.1.6 Connection Quality Measurements
Connection details in LiveView shows a percentage metric for the quality of the connection, based
on packet drops and retransmissions. See section3.2.4for details.
2.2 Release 12.1
2.2.1 Queue Synchronization
Queue synchronization(queue sync) allows multiple packet processing CPUs (engines) to sharequeues, which form ShapingObjects.
Queue sync, consequently, allows a rule set to be effective across multiple links with asymmetrictraffic. Queue sync ensures that all engines are aware of how much the other involved engines areusing a certain queue. This way, limits can be enforced across multiple engines in a multi-engine
PacketLogic (such as the PL10000), or even across physically separate PacketLogic units.
For further information on queue synchronization, see section4.6.3.
2.2.2 Injection
A new action is available in filtering rules: inject. The intended use is to redirect selected con-nections by injecting an HTTP 307 (Temporary Redirect) response. See section5.1.2.6for details.
2.2.3 Dynamically Loadable Signatures
As of release 12.1, it is possible to update the signature set on PacketLogic without installing a
new firmware. Signature updates are provided as Application Recognition Modules (ARMs),which can be downloaded and installed on a running PacketLogic. Signature updates are avail-able from theUpdatesmenu in the CLI (see section9.3.6.6).
2.2.4 New Flow Behaviour Flags
There are flow behaviour flags added for the direction of a flow ( Inboundand Outbound) andfor indicating if a connection is established (Established). For details, see section3.6.1.11.
2.2.5 Connection Protection can be Disabled
It is now possible to disable connection protection altogether. For details, see section3.7.2.
22
-
7/13/2019 Packetlogic Product Guide v12 2
23/289
PacketLogic Product Guide
2.2.6 Physical Monitor Port
On PL10000 platforms, traffic can now be monitored to a physical port, by selecting Monitor Portas the monitor destination in a filtering rule. For information, see section5.1.3.2.
2.2.7 RADIUS Authentication
As of release 12.1, it is possible to configura PacketLogic to authenticate users with a RADIUSserver. RADIUS authentication is configured in the CLI (see section 9.3.4.1), and applies only tologging in with the PacketLogic client or the PacketLogic Python API (including Webstatistics).
2.3 Release 12.2
2.3.1 Local Statistics Storage
The option to store statistical data locally (without a dedicated PLS) is reintroduced in release12.2. This applies to non-PL10000 systems, and enables only limited amounts of statistics data tobe stored.
2.3.2 Volume-based Shaping (VBS)
Volume-based shaping is reintroduced in version 12 as of release 12.2. The feature has beenreimplemented, and the VBS editor in the PacketLogic client looks different from the v11 editor.For more information on VBS, see section4.5. For a description of the VBS editor, see section7.9.1.12.
2.3.3 External Authentication Improved
A PacketLogic can now authenticate users towards a TACACS+ server. As of release 12.2, RA-DIUS authentication also allows configuring granular permissions per user. External authentica-tion now also applies to CLI/SSH login, and multiple authentication servers can be configured.For more information on external authentication, see section3.3.3.3.
2.3.4 Divert
For PL10005 and PL10014 systems, a divert channel is available as of release 12.2. This allows se-
lecting traffic with a filtering rule, and diverting that traffic onto the divert channel. The intendeduse is to pass traffic through a third-party analysis appliance. For further information on Divert,see section5.4.
2.3.5 Sub-item Count in Statistics
Statistics now keeps track of how many items are stored beneath a statistics value. This is avail-able as a graph field in StatisticsObjects, and also shown in a tool tip when viewing bar charts inthe statistics viewer in the PacketLogic client.
23
-
7/13/2019 Packetlogic Product Guide v12 2
24/289
PacketLogic Product Guide
2.3.6 Connection logging
Connection logging is available in release 12.2. Connection logging allows storing detailed con-nection information for storage, forensics, and analysis. See section 6.7for details.
2.3.7 Statistics Distributed by Flag
The flow behaviour flags of PacketLogic can now be used to distribute statistics.
2.3.8 CSV Export of Statistical Data
The statistics viewer of the PacketLogic client now exports statistics data to a comma-separatedvalues (CSV) file. This is available from the File Export dialog in the statistics viewer.
2.3.9 Statistics Aggregation
It is possible to aggregate statistical data in release 12.2. This allows separating what data isstored on which statistics system. See section6.1.3.3.
2.3.10 Statistics Linking
It is possible to define links in StatisticsObjects, allowing a distribution level to link to a differentStatisticsObject when browsing statistics. See section6.1.3.3.
2.3.11 Total Graphs Collected in System Overview
There is a new subview in the System Overview, where all aggregated graphs are gathered. Thisis intended to provide a quick overview in a System Overview that shows multiple systems.
2.3.12 Depth Limit on AS Paths in Statistics
It is now possible to limit the number of steps into an AS path to go when distributing statisticsbased on AS paths. For details, see section6.1.3.2.
2.3.13 Statistics Distribution for Remote Virtual Host
Statistics can be distributed by Remote VHost (virtual host), distributing statistics based on thename of the remote host.
2.3.14 Audit Logging
PacketLogic logs client activity to a great level of detail, to allow log auditing.
2.3.15 Quality Metrics (QoE) enhanced
The quality metric (QoE) made available in statistics is now also displayed as a column in theLocal Host, Service, and ServiceObject views in LiveView.
Also, the quality metrics have been refined to show details for the four directions of traffic visibleto the PacketLogic. For details, see section3.2.4.
24
-
7/13/2019 Packetlogic Product Guide v12 2
25/289
PacketLogic Product Guide
2.3.16 Support for Forwarding Jumbo Frames
The PL10000 systems are now capable of forwarding jumbo frames. For details on MTU, seesection3.7.1.
2.3.17 DSCP and Channel Information in LiveView and Ruleset
It is now possible to see the DSCP and channel for a connection in LiveView connection details,and it is also possible to match on these parameters in rules.
2.3.18 Shaping Statistics
Fields have been added to store data for packet drops and latency using StatisticsObjects.
2.3.19 Channel Management
Version 12.2 brings back the Channel Editor in the PacketLogic Client, where channel interfacescan be enabled and disabled, and speed/duplex settings can be applied.
2.3.20 Statistics Zooming
It is possible to zoom in line and stacked area charts, by holding downShiftand dragging thecursor to select the interval to zoom to. For details, see section7.7.
2.3.21 Statistics Peak Analysis
It is possible to store information on the top contributing items in a peak in statistics. This isenabled by setting Graph & Peak in the distribution of the StatisticsObject (see section6.1.3.5).The peak data is shown by holding down Ctrl and clicking the graph point for which to showpeak data (see section7.7).
2.3.22 System Diagnostics Minima
Added minimum values to all system diagnostics values, along with timestamps for when theminimum and maximum values were last seen.
2.3.23 Channel Information in System Overview
Made Channel View data available to our System Overview system.
2.3.24 Time Stamps in Channel View
Added last-seen minimum and maximum values to Channel View along with timestamps.
2.3.25 NetObject Counters in LiveView
The Local Hosts view in LiveView now shows the number of NetObjects or hosts that exist in avisible NetObject, as a tooltip when the cursor hovers over the NetObject. Note that the NetObjectmust be expanded for the tooltip to be available.
25
-
7/13/2019 Packetlogic Product Guide v12 2
26/289
PacketLogic Product Guide
2.3.26 95th Percentile in Statistics
Line charts in the Statistics Viewer now have an option to show the 95 percentile value.
2.3.27 CommitLog
PacketLogic now keeps a separate commit log where all log entries from committed changesto the different configurable resources in PacketLogic (such as ruleset, system configuration,firmware upgrades etc) are stored, to easily keep track of who changed what and when.
2.3.28 Object Attributes
Any ruleset object can now be provisioned with key value pair properties. This way any kind ofexternal provisioning system can store arbitrary data about objects in the PacketLogic database.
2.3.29 Other Enhancements
Numerous other enhancements have been added:
The SNMP trap server details can be changed, instead of removed and readded.
The port to which SSH listens on the Admin interface can be changed from the default42002.
The Aux port can be configured in terms of duplex settings.
A PacketLogic not running the PacketLogic Daemon (PLD) (such as a statistics system) cannow run SNMP.
Channel statistics is available for the Flow Sync and Monitor ports.
The alerts configured in System Diagnostics can be viewed by right-clicking the root of theSystem Diagnostics tree.
User permissions can be configured to selectively allow viewing service properties for con-nections.
The service nameUndeterminedhas been changed toBeing Analyzed
26
-
7/13/2019 Packetlogic Product Guide v12 2
27/289
PacketLogic Product Guide
3 Key Concepts
This section describes the concepts on which operation and configuration of PacketLogic arebased. To readers unfamiliar with PacketLogic or traffic management, it is recommended to readthis section before proceeding.
The basic flow of PacketLogic is:
1. Receive a packet
2. Analyze the packet to determine the following:
Does the packet belong in an existing connection (flow), or does it start a new one?
Does the connection to which the packet belongs match any rules defined?
3. Enforce all rules to which the packets connection applies.
4. If the packet has not been dropped or rejected during the enforcement of the rules, forwardthe packet.
PacketLogic also imposes certain restrictions on the traffic passing through it, some of which areconfigurable. For details, see section3.7.
3.1 Terminology
Some components and concepts have many names to them. These are good to be familiar with,since they can be used interchangeably depending on context.
Connection or flow is a series of packets with a common 5-tuple (see section 3.3.6).
Engine is the core software component performing traffic analysis, shaping, filtering and allother measures in the packet path.
Flow processor or packet processor is a CPU dedicated to processing packets in channel traffic.A flow processor essentially runs the engine and necessary control processes.
Flow processor module (FP module) is a module (blade) in the PL10000 platform series holding
flow processors.
Dynamic item (also referred to as dynamic IP) is a NetObject item inserted dynamically usingthe PacketLogic Python API. This allows changing NetObjects without resource transac-tions, allowing a high rate of operations.
Named dynamic item (also referred to as subscriber) is a "virtual" NetObject, containing dy-namic items. This allows using dynamic items in integration schemes in large-scale deploy-ments with a consistent name for a subscriber even though the actual IP address changes.
Subscriber seenamed dynamic itemabove.
MiB, GiB, TiB (mebibyte, gibibyte, and tebibyte) are the units used for size. These are standards-
based binary multiples of bytes. A mebibyte is 10242
(or 220
) bytes, a gibibyte is 10243
bytes,and so on.
27
-
7/13/2019 Packetlogic Product Guide v12 2
28/289
PacketLogic Product Guide
3.2 Traffic Analysis
PacketLogic does analyze each packet that arrives on its interfaces. However, PacketLogic doesnot take action based on an isolated packet. Instead, it looks at the connection to which the packetbelongs. Most of the selection r