Professional Documents
Culture Documents
Packetlogic 20 30 00 Intelligence Center Product Guide
Packetlogic 20 30 00 Intelligence Center Product Guide
Packetlogic 20 30 00 Intelligence Center Product Guide
Product Guide
Release 20.30
05-00391-A01
Copyright © 2019 Sandvine Corporation. All rights reserved. Any unauthorized reproduction prohibited. All other trademarks are
the property of their respective owners.
This documentation including all documentation incorporated by reference herein such as documentation provided or made
available on the Sandvine website are provided or made accessible "AS IS" and "AS AVAILABLE" and without condition,
endorsement, guarantee, representation, or warranty of any kind by Sandvine Corporation and its affiliated companies
("Sandvine") and Sandvine assumes no responsibility for any typographical, technical, or other inaccuracies, errors, or
omissions in this documentation. In order to protect Sandvine proprietary and confidential information and/or trade secrets,
this documentation may describe some aspects of Sandvine technology in generalized terms. Sandvine reserves the right to
periodically change information that is contained in this documentation; however, Sandvine makes no commitment to provide
any such changes, updates, enhancements, or other additions to this documentation to you in a timely manner or at all.
Comments
If you have any comments, questions, or ideas in relation to the content in this documentation, we welcome your feedback.
Please send your feedback to Sandvine via email at docs@sandvine.com.
Contacting Sandvine
To view the latest Sandvine documentation or to contact Sandvine Customer Support, register for an account at https://
support.sandvine.com. See http://www.sandvine.com/about_us/contact.asp for a list of Sandvine Sales and Support offices.
Copyright © 2001-2019 Sandvine
ii
Table of Contents
1. About this document 1
1.1. Document scope ................................................................................................................................... 2
1.2. Related documents ................................................................................................................................ 2
1.3. Software and firmware download ............................................................................................................. 2
1.4. Typographical conventions ...................................................................................................................... 2
2. Introduction 3
2.1. About PacketLogic ................................................................................................................................. 4
2.1.1. Basic data flow ........................................................................................................................... 4
2.2. About PacketLogic Intelligence Center ...................................................................................................... 4
2.3. Interfaces overview ................................................................................................................................. 4
2.4. Glossary ............................................................................................................................................... 5
3. PacketLogic Client user interface 7
3.1. PacketLogic Client window ..................................................................................................................... 8
3.2. System Manager window ...................................................................................................................... 12
3.2.1. System Manager context menu .................................................................................................. 14
3.3. Statistics view ...................................................................................................................................... 15
3.3.1. Navigation tab ........................................................................................................................... 16
3.3.2. Bookmarks tab ......................................................................................................................... 18
3.3.2.1. Bookmarks tab context menu .......................................................................................... 19
3.3.2.2. Add Bookmark dialog ...................................................................................................... 20
3.3.3. Graphs tab ............................................................................................................................... 20
3.4. File menu ............................................................................................................................................ 22
3.5. Edit menu ........................................................................................................................................... 23
3.6. View menu .......................................................................................................................................... 25
3.7. Tools menu ......................................................................................................................................... 27
3.8. Bookmarks menu ................................................................................................................................. 28
3.9. Help menu .......................................................................................................................................... 29
3.10. Objects & Rules Editor window ............................................................................................................ 30
3.10.1. Objects & Rules Editor window overview .................................................................................... 30
3.10.2. Objects & Rules Editor File menu .............................................................................................. 31
3.10.3. Objects & Rules Editor Edit menu .............................................................................................. 32
3.11. NetObjects configuration pane ............................................................................................................. 33
3.11.1. NetObjects context menu ......................................................................................................... 34
3.12. ServiceObjects configuration pane ........................................................................................................ 36
3.13. StatisticsObjects configuration pane ..................................................................................................... 38
3.13.1. Fields tab ............................................................................................................................... 39
3.13.2. Distribution tab ........................................................................................................................ 40
3.13.3. Limits tab ............................................................................................................................... 42
3.13.4. Aggregation tab ....................................................................................................................... 43
3.14. IPFIXObjects configuration pane ........................................................................................................... 44
3.14.1. Template tab .......................................................................................................................... 45
3.14.2. Collectors tab ......................................................................................................................... 46
3.15. Conditions configuration pane .............................................................................................................. 48
3.16. Statistics rules configuration pane ........................................................................................................ 49
3.17. Channel Editor window ....................................................................................................................... 51
3.17.1. Physical Channels tab .............................................................................................................. 51
3.17.2. Divert Labels tab ..................................................................................................................... 53
3.17.3. Monitor Labels tab ................................................................................................................... 54
3.18. User Editor window ............................................................................................................................ 57
3.18.1. Database Permissions tab ........................................................................................................ 58
3.18.2. LiveView Permissions tab ......................................................................................................... 59
3.19. Log Level Editor window ..................................................................................................................... 61
3.20. Host Trigger Editor window ................................................................................................................. 63
iii
PacketLogic Intelligence Center Product Guide
iv
PacketLogic Intelligence Center Product Guide
v
PacketLogic Intelligence Center Product Guide
vi
PacketLogic Intelligence Center Product Guide
vii
PacketLogic Intelligence Center Product Guide
viii
PacketLogic Intelligence Center Product Guide
ix
PacketLogic Intelligence Center Product Guide
x
1. About this document
1.1. Document scope
1.2. Related documents
1.3. Software and firmware download
1.4. Typographical conventions
This document is a guide to configuration and maintenance of an installed PacketLogic Intelligence Center (PIC). For more
information about the PacketLogic product line, see the PacketLogic Real-Time Enforcement product guide and the
PacketLogic Subscriber Manager Product Guide.
The appendices provide additional reference information and include lists of statistics field names, system configuration values,
system diagnostic values, and keyboard shortcuts.
1
1. About this document
Tip
Note
A note gives additional information that is not essential to complete a task.
Important
Caution
Warning
2
2. Introduction
2.1. About PacketLogic
2.2. About PacketLogic Intelligence Center
2.3. Interfaces overview
2.4. Glossary
This chapter is an introduction to PacketLogic Intelligence Center and its user interfaces.
3
2. Introduction
1. Receive a packet.
• Does the packet belong in an existing connection, or does it start a new one?
• Does the connection to which the packet belongs match any defined rules?
4. If the packet has not been dropped or rejected during the enforcement of the rules, forward the packet.
SQL interface
The SQL interface is used to query the statistics reader. For more information, see Section 4.3, “SQL”.
PythonAPI
PacketLogic supports automation of tasks and integration with other network nodes via the PacketLogic PythonAPI. The
PythonAPI has functions for accessing statistical data and connection logging, and for adapting the output. You can
create scripts for retrieving statistical data, or programs to integrate PacketLogic with other systems. For more information,
see http://python.proceranetworks.com.
SNMP
PacketLogic supports monitoring through the Simple Network Management Protocol (SNMP). For more information about
monitoring, see Section 6.8, “Monitoring PacketLogic”.
4
2. Introduction
See also
2.4. Glossary
Some components and concepts have many names to them. These are good to be familiar with, since they can be used
interchangeably depending on context.
Connection or flow
PacketLogic defines a connection as a flow of packets between two hosts, using a protocol. The connection is identified
by its 5-tuple consisting of client IP address, client port, IP protocol, server IP address, and server port.
Engine
The core software component performing traffic analysis, shaping, filtering and all other measures in the packet path. For
more information, see Section 6.2.1, “Engine”
Distribution
Specifies the structure of the stored value paths in statistics. Value paths will be stored for each level in the distribution.
For more information, see Section 7.2, “Distribution tree structure”.
Dynamic item
When the dynamic prefix (or dynprefix for short) is inserted under a NetObject it becomes a dynamic item (or dynitem
for short). See Dynamic prefix below. The unique key to any dynamic item is (netobjectid, ip-prefix). A NetObject item
inserted dynamically using the PacketLogic Python API. This allows changing NetObjects without resource transactions,
allowing a high rate of operations.
Dynamic prefix
Replacing dynamic item, dynamic IP, and dynitem as terminology. The basic idea was to be able to add IPs dynamically
under any NetObject. This is still the basic thought but today we add IP-Prefixes instead of IPs. Hence the proper name
is a dynamic prefix, not dynamic IP.
Ruleset
The traffic management policies used to manage the traffic flow through a network.
Subscriber
Also referred to as named dynamic item above. For more information, see Section 2.2, “PSM components” in
PacketLogic Subscriber Manager Product Guide.
5
2. Introduction
Value path
Statistics data in PacketLogic is composed of value paths. A value path consists of a set of counters with an associated
search path and optional graph data. For more information, see Section 7.5, “Value paths”.
Value type
The type of a statistics value path. Specifies if a value path is, for example, a service, a ServiceObject, a NetObject, or
an AS path. For more information, see Section 7.5.2, “Value types”.
See also
6
3. PacketLogic Client user interface
3.1. PacketLogic Client window
3.2. System Manager window
3.3. Statistics view
3.4. File menu
3.5. Edit menu
3.6. View menu
3.7. Tools menu
3.8. Bookmarks menu
3.9. Help menu
3.10. Objects & Rules Editor window
3.11. NetObjects configuration pane
3.12. ServiceObjects configuration pane
3.13. StatisticsObjects configuration pane
3.14. IPFIXObjects configuration pane
3.15. Conditions configuration pane
3.16. Statistics rules configuration pane
3.17. Channel Editor window
3.18. User Editor window
3.19. Log Level Editor window
3.20. Host Trigger Editor window
3.21. Connection Protection Trigger Editor window
3.22. System Configuration Editor window
3.23. Preferences window
3.24. Backup Manager window
3.25. Resource Manager window
3.26. File Manager window
3.27. Log Viewer window
3.28. Connection Search window
3.29. Command-line mode
This chapter describes the PacketLogic Client user interface. Use the client to configure and monitor PIC and to view statistics.
Note
This section contains information about the parts of the PacketLogic Client interface that relate to PIC. For
more information about views and configuration panes that are not included here, see the PacketLogic Real-
Time Enforcement Product Guide.
See also
7
3. PacketLogic Client user interface
1 Main toolbar
2 Navigation pane
3 Work area
Displays the configuration options for the objects selected in the navigation pane.
4 Status bar
Pointing to Version displays a tool tip with the firmware version and the version of the
currently loaded Application Recognition Module (ARM) for service definitions in DRDL.
Double-clicking opens a window with details about the currently loaded ARM.
• System ID: The unique system identifier for the PacketLogic system.
8
3. PacketLogic Client user interface
• Time: The current time and date on the PacketLogic system. The value is N/A until
LiveView has been opened.
5 Views
• System Overview: For more information, see Section 5.3, “System Overview” in
PacketLogic Real-Time Enforcement product guide.
• LiveView: For more information, see Section 5.4, “LiveView” in PacketLogic Real-Time
Enforcement product guide.
• System Diagnostics view: For more information, see Section 5.5, “System
Diagnostics view” in PacketLogic Real-Time Enforcement product guide.
• Statistics view: For more information, see Section 3.3, “Statistics view”.
System Manager
Opens the System Manager window. For more information, see Section 3.2, “System
Manager window”.
Opens the Objects & Rules Editor window in the Open Without Stealing Resource mode.
Click and hold displays the following opening options:
For more information, see Section 3.10, “Objects & Rules Editor window”.
User Editor
Opens the User Editor window. For more information, see Section 3.18, “User Editor
window”.
Opens the Host Trigger Editor window. For more information, see Section 3.20, “Host
Trigger Editor window”.
Opens the Connection Protection Trigger Editor window. For more information, see Section
3.21, “Connection Protection Trigger Editor window”.
Backup Manager
9
3. PacketLogic Client user interface
File Manager
Opens the File Manager window. For more information, see Section 3.26, “File Manager
window”.
Log Viewer
Opens the Log Viewer window. For more information, see Section 3.27, “Log Viewer
window”.
Connection Search
Opens the Connection Search window. For more information, see Section 3.28,
“Connection Search window”.
Pause
This option is only available in LiveView. Stops updating the real-time information in LiveView.
Real-time information is active by default.
Start
This option is only available in LiveView when you have clicked Pause. Starts updating the real-
time information in LiveView.
10
3. PacketLogic Client user interface
See also
• Section 5.5, “System Diagnostics view” in PacketLogic Real-Time Enforcement product guide
11
3. PacketLogic Client user interface
Open the System Manager and click Quick Connect to open a connection to a single system in a separate window. To combine
and aggregate information from multiple PacketLogic systems (or multiple LVAs in PL15000 platforms) in a single Client window,
include the system address of each system into the Synced systems list under Advanced options. See also Section 5.4.2.7,
“Synced Systems” in PacketLogic Real-Time Enforcement product guide.
1 Navigation pane
The navigation pane contains a tree structure with folders and PacketLogic systems.
12
3. PacketLogic Client user interface
Automatically connect to Connects directly to a specific system when you start PacketLogic Client instead of opening
this system on startup the System Manager window.
Use compression Uses compression for the communication between the PacketLogic system and PacketLogic
Client.
Note
Using compression reduces the bandwidth used, but it may increase the CPU load on the
PacketLogic system in order to perform the compression.
Use different password for Allows PacketLogic Client to send one password to log on to the database and another
LiveView login password to log on to the PacketLogic Daemon (PLD) and LiveView. This can be useful in
deployments with external authentication mechanisms.
For more information about PacketLogic Daemon, see Section 6.2.3, “PacketLogic Daemon
(PLD)”.
Use proxy if available Allows PacketLogic Client to connect through a SOCKS5 proxy.
This option is only available if you have configured a proxy in the in the Preferences window.
For more information, see Section 3.23, “Preferences window”.
Synced systems Adds PacketLogic systems to the Synced systems list to combine and aggregate information
from multiple PacketLogic systems—or from multiple LVA modules in PL15000 platforms. The
list contains IP addresses to PacketLogic systems that are configured in the System Manager
window.
If systems are added in the Synced systems list, PacketLogic Client connects to each system
(or LVA in PL15000 platforms) in the list simultaneously, and combines the relevant information
into a single view.
• Information from Local Hosts, ServiceObjects, Services, and any other custom view is
aggregated from all synced systems into a single LiveView.
• Information about resources and configuration is only shown for the current system.
If the Synced systems list is left empty, the client connects solely to the system address
defined in the main dialog.
Synced systems must have the same logon account and must have the same objects and
rules defined. This is intended for systems that are proxied to the same proxy host.
For more information, see Section 5.4.2.7, “Synced Systems” in PacketLogic Real-Time
Enforcement product guide.
Opens a dialog to enter the IP address of a PacketLogic system to be added to the Synced
Add system systems list.
Edits the IP address of the selected system in the Synced systems list.
Edit system
13
3. PacketLogic Client user interface
Settings Opens the Preferences window. For more information, see Section 3.23, “Preferences
window”.
See also
See also
14
3. PacketLogic Client user interface
1 Tabs
• Navigation tab: This tab has options for which data to display in a view. For more
information, see Section 3.3.1, “Navigation tab”.
• Bookmarks tab: This tab has options for creating bookmarks for views. For more
information, see Section 3.3.2, “Bookmarks tab”.
• Graphs tab: This tab has options for selecting which objects to display in the chart. For
more information, see Section 3.3.3, “Graphs tab”.
2 Hyperlink
Blue text is a hyperlink to another view. Clicking the text opens the view. Right-clicking the text
opens the view in a new tab.
3 Address bar
A link location with the chart type and the embedded value path for the view. The value type
is referred to as splittype.
4 Workspace
This area shows a chart of the statistics distribution according to the settings in the Navigation
tab and the selected chart type.
15
3. PacketLogic Client user interface
Back
Goes to the previous view. Clicking the small black arrow displays a list of views.
Forward
Goes to the next view. Clicking the small black arrow displays a list of views.
Up
Reload
Home
Goes to the root level of the distribution, shown as a bar chart of all configured
StatisticsObjects.
Chart Type
• Bar Chart: This chart type shows the accumulated total of the value as a list of items.
• Pie Chart: This chart type shows the ratio between items for the accumulated total. Both
the value and the percentage of each item are displayed.
• Percent Bar Chart: This chart type shows the accumulated total of the value as a
segmented bar chart with the ratio for each item as a percentage.
• Line Chart: This chart type shows the variation in the value over time.
• Stacked Area Chart: This chart type shows the variation in the value over time
See also
16
3. PacketLogic Client user interface
Interval A time interval for which to display statistics and a date in the calendar. Clicking the blue arrows
goes back or forward one time interval. Right-clicking the calendar goes to the current date.
Sort by Defines a value to sort items by in the chart and if the sort order is ascending or descending.
Include <Others> This option is only available for bar charts. Shows an item named <Others> with the
accumulated value of all items that are excluded by the Max results option.
Show duration for matches This option is only available for bar charts. Shows a bar chart that lists the duration for which
the values have been within set limits during the interval.
Calculate average per Shows a graph with values that are averaged per subscriber. NetObjects with the attribute
subscriber Statistics - Count as subscriber selected define what constitutes a subscriber in this context.
For more information, see Section 5.5.4, “Attributes”.
Apply Applies the Interval, Sort by, and Max results settings.
17
3. PacketLogic Client user interface
Data type Defines which type of data to show in the chart. The available types depend on the Fields
configuration in the StatisticsObject.
If Distribution is set to Channel Statistics or ShapingObject Statistics, the same data types
as in LiveView are available.
Selecting Packets in the Data type list, displays Quality of Experience (QoE) data.
Values Defines which values to show in the chart. Clicking the arrow displays limiting options, which
are editable on double-click.
Show 95th percentile This option is only available for line charts. Adds a horizontal line to the graph, at the value of
the 95th percentile. The values are based on the incoming bps and outgoing bps values. If
both these values are included in the chart, the highest of the two percentile values is shown.
See also
Bookmark folders The Local Bookmarks folder contains locally stored bookmarks and the Remote Bookmarks
folder contains remotely stored bookmarks.
18
3. PacketLogic Client user interface
Add
• Add Bookmark: Opens the Add bookmark dialog to create a new bookmark.
• Add all Tabs as Bookmark Folder: Opens the Add bookmark dialog to create a new
folder with all currently open tabs as bookmarks.
Delete
See also
Export Bookmarks Exports the bookmarks in the folder to a file in PacketLogic Bookmarks (.pbx) format. See
Section 8.4.3, “Bookmarks” for more information about the file format.
Exports all or a range of pages as a .pdf or .csv file with the statistics view defined in the
bookmark. If more than one bookmark is exported, the settings are applied to each bookmark.
On a folder:
Exports all the statistics views defined as bookmarks in the folder in .pdf or .csv format. All
bookmarks can be exported in a single file or in a folder with one file for each bookmark.
Import Bookmarks Imports a file of exported bookmarks in PacketLogic Bookmarks (.pbx) format. See Section
8.4.3, “Bookmarks” for more information about the file format.
19
3. PacketLogic Client user interface
Open Folder in Tabs Opens all the bookmarks in the folder in one tab each.
Properties Opens the Add Bookmark dialog to edit the bookmark properties.
See also
• A fixed time period or an interval relative to the current date, Current or Last.
• The interval length. It can be Day, Week, Month, Quarter, HalfYear, Year, or Custom.
For Custom, the time interval can be defined in seconds.
See also
20
3. PacketLogic Client user interface
Maximum Y value Limits the view of the graph on the value (y) axis.
Use usage analysis data Displays averages based on usage analysis. For more information, see Section 7.10,
“Averages based on usage analysis”.
See also
21
3. PacketLogic Client user interface
System Manager Opens the System Manager window. For more information , see Section 3.2, “System
Manager window”.
Reconnect Opens a new PacketLogic Client connection to the current PacketLogic system.
Check for updates Checks the Sandvine server for a more current version of PacketLogic Client.
Close Window Closes the current PacketLogic Client. If multiple clients are open, the remaining clients are
unaffected. If no other clients are open, the client quits.
Note
In the Mac OS X client, this option is located on the PacketLogic Client menu.
See also
22
3. PacketLogic Client user interface
Objects & Rules Opens the Objects & Rules Editor window in one of the following modes:
• Open Without Stealing Resource: Opens the editor without locking the resource for
exclusive use.
• Steal Resource And Open: Applies an exclusive lock on the resource before opening
the editor.
For more information, see Section 3.10, “Objects & Rules Editor window” and Section
4.1.4, “Objects & Rules Editor opening modes”.
Channels Opens the Channel Editor window. For more information, see Section 3.17, “Channel Editor
window”.
Users Opens the User Editor window. For more information, see Section 3.18, “User Editor
window”.
Log Levels Opens the Log Level Editor window. For more information, see Section 3.19, “Log Level
Editor window”.
Host Triggers Opens the Host Trigger Editor window. For more information, see Section 3.20, “Host
Trigger Editor window”.
Connection Protection Opens the Connection Protection Trigger Editor window. For more information, see Section
Triggers 3.21, “Connection Protection Trigger Editor window”.
System Configuration Opens the System Configuration Editor window. For more information, see Section 3.22,
“System Configuration Editor window”.
Preferences Opens the Preferences window. For more information, see Section 3.23, “Preferences
window”.
Note
In the Mac OS X client, this option is located on the PacketLogic Client menu.
23
3. PacketLogic Client user interface
See also
24
3. PacketLogic Client user interface
Add Guide Line Adds a horizontal guide line to the chart at a configurable y-axis value.
Close Tab Closes the current tab. This option is not available if there is only one tab.
Find Shows a search box to search for a string in the current view.
Full Screen Mode Shows the current chart in full-screen mode. Pressing Esc exits full-screen mode.
Home Goes to the root level of the distribution, which shows as a bar chart of all configured
StatisticsObjects.
Main Toolbar Shows/Hides the Main Toolbar. For more information, see Section 3.1, “PacketLogic Client
window”.
Manage Compare URLs In line charts, compares added URLs in the same graph. The URLs must have the same
splittype.
Show Trend Lines in Line In line charts, shows calculated trend lines.
Chart
Stacked Area Chart Displays the current view as a stacked area chart.
25
3. PacketLogic Client user interface
See also
26
3. PacketLogic Client user interface
Backup Manager Opens the Backup Manager window to create and restore client side backups. For more
information, see Section 3.24, “Backup Manager window”.
Resource Manager Opens the Resource Manager window to configure resource proxy. For more information,
see Section 3.25, “Resource Manager window”.
File Manager Opens the File Manager window to access files in the database. For more information, see
Section 3.26, “File Manager window”.
Log Viewer Opens the Log Viewer window to display configured logs. For more information, see Section
3.27, “Log Viewer window”.
Connection Search Opens the Connection Search window to search for current and ended connections. For
more information, see Section 3.28, “Connection Search window”.
Commit Log Opens the Commit Log window to view the log to which records are written when you save
changes made to a resource.
Note
The commit log is not an authoritative record of past actions in the system, since any user
can clear it. For a more reliable record, write the syslog to a remote server and use the audit
log levels.
Dynamic Items Editor Opens the Dynamic Items Editor window to view or remove configured dynamic items.
VBS Viewer Opens the VBS Viewer window to view or reset data for VBS objects.
DRDL Revision Info Opens the DRDL Revision Info dialog to view a log of all configuration changes made to
DRDL.
See also
27
3. PacketLogic Client user interface
Add Bookmark Opens the Add bookmark dialog to create a new bookmark in the Local Bookmarks folder.
Add all Tabs as Bookmark Opens the Add bookmark dialog to create a new folder in the Local Bookmarks folder with
Folder all currently open tabs as bookmarks.
See also
28
3. PacketLogic Client user interface
About Information about the PacketLogic Client software, including build date and protocol version.
Note
In the Mac OS X client, this information is located on the PacketLogic Client menu.
System Information Information about the PacketLogic system to which PacketLogic Client is connected. The
following information is provided:
Request Support Opens a web browser to submit a support request to the Sandvine technical support.
Interactive Support Opens an Internet Relay Chat (IRC) conversation with the Sandvine technical support.
To use the interactive support function, enter a nick name and click Connect. In the IRC
window, type text in the field at the bottom and click Enter to submit the question.
See also
29
3. PacketLogic Client user interface
1 Navigation pane
The navigation pane contains a tree structure with folders for different types of objects and
rules. For more information about the available objects and rules, see Section 5.5.3, “Object
types for traffic categorization”.
2 Workspace
The workspace contains specific configuration options for the selected object, item, or rule.
For more information, see the sections describing each type of object or rule.
New
Creates a new item or object. This option applies to the currently selected level in the object
hierarchy.
Save
Cut
30
3. PacketLogic Client user interface
Copy
Paste
Move rule up
This option is only available when viewing the Filtering rules folder is selected. Moves the
selected filtering rule up in the ruleset.
This option is only available when viewing the Filtering rules folder is selected. Moves the
selected filtering rule down in the ruleset.
New
Creates a new item or object. This option applies to the currently selected level in the object
hierarchy.
Remove
See also
New Creates a new item or object. This option applies to the currently selected level in the object
hierarchy.
Roll Back Changes Reverts all changes made in the Objects & Rules Editor since the last time it was saved.
31
3. PacketLogic Client user interface
Steal Resource Applies an exclusive lock on the Rules & Objects Configuration resource to prevent any other
sessions from saving changes to it.
Note
This option requires read and write permissions on the Resource and Rules & Objects
Configuration resources.
Import Template Imports an XML template with object and rule definitions to the ruleset. When a ruleset is
imported, all definitions in the XML file are added to the current ruleset. Saving the ruleset
activates the changes.
• Stock: Imports a predefined statistics ruleset templates. For more information, see
Section 7.12, “Statistics ruleset templates”.
Export Template Exports the selected objects and rules to an XML file, which can be imported to PacketLogic
Client.
Save & Close Saves the current ruleset and closes the Objects & Rules Editor window.
Close Closes the Objects & Rules Editor window without saving any changes.
See also
See also
32
3. PacketLogic Client user interface
1 NetObjects folder
The icon representing the NetObject in the navigation pane has an eye if the NetObject
is visible.
Object visible Displays the NetObject under Local Hosts in Live View.
New
Creates a new item or object. This option applies to the currently selected level in the object
hierarchy.
Remove
Expand a NetObject and select an item in the navigation pane to show the definition of the item. For details, see Section 5.5.3,
“Object types for traffic categorization”.
33
3. PacketLogic Client user interface
Range A set of IP addresses entered as the starting and an ending IP addresses of a range.
The network can also be written as prefix length, which will be translated into a netmask. For
example, 24 is translated into 255.255.255.0.
See also
Visible Makes the NetObject visible under Local Hosts in Live View.
Link Speed Opens the Link Speed dialog to define incoming and outgoing link speed. These values are
used to show horizontal lines indicating the link speed in line charts and stacked area charts
for the NetObject in Statistics view.
34
3. PacketLogic Client user interface
Attribute Editor Opens the Attribute Editor dialog to set attributes on the object. For more information about
attributes, see Section 5.5.4, “Attributes”.
See also
35
3. PacketLogic Client user interface
1 ServiceObjects folder
New
Creates a new item or object. This option applies to the currently selected level in the object
hierarchy.
Remove
Expand a ServiceObject and select an item in the navigation pane to show the services. For details, see Section 5.5.3, “Object
types for traffic categorization”.
36
3. PacketLogic Client user interface
See also
37
3. PacketLogic Client user interface
1 Tabs
• Fields: Specifies which metric values to store as statistics. For more information, see
Section 3.13.1, “Fields tab”.
• Distribution: Specifies how the statistical data is organized. For more information, see
Section 3.13.4, “Aggregation tab”.
• Limits: Specifies how much data a value must accumulate to be included in statistics.
For more information, see Section 3.13.2, “Distribution tab”.
2 StatisticsObjects folder
38
3. PacketLogic Client user interface
See also
Field The Field column lists the available values of a connection that you can store as statistics.
For more information about total fields and graph fields, see Section 7.5.1, “Fields”. The
name in the Field column is the same as the total field name.
Incoming Bytes and Metrics for incoming bytes and outgoing bytes will always be stored as long as any other field
Outgoing Bytes fields is selected, whether the check boxes for Incoming Bytes and Outgoing Bytes are selected
39
3. PacketLogic Client user interface
Daily Sum Stores accumulated metrics, that is, how much has been accumulated until now.
Graph Points Stores graph point metrics, that is, samples that show how the metric has varied over time.
Note
Graph point values consume considerable resources compared to daily sum values. Ensure
that Graph Point check boxes are selected only where needed.
Sub-Item Count field Collects sub-item count statistics for every level in the StatisticsObject distribution. Only the
number of sub-items on the next level will be counted.
Quality fields Stores raw Quality of Experience (QoE) data automatically. For more information about the
PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
QoE data is shown in Statistics view when selecting Packets in the Data type list. For more
information, see Section 3.3, “Statistics view”.
The following QoE fields (with the corresponding quality fields) are available:
See also
40
3. PacketLogic Client user interface
Depth The Depth option is available for some value types. For more information, see Section 7.5.2,
“Value types”.
Graph Points The Graph Points list has the following options:
• Normal: Graph data is collected for the fields that have Graph Points selected in the
Fields tab.
• Usage analysis: Calculates averages based on usage analysis. For more information,
see Section 7.10, “Averages based on usage analysis”.
Graph point values consume considerable resources compared to daily sum values. Use them
only where needed.
Priority The priority defines the granularity with which data is stored for the distribution level. The
available options are:
• Normal: Values are updated if the transferred data exceeds the threshold set by
the system configuration values PLS_CONN_THRESHOLD_IN (for inbound traffic) and
PLS_CONN_THRESHOLD_OUT (for outbound traffic). To avoid value cache exhaustion,
values with normal priority are not created when the value cache usage on PIC exceeds
PLS_PRIORITY_THRESHOLD value.
• High: Values with high priority are always updated. The values are never filtered based on
storage thresholds. The root level of a StatisticsObject distribution has always high priority.
Column Name This option is available for the Session Context Column and Remote GeoIP value types.
Selecting Exclude in the list excludes the column name from the distribution.
41
3. PacketLogic Client user interface
Link/Root/Property The Link/Root/Property option is available for some value types. A link, a root object, or a
property, depending on the value type. For more information, see Section 7.5.2, “Value
types”.
Add
Adds a new level with a value type in the distribution. This option applies to the currently
selected level in the distribution.
The available value types are described in Section 7.5.2, “Value types”.
Remove
See also
42
3. PacketLogic Client user interface
See also
Aggregate this object to the Stores the data of the StatisticsObject on the aggregation system. For more information, see
aggregation server Section 7.11, “Aggregation”.
See also
43
3. PacketLogic Client user interface
1 Tabs
• Template: This tab specifies which IPFIX fields to export in the IPFIX records and in which
format. For more information, see Section 3.14.1, “Template tab”.
• Collectors: This tab is used to add IPFIX collectors. For more information, see Section
3.14.2, “Collectors tab”.
2 IPFIXObjects folder
44
3. PacketLogic Client user interface
See also
Value The Value option is available for some fields that require additional specifications. For more
information, see Section 10.2.1, “Template”.
Depth The Depth option is available for some fields that require additional specifications. For more
information, see Section 10.2.1, “Template”.
45
3. PacketLogic Client user interface
See also
Add collector
Adds a new collector and opens a dialog to enter address and port of the collector.
Remove collector
46
3. PacketLogic Client user interface
See also
47
3. PacketLogic Client user interface
1 Conditions folder
New
Creates a new condition or object. This option applies to the currently selected level in the
condition hierarchy.
Remove
See also
• Section 6.6.2.1, “Use conditions to create rules” in PacketLogic Real-Time Enforcement product guide
• Section 6.6.2.1.7, “Object types and their characteristics” in PacketLogic Real-Time Enforcement product guide
48
3. PacketLogic Client user interface
Clicking the Statistics rules folder in the navigation pane shows check boxes for all statistics
rules.
Enable Insights Traffic Exports data for traffic matching this rule to Insights Data Storage.
Perspective storage
Type This column shows a list of traffic identification objects that traffic must match in order to
match the rule. For more information how to set up conditions, see Section 3.15, “Conditions
configuration pane”.
The value in the column is either the condition operator or the object type.
Name/Object This column contains a name for a condition or an object for an object type.
New
Creates a new condition or object. This option applies to the currently selected level.
Remove
49
3. PacketLogic Client user interface
StatisticsObject and IPFIXObjects are added to a rule in separate configuration panes. Selecting a StatisticsObject or
IPFIXObjects for a rule opens the configuration pane.
See also
50
3. PacketLogic Client user interface
See also
51
3. PacketLogic Client user interface
Used for The intended use of the channel. These options are available:
• Traffic: The channel is used for traffic inspection, management, and forwarding.
• Shunt: The channel shunts all traffic. For more information about shunting, see Section
7.2, “Shunting” in PacketLogic Real-Time Enforcement product guide.
Note
When you shunt traffic through a channel that is dedicated for shunting, any Shunt
options, Actions, or Port filtering configured, will not be processed.
• Divert: The channel is enabled for divert. To use it in a filtering rule, include it in a divert
label on the Divert Labels tab. For more information about divert, see Section 7.11,
“Advanced traffic steering” in PacketLogic Real-Time Enforcement product guide.
• Monitor: The channel is enabled for monitor. To use it in a filtering rule, include it in a
monitor label on the Monitor Labels tab. This uses both channel interfaces, one for each
direction of the traffic. For more information about monitor, see Section 7.10.4, “Monitor”
in PacketLogic Real-Time Enforcement product guide.
• FlowSync/Monitor: The internal interface of the channel is used for FlowSync. The
external interface of the channel is enabled for Monitor. To use it in a filtering rule, include
it in a monitor label on the Monitor Labels tab. This uses only one channel interface
for monitor, sending both directions of the monitored traffic on that interface. For more
information, see Section 6.5.2.1, “Flow synchronization” in PacketLogic Real-Time
Enforcement product guide and Section 7.10.4, “Monitor” in PacketLogic Real-Time
Enforcement product guide.
Direction The channel interface direction. For more information, see Section 8.16, “Configuring
channel interface direction” in PacketLogic Real-Time Enforcement product guide. These
options are available:
• Default: Keeps the default direction with Int being an internal interface and Ext an external
interface.
• Reverse: Swaps the directions to make the interface marked Int acts as an external
interface, and the interface marked Ext acts as an internal interface.
52
3. PacketLogic Client user interface
See also
• Section 8.16, “Configuring channel interface direction” in PacketLogic Real-Time Enforcement product guide
• Section 7.11, “Advanced traffic steering” in PacketLogic Real-Time Enforcement product guide
Label A list of added divert labels. Divert labels are used as targets for filtering rules with action Divert.
For details, see Section 7.11.2.3, “Divert labels” in PacketLogic Real-Time Enforcement
product guide.
Load balancing Defines how to load balance traffic over the entries in a divert label. The available options are:
53
3. PacketLogic Client user interface
VLAN The VLAN tag added to the traffic matched to this divert label.
Asymmetric Defines if the VLAN tag is to have different VLANs added depending on their direction.
The subnet for the heartbeat address must be different from the external heartbeat subnet and
from any of the interface subnets.
The subnet for the heartbeat address must be different from the internal heartbeat subnet and
from any of the interface subnets.
Add
Remove
See also
54
3. PacketLogic Client user interface
Label A list of added divert labels. Monitor labels are used as targets for filtering rules. For more
information, see Section 7.10.4.3, “Monitor label” in PacketLogic Real-Time Enforcement
product guide.
Load balancing Defines how to load balance traffic over the entries in a divert label. The available options are:
• Hash Local Host: Selects the entry based on a hash of the local host IP address.
VLAN The VLAN tag added to traffic matched to this monitoring label.
Add
Remove
55
3. PacketLogic Client user interface
See also
56
3. PacketLogic Client user interface
1 Navigation pane
• Cut
• Copy
• Paste
• Paste Permissions
• Change Password
• Rename
• Delete User
2 Tabs
57
3. PacketLogic Client user interface
• Database Permissions: Database permissions for the user. For more information, see
Section 3.18.1, “Database Permissions tab”.
• LiveView Permissions: LiveView permissions for the user. For more information, see
Section 3.18.2, “LiveView Permissions tab”.
• Host Access List: IP addresses of hosts from which the user is allowed to connect to
PacketLogic. An empty list means that no access restriction is applied.
• Inactivity: Defines after how long time an inactive user is logged off PacketLogic Client.
New User
Save
Cut
Copy
Paste
Pastes a user.
See also
Name Description
58
3. PacketLogic Client user interface
Name Description
Channel Management Permission to view (Read) and edit (Write) channel names and link modes.
CommitLog Permission to view (Read) and add to/clear (Write) the commit log
Connection Protection Permission view (Read) and manipulate (Write) connection protection triggers.
Triggers
Dynamic Ruleset Permission to view (Read) and manipulate (Write) the dynamic parts of the ruleset.
File Server Permission to list (Read) the files in the file manager, and to upload and change (Write) the files.
Host Triggers Permission to view (Read) and manipulate (Write) the host triggers.
PLSCD (PacketLogic Permission regulating if a PLCOMMD client can connect to the PLCOMMD server (Write) or
Session Contexts Daemon) not (Read).
Rules & Object Permission to view (Read) and edit (Write) the objects and rules.
Configuration
System Configuration Permission to view (Read) and edit (Write) system configuration values.
System Diagnostics Permission to view (Read) system diagnostics data and to change (Write) the alert limits.
System Overview Permission to view (Read) and manipulate (Write) System Overview.
User Management Permission to view (Read) and edit (Write) other users and their permissions.
See also
Name Description
59
3. PacketLogic Client user interface
Name Description
Dynamic Objects Permission for API connectivity to add, list, or remove dynamic objects.
Service details Permission to see detailed information about different services, such as FTP.
See also
60
3. PacketLogic Client user interface
Level The log levels have generic meanings, but the implementation of log levels may vary depending
on which facility you configure. The following levels are available:
• Alert: An action must be taken immediately. A condition that you must correct
immediately, such as a corrupted database, has occurred.
• Notice: Normal but significant conditions have occurred. Conditions that are not errors,
but that may require special handling.
61
3. PacketLogic Client user interface
See also
62
3. PacketLogic Client user interface
1 Navigation pane
• Rename
• Cut
• Copy
New trigger
Save
Cut
63
3. PacketLogic Client user interface
Copy
Paste
Pastes a trigger.
Trigger type The type of host trigger. For more information, see Section 7.12.2.1, “Host trigger types” in
PacketLogic Real-Time Enforcement product guide.
Script to run The Python code to execute when the conditions in the host trigger match.
Scripts can be uploaded in the File Manager window. For more information, see Section
3.26, “File Manager window”.
Remote Custom View This option is only available for the trigger type Dynamic LiveView. Defines which remote custom
view to base the trigger on.
Condition A condition for when the trigger will be set off. Conditions can be based on the following
metrics:
• Seen per host outgoing Hop Limits: The limit in number of seen per host outgoing
Hop Limits.
• In internal QoE: The limit on the In internal Quality of Experience (QoE) value.
• Out internal QoE: The limit on the Out internal Quality of Experience (QoE) value.
• In external QoE: The limit on the In external Quality of Experience (QoE) value.
• Out external QoE: The limit on the Out external Quality of Experience (QoE) value.
• Subitem count: The limit on sub items in a node. This condition will match on any level
in the tree, if the actual number of children for the node exceeds the configured value. It
is most useful for triggers based on the Dynamic LiveView trigger type.
Note
While all other limits set the trigger off when the value is above the configured value, QoE limits
set the trigger off when the value is below the configured value.
Add
64
3. PacketLogic Client user interface
Remove
See also
• Section 7.12.2.1, “Host trigger types” in PacketLogic Real-Time Enforcement product guide
• Section 7.3, “Hop limit tracking” in PacketLogic Real-Time Enforcement product guide
65
3. PacketLogic Client user interface
1 Navigation pane
Right-clicking a connection protection trigger opens a menu with the following options:
• Rename
• Cut
• Copy
New trigger
Save
Cut
66
3. PacketLogic Client user interface
Copy
Paste
Pastes a trigger.
Script to run The Python code to execute when the conditions in the connection protection trigger match.
Scripts can be uploaded in the File Manager window. For more information, see Section
3.26, “File Manager window”.
See also
67
3. PacketLogic Client user interface
1 Navigation pane
The navigation pane contains folders for different types of system configuration values. The
name of values and folders containing values that are set to something different than the default
value, have bold formatting.
For more information about the system configuration values, see Appendix B, System
Configuration Values.
Save
Saves and writes the changes from PacketLogic Client to the PacketLogic system.
For configuration changes to take effect, the configuration must be reloaded. See Close &
Reload Configuration on the File menu.
For more information about values that exceed the minimum and maximum values, see
Section B.1.1, “Exceeding minimum and maximum values”.
68
3. PacketLogic Client user interface
See also
Save Saves and writes the changes from PacketLogic Client to the PacketLogic system.
Close & Reload Closes the System Configuration Editor window and reloads the configuration.
Configuration
Close & Reboot System Closes the System Configuration Editor window and reboots the system.
See also
69
3. PacketLogic Client user interface
• System Overview
• LiveView
• Statistics View
• Advanced
• Proxy
70
3. PacketLogic Client user interface
See also
Chart time interval (hours) The interval in hours between 1 and 24 for the information shown in graphs in System Overview.
See also
Update interval (seconds) The interval in seconds for updating information in LiveView.
Show transfer rates as The scaling of the transfer rates shown in LiveView. The available options are:
• kbps
• Mbps
• Gbps
Use reverse hostname Makes PacketLogic Client perform a DNS lookup for the hosts in a connection when you view
lookup in the connection details for a connection in LiveView.
view
Caution
Use the reverse hostname lookup option with care. The DNS server must be able to handle the
load of requests from PacketLogic. If the DNS server is overloaded, it may stop responding.
71
3. PacketLogic Client user interface
Time out if inactive for The number of seconds a view can be inactive before the server stops sending updates.
(seconds)
Default setting: 30 seconds
• No Limit
Displays the existing number of levels regardless of how many levels there are.
• 1 to 10
See also
Home page The starting point for browsing statistics in Statistics view.
Congestion line in line Displays a horizontal line in line charts for a certain percentage of linkspeed.
charts
The congestion line is displayed in line charts of NetObjects where the linkspeed attribute
is set. For more information about the linkspeed attribute, see Section 3.11, “NetObjects
configuration pane”.
See also
Language The language used by PacketLogic Client. Select System Language in the list to retrieve the
language setting from the PacketLogic system.
Max length of system The maximum length of the system diagnostics log.
diagnostics log
72
3. PacketLogic Client user interface
Do a ruleset compile on Compiles the ruleset on commit in the Objects & Rules Editor window. For more information,
commit in Objects & Rules see Section 3.10, “Objects & Rules Editor window”.
Editor
Check for updates on Makes PacketLogic Client contact the Sandvine server when it is started to check for a newer
startup version of PacketLogic Client.
See also
See also
73
3. PacketLogic Client user interface
Note
Backups only take resources stored locally. Proxied resources are not included. For more information, see
Section 3.25, “Resource Manager window”.
New Backup
Restore
Download
Downloads the selected backup. Transfers the backup file from the PacketLogic system to
the host running PacketLogic Client.
Upload
Uploads a backup. Transfers a file from the host running PacketLogic Client to the PacketLogic
system.
Delete
74
3. PacketLogic Client user interface
Backup A list of backups consisting of the PacketLogic ruleset stored in XML format with
the file extension .plb. The files are automatically named date-time.plb, for example,
20110419-12.18.plb.
See also
75
3. PacketLogic Client user interface
Name The name of the resource. For more information, see Section 6.2.4.2, “Resources”.
• Local: The resource is stored and managed on the local PacketLogic system only.
• Proxy: The resource is stored on another PacketLogic system. You can view and manage
the resource on the local PacketLogic system, but the operations are transparently
sent to the other (proxy) PacketLogic system. For more information, see Section 6.7,
“Centralized management”.
Proxy Address The address of the proxy PacketLogic system if the mode of the resource is set to Proxy.
Edit Opens the Editing Resource dialog box where you configure:
• Mode
• Proxy address
• Proxy user
• Proxy password
76
3. PacketLogic Client user interface
See also
77
3. PacketLogic Client user interface
1 Navigation pane
The navigation pane contains folders for different types of files. The following folders are
available:
• License upload
78
3. PacketLogic Client user interface
2 Workspace
Upload File
Uploads a file to the File Manager. Transfers a file from the host running PacketLogic Client
to PacketLogic.
Download File
Downloads a file from the File Manager. Transfers a file from PacketLogic to the host running
PacketLogic Client.
Delete File
See also
79
3. PacketLogic Client user interface
1 Navigation pane
The navigation pane contains a list of all log files. Clicking a file shows the content in the
workspace.
Save
Refresh
Copy
Find
80
3. PacketLogic Client user interface
See also
Save Saves the selected log file on the local file system.
See also
See also
81
3. PacketLogic Client user interface
Remove
Max results The maximum number of connections to display in the search result.
Add Criteria Adds a search criterion. The search requires at least one search criterion, which can contain
one or no values.
• Client: The IPv4 address, IPv6 address, or port of the client. It can be entered as an
exact match or as s range.
• Server: The IPv4 address, IPv6 address, port, or host name of the server. IP addresses
and ports can be entered as an exact match or as a range.
• Host: The IPv4 or IPv6 address of the client or the server. It can be entered as an exact
match or as a range.
• Start Time Interval: A time interval during which the connection was initiated.
• End Time Interval: A time interval during which the connection ended.
82
3. PacketLogic Client user interface
• Rewrite Client: The IPv4 address or port after NAT rewrite of the client. It can be entered
as an exact match or as a range.
• Rewrite Server: The IPv4 address or port after NAT rewrite of the server. It can be entered
as an exact match or as a range.
• Rewrite Host: The IPv4 address of the client or the server after NAT rewrite It can be
entered as an exact match or as a range.
Reset Removes any search criteria and sets the time interval to the default value.
Export Exports the search result in a text file with the values separated by semicolon.
See also
83
3. PacketLogic Client user interface
Note
This way of generating reports is only available on Linux, not on Windows or MacOS.
• --bookmark-file=path_to_bookmark_file: The file path to the bookmark file to be used for export in .pdf or .csv format. You
need to also specify the name of the bookmark within the file with the --bookmark argument, for example, --bookmark-
file=Bookmarks.pbx --bookmark=StatisticsObjects --create-pdf. See Section 8.4.3, “Bookmarks”
for information about how to generate a bookmark file.
• --bookmark=bookmark: The bookmark to be used for export in .pdf or .csv format. This is the name attribute in the
bookmark file. See Section 8.4.3, “Bookmarks” for more information about the bookmark file format.
• --create-pdf: Create a .pdf file from a specified bookmark. Requires that a bookmark is specified with --bookmark.
• --create-csv: Create a .csv file from specified bookmark. Requires that a bookmark is specified with --bookmark.
• --template=path_to_report_template: Create a report specified in the report template XML file given as argument. For more
information, see the Report Studio Product Guide.
• --input- name_of_template_input =value: Enter the input values for the report template. For more information, see the
Report Studio Product Guide.
Use plclient --help for a list of the available arguments on the command line.
You can use either --create-pdf or --create-csv to generate statistics without opening the client. (If you provide both, only the
one entered last on the command line will be used.) The resulting file is named as the bookmark from which the statistics are
generated, with a .pdf or .csv file name extension. If there are multiple bookmarks with the same name, the first one found is used.
Note
You can use the commands --server, --user, and --password to start PacketLogic Client as usual, connecting
directly with the specified authentication details and bypassing the System Manager window.
See also
84
4. Interfaces
4.1. PacketLogic Client
4.2. CLI
4.3. SQL
See also
85
4. Interfaces
The client consists of views, menus, editors and managers. The editors and managers open in separate windows. Frequently
used tools for managing the system are available on a main toolbar. Many of the views, editors, and managers also have context-
sensitive menus, opened on right-click.
Additionally, keyboard shortcuts are available for accessing many of the functions. The keyboard shortcut for a menu item is
shown next to the item. For a list of all available keyboard shortcuts, see Appendix D, Keyboard shortcuts.
See also
• Chapter 4, Interfaces
Note
If you have configured the PacketLogic Client to connect directly to a specific system, the System Manager
window is not opened.
2. In the System Manager window, click New System and perform the following steps.
7. Optionally, click the view to be opened on initial connection in the Default view list.
9. Click Connect.
86
4. Interfaces
To customize tables
1. In PacketLogic Client, open a view where where values are displayed in columns.
3. To select which columns to display, right-click a column header row and then click a value in the list.
See also
To upload a file
5. Select Open.
See also
Prerequisites:
• The Objects & Rules Editor needs FileServ permission to work. FileServ is used to get the available attributes for objects
and rules as well as service properties.
• The ruleset compilation done when you commit works more reliably if PacketLogic Client has access to sysconfig. Sysconfig
is used to set the max complexity and max rules settings in the ruleset compiler. If PacketLogic Client has no access to
sysconfig, it uses the default values.
You can open the Objects & Rules Editor from the Edit menu or from the main toolbar. There are three different opening
modes available in a submenu. If you click the Objects & Rules Editor button on the toolbar, the default mode is used. Click
and hold displays the other options.
87
4. Interfaces
Note
This option requires read and write permissions on the Resource and Rules & Objects Configuration
resources.
• The view is not affected by subsequent updates to the objects or rules made by another PacketLogic Client or by API
calls, such as snoopers or custom integrations.
See also
4.2. CLI
The command-line interface (CLI) is used for basic configuration tasks when setting up certain systems administration tasks.
This reference describes the supported commands together with a tree model of all configuration values. A tree model of the
supported configuration values complete with a description of all available CLI commands is included in the PacketLogic CLI
Reference Guide.
See also
Note
The command-line interface (CLI) is available on port 42002 via SSH to the administration interface of
PacketLogic, or by using a console cable connected to the console interface of PacketLogic.
88
4. Interfaces
4.3. SQL
You can use a subset of the Structured Query Language (SQL) to query the statistics reader and retrieve data from the statistics
storage. The result of a query is delivered in a table format.
• The PacketLogic Database Daemon (PLDBD) API : A Sandvine specific protocol that you can access via the PacketLogic
PythonAPI. The PythonAPI is the only supported client for this protocol.
Note
Several other methods are available in the Statistics module. These methods are still supported, but they are
considered deprecated since we recommend you to use the SQL interface for accessing data.
• query: This method can be used for smaller queries where the entire result set is returned in a single dictionary.
• query_callback: This method can be used for large result sets as the result will be processed row by row using callbacks.
A benefit of this method is that not all memory in the client will be used.
4.3.1.1. Statistics.query
This method sends the SQL query to the system, and the entire result set is stored in memory before returning the data. This
method is optimal for smaller queries where the result set does not use a lot of memory.
Parameters
Query in the form of an SQL string.
Returns
A dictionary with information about columns, rows and notice messages, for example:
89
4. Interfaces
Example
import packetlogic2
c = packetlogic2.connect("my_ip_address_to_pic", "my_username", "my_password")
s = c.Statistics()
# List all dates with traffic.
query = """SELECT name, bytes_in, bytes_out
FROM pls_list(date_from='2015-12-31', date_to='2015-12-31',
value_path='/PSM?0/By Subscriber?NetObject',
table_name='traffic');
"""
data = s.query(query)
# Print the name column in rows.
for row in data["rows"]:
print row[0]
4.3.1.2. Statistics.query_callback
This method sends the SQL query to the system, and the callbacks are invoked when row description, row or notice message
has been received. This method is ideal when processing large volumes of data.
Parameters
Returns
This method does not return anything.
Example
90
4. Interfaces
The limit is configured by setting the system configuration value PLDB_STATREADER_MAX_RESULTSET_SIZE_MB. Default
is 1000 MB. This value can be overridden per session using:
4.3.3. Statements
The following statements are supported for querying the statistics storage.
4.3.3.1. SELECT
The SELECT statement is used to retrieve data from the statistics storage. SELECT can use WHERE, ORDER BY and LIMIT
to filter and sort the result set.
Syntax diagram
Examples
SELECT columns FROM procedure (args) WHERE expr ORDER BY expr LIMIT x OFFSET y
91
4. Interfaces
4.3.3.2. SHOW
The SHOW statement will list all session variables or a single session variable.
Syntax diagram
Example
SHOW ALL;
SHOW peering;
peering
-------
True
4.3.3.3. SET
A SET statement can alter a session variable to a new value or to the default value. A change is only valid for the lifetime of
the current connection. A session variable can be used to temporarily turn off peering or to output query metrics. See Section
4.3.5, “Session variables”.
Syntax diagram
Examples
92
4. Interfaces
4.3.4. Procedures
The following procedures are available for use in the SQL interface. To list all procedures, use:
4.3.4.1. pls_date_list
This procedure lists the dates that have stored statistics.
Peering support
Yes
Parameters
None
Example
date
------------
2016-02-12
2016-02-11
2016-02-10
2016-02-09
2016-02-08
...
4.3.4.2. pls_list
This procedure lists data from a time interval and returns the total amount for each node that is found. If the date parameters
specify time, for example 2015-12-31 20:00, the query will read graph data instead of the daily totals data.
Peering support
Yes
Parameters
Mandatory parameters:
• date_from
• date_to
• table_name - The table that the procedure will read data from, channel, nat, traffic or shapingobject. See Table 4.1.
Optional parameters:
• recursion_depth - The number of levels that the query will recursively traverse down through the statistics distribution.
Example
93
4. Interfaces
parent_path (parent query for parent_path (parent query for parent_path (parent query for parent_path (parent query for
this node) this node) this node) this node)
level (recursion level, 0 is the level (recursion level, 0 is the level (recursion level, 0 is the level (recursion level, 0 is the
first level) first level) first level) first level)
quality_int_in max_latency_out
94
4. Interfaces
quality_int_out avg_queue_out
quality_ext_in max_queue_out
quality_ext_out
quality_pkts_in
quality_pkts_out
rtt_in
rtt_out
packets_in
packets_out
subitem_count_netobject
subitem_count_host
subitem_count_remotehost
subitem_count_localvhost
subitem_count_remotevhost
subitem_count_base_service
subitem_count_service
subitem_count_service_object
subitem_count_vlan_in
subitem_count_vlan_out
subitem_count_xfbflag
subitem_count_ipprotocol
subitem_count_dscp_in
subitem_count_dscp_out
subitem_count_channel_in
subitem_count_channel_out
subitem_count_mpls_in
subitem_count_mpls_out
subitem_count_int_aspath
subitem_count_ext_aspath
subitem_count_origin_as
subitem_count_int_bgpcomm
subitem_count_ext_bgpcomm
95
4. Interfaces
subitem_count_ttl
subitem_count_property
subitem_count_content_category
a
The name and ID for each value type are listed in Section 7.5.2, “Value types”.
4.3.4.3. pls_graph
This procedure lists graph data from a time interval and returns the total amount for each node that is found.
Peering support
Yes
Parameters
Mandatory parameters:
• date_from
• date_to
• value_path
Optional parameters:
• resolution - The resolution of the returned data. Resolution must be set to a multiple of the graph resolution specified
for the statistics storage. If this parameter is not set, or if it is set to 0, the statistics storage graph resolution will be
used for the retrieved data.
• recursion_depth - The number of levels that the query will recursively traverse down through the statistics distribution.
Examples
The following example uses the resolution parameter:
96
4. Interfaces
parent_path (parent query for parent_path (parent query for parent_path (parent query for parent_path (parent query for
this node) this node) this node) this node)
a a a a
value_type value_type value_type value_type
level (recursion level, 0 is the level (recursion level, 0 is the level (recursion level, 0 is the level (recursion level, 0 is the
first level) first level) first level) first level)
ts ts ts ts
97
4. Interfaces
quality_int_out max_latency_out
quality_ext_in avg_queue_out
quality_ext_out max_queue_out
quality_pkts_in
quality_pkts_out
link_speed_in
link_speed_out
link_utilization_in
link_utilization_out
rtt_in
rtt_out
packets_in
packets_out
subitem_count_netobject
subitem_count_host
subitem_count_remotehost
subitem_count_localvhost
subitem_count_remotevhost
subitem_count_base_service
subitem_count_service
subitem_count_service_object
subitem_count_vlan_in
subitem_count_vlan_out
subitem_count_xfbflag
subitem_count_ipprotocol
subitem_count_dscp_in
subitem_count_dscp_out
subitem_count_channel_in
subitem_count_channel_out
subitem_count_mpls_in
subitem_count_mpls_out
subitem_count_int_aspath
98
4. Interfaces
subitem_count_ext_aspath
subitem_count_origin_as
subitem_count_int_bgpcomm
subitem_count_ext_bgpcomm
subitem_count_ttl
subitem_count_property
subitem_count_content_category
a
The name and ID for each value type are listed in Section 7.5.2, “Value types”.
4.3.4.4. pls_data_invalidate
This procedure removes statistics values from the PIC storage (StatsFS). Both daily total values and graph data points are
invalidated by pls_data_invalidate.
Warning
Peering support
No
Parameters
Mandatory parameters:
• date_from
• date_to
• value_path
• delete_root - If set to True, the value path set with value_path will be invalidated along with all of its child values. If
set to False, only the child values are invalidated.
Example
4.3.4.5. pls_graph_invalidate
This procedure removes graph data from the PIC storage. Daily total values are not invalidated by pls_graph_invalidate.
Warning
99
4. Interfaces
Peering support
No
Parameters
Mandatory parameters:
• date_from
• date_to
• value_path
• delete_root - If set to True, the value path set with value_path will be invalidated along with all of its child values. If
set to False, only the child values are invalidated.
Example
4.3.4.6. pls_list_daily_indexes
This procedure lists meta data about daily indexes that are stored in the PIC storage. This is an internal query and will not return
any statistics data.
Peering support
No
Parameters
None
Example
Output columns
Name Description
path The path to the daily index in the local file system.
100
4. Interfaces
Name Description
4.3.4.7. pls_list_global_indexes
This procedure lists all global indexes in the PIC storage. This is an internal query and will not return any statistics data.
Peering support
No
Parameters
None
Example
Output columns
Name Description
path
version
max_values
max_values_ext
startday
endday
last_write
values
values_collision
links
links_collision
101
4. Interfaces
4.3.4.8. pls_list_procedures
This procedure lists all procedures that can be called in SQL.
Peering support
No
Parameters
None
Example
name
-------------------------
pls_data_invalidate
pls_date_list
pls_graph
pls_graph_invalidate
pls_list
pls_list_daily_indexes
pls_list_global_indexes
pls_list_procedures
pls_subitem_count
pls_subscriber_count
4.3.4.9. pls_recompress_daily_indexes
This procedure recompress data for a day with the specificed compression algorithm.
Peering support
No
Parameters
Mandatory parameters:
Example
4.3.4.10. pls_recompress_global_indexes
This procedure recompress data for a global index with the specificed compression algorithm.
Peering support
No
102
4. Interfaces
Parameters
Mandatory parameters:
Example
4.3.4.11. pls_subitem_count
This procedure counts the number of items of each value type on the subsequent level in the statistics distribution for every
statistics value.
Peering support
Yes
Parameters
Mandatory parameters:
• date_from
• date_to
• value_path
Optional parameter:
• recursion_depth - The number of levels that the query will recursively traverse down through the statistics distribution.
If recursion depth is not specified or set to 0, the subitem count for the queried value path will be returned.
Example
Output columns
Name Description
parent_path
level
value_type
103
4. Interfaces
Name Description
count
4.3.4.12. pls_subscriber_count
This procedure counts the number of subscribers that have been active during the time interval. If using the recursion_depth
parameter, the count can be retrieved for every NetObject in the distribution.
Warning
Using recursion_depth along with long time intervals will result in a query that may take minutes to complete.
Peering support
Yes
Parameters
Mandatory parameters:
• date_from
• date_to
• value_path
Optional parameters:
• recursion_depth - The number of levels that the query will recursively traverse down through the statistics distribution.
If recursion depth is not specified or set to 0, the subscriber count for the queried value path will be returned.
Example
104
4. Interfaces
Output columns
Name Description
parent_path
level
count
4.3.4.13. pls_subscriber_count_graph
This procedure counts the number of subscribers that have been active during the time interval.
Peering support
Yes
Parameters
Mandatory parameters:
• date_from
• date_to
• value_path
Optional parameters:
• resolution - The resolution of the returned data. Resolution must be set to a multiple of the graph resolution specified
for the statistics storage. If this parameter is not set, or if it is set to 0, the statistics storage graph resolution will be
used for the retrieved data.
Example
Output columns
Name Description
ts
105
4. Interfaces
Name Description
gmtoffset
freq
count
datestyle
Not in use. Provided since the RPostgreSQL library will try to set it during connect.
max_resultset_size
Maximum number of bytes to allocate for a result set to a client. This variable can be set to prevent PIC from using all
memory. See Section 4.3.2, “Memory protection”.
peering
Pass queries to peers and aggregate results. See Section 8.3, “Statistics reader peering”. This is a boolean value
set to True as default.
query_metrics
Send back query metrics back to the client. The metrics are:
• subquery_count - The number of sub-queries (peering queries or recursion) created to process the query.
This is a boolean value set to False as default. The following is an example of query_metrics in use:
import packetlogic2
c = packetlogic2.connect("my_ip_address", "my_username", "my_password")
106
4. Interfaces
s = c.Statistics()
Statistics.data_invalidate
PythonAPI format:
Statistics.date_list
PythonAPI format:
dates = s.date_list()
Statistics.fields_list
There is no equivalent SQL call. Known column names are documented here for every procedure.
Statistics.graph
PythonAPI format:
Statistics.graph_invalidate
PythonAPI format:
Statistics.list
PythonAPI format:
107
4. Interfaces
Statistics.list_duration
There is no equivalent SQL call. It is possible to execute the pls_graph procedure and calculate duration on the client.
Statistics.list_search
The list_search PythonAPI function cannot handle peering setups, and will only read data from the system that the query
executes on. The SQL pls_list procedure handles bot peering and recursion.
PythonAPI format:
Statistics.list_subscribers
There is no equivalent SQL call that will return a unique list of subscribers between two dates. It is possible to execute
the pls_list query recursively and only filter NetObjects instead.
Statistics.names_list
PythonAPI format:
Statistics.path_is_expandable
There is no equivalent SQL call that will return True or False. The example below will instead use the pls_list procedure
and check the flags column.
PythonAPI format:
Statistics.subitem_count
PythonAPI format:
108
4. Interfaces
Statistics.subitem_count_list
The pls_subitem_count procedure supports recursion which can be used to recurse one level and filter that level with
a WHERE statement.
PythonAPI format:
Statistics.subscriber_count
PythonAPI format:
Statistics.subscriber_count_graph
PythonAPI format:
Statistics.subscriber_count_list
PythonAPI format:
Statistics.toplist
The PythonAPI will return the top N nodes for each of the fields being stored.
109
4. Interfaces
The SQL example here will only return top 10 of one of the fields (bytes_in).
PythonAPI format:
Statistics.transfer_get
There is no equivalent SQL call that will return just a single node. Instead the pls_list procedure can be used with a WHERE
statement to only retrieve the desired node.
PythonAPI format:
110
5. Statistics concepts
5.1. Objects and rules in statistics
5.2. Local, remote, incoming, and outgoing traffic
5.3. Client-server versus source-destination
5.4. Traffic analysis
5.5. Traffic categorization
5.6. Subscriber identity integrity
This chapter describes key concepts relevant for understanding PacketLogic statistics.
See also
111
5. Statistics concepts
• Data stored in the statistics file system (StatsFS) of PacketLogic is configured in StatisticsObjects. The fields in the object
configuration specify which metrics to store and the distribution specifies how the information is organized. You use statistics
rules to match traffic to StatisticsObjects.
• IPFIX data export is configured in IPFIXObjects. The objects contain templates for building IPFIX records and a list of IPFIX
collectors to which the records are exported. The templates specify the format in which the data will be built and which
values to export. You use statistics rules to match traffic to IPFIXObjects.
• Insights data export is configured with system configuration values. You use statistics rules to match traffic for Insights
data export.
• Connection logging can be enabled for a statistics rule. Traffic matching the rule is logged in the connection log.
See also
• Section 6.6.2.3, “Rules for traffic management and statistics” in PacketLogic Real-Time Enforcement product guide
To create a condition
1. In the navigation pane, expand one of the rules folders and select a rule.
2. In the workspace, click Add Condition, and then click New Condition.
Note
Conditions can be reused in other rules. To make the condition more generic, do not associate the
name of the condition with the rule.
112
5. Statistics concepts
6. In the Type column, select the object from the list, or—where applicable—point to the object and select the condition
type. For more information about condition types, see Section 6.6.2.1.7, “Object types and their characteristics”
in PacketLogic Real-Time Enforcement product guide.
Note
Only object types with configured objects are available in the list.
10. If the Verify Output dialog shows any errors, correct the errors and compile again.
Note
You must correct all errors in the condition to be able to commit the rule to the live ruleset.
See also
• Section 6.6.2.1, “Use conditions to create rules” in PacketLogic Real-Time Enforcement product guide
• Section 6.6.2.1.7, “Object types and their characteristics” in PacketLogic Real-Time Enforcement product guide
Along the same lines, traffic is considered "incoming" or "outgoing". Traffic coming from the local network (arriving on the internal
interface) destined for the remote network is outgoing, and traffic coming from the remote network (arriving on the external
interface) destined for the local network is incoming.
113
5. Statistics concepts
PacketLogic analyzes each packet that arrives on its channel interfaces. However, PacketLogic does not take action based on
an isolated packet. Instead, it looks at the connection to which the packet belongs. All of the analyzed information is kept for each
individual connection. Most of the selection rules and traffic manipulation in PacketLogic apply to connections, not packets.
This provides great advantages in both identification and management of traffic. For identification purposes, it gives a complete
view of an entire connection, which will always be more detailed than single packets. For management purposes, it gives
more precise and concise rules. Since PacketLogic keeps track of, for example, which connections that connect to server
ftp.domain.com using the service FTP, you only need need to know that you want to limit or prioritize such connections, not
how they break down into packets. That is taken care of by PacketLogic.
Each connection takes up resources in the form of an entry in the internal connection table. The maximum size of this table is
defined by the system configuration value MAX_CONNECTIONS in the Connection Handling folder. When the table is full, a new
connection will be allocated an entry by least recently used (LRU) selection of unestablished connections. Should that also fail,
the connection cannot allocate resources to track it. By default, this means packets for the connection are dropped. Setting
the system configuration value SHUNT_CONNECTION_FAILURES in the Connection Handling folder to True changes this to
shunting (direct forwarding), meaning the packets are forwarded directly without analysis or rule application. Shunted traffic is
accounted in the system diagnostics values Shunted bytes (connection create failure) and Shunted packets (connection create
failure) in the Connection zone. For more information, see Appendix C, System Diagnostics Values.
114
5. Statistics concepts
1. Packet analysis
PacketLogic analyzes each packet that arrives on its channel interfaces and collects data from the packets header.
2. Connection tracking
The type (service) of traffic is determined by analyzing the connection using the Datastream Recognition Definition
Language (DRDL).
The characteristics of the connection is measured and categorized by setting flow behavior flags to provide generic
information about the connection.
Information about the traffic from the network and general environment (such as time and BGP AS path).
FIGURE 5.2 PRE LiveView – showing top services with QoE measurements in real time
115
5. Statistics concepts
QoE monitoring is performed separately for both directions in each channel interface, where:
• Inbound internal traffic represents packets sent on the internal channel interface that are destined for a host on the
internal side.
• Outbound external traffic represents packets sent on the external channel interface, destined for a host on the external
side.
• Outbound Internal represents packets received on the internal channel interface that are destined for a host on the
external side.
• Inbound external traffic represents packets received on the external channel interface that are destined for a host on
the internal side.
5.4.1.2. Statistics
QoE measurements can also be archived as statistical data in PRE and PIC, as shown in Figure 5.4
FIGURE 5.4 PRE Statistics view – showing inbound and outbound service (Facebook) traffic
116
5. Statistics concepts
• In the incoming (Inbound external and Outbound internal) traffic, packet drops are identifiable as gaps in the TCP sequences.
• In the outgoing (Outbound external and Inbound internal) traffic, packet drops are only identifiable as retransmissions in
the incoming (Inbound external and Outbound internal) traffic – indicating that a transmitted packet has not reached its
destination.
Note
By checking if the retransmitted packet correlates to a previously sent ACK packet, it is possible to determine
exactly where in the traffic the packet has been lost. If the retransmission corresponds to an ACK packet
previously sent in the opposite direction, it can be concluded that it was the ACK packet that was lost – not
the original packet.
Example: A packet retransmitted in the Outbound internal traffic correlates to an ACK packet seen earlier in the Inbound external
traffic. As the ACK packet was previously seen in the opposite direction, this is the direct result of a drop in the Inbound internal
traffic of that TCP connection.
When a retransmission is detected, to make sure it is properly accounted for, a flag is set in the flow sync UPDATE message.
This will cause the current data direction and sequence number to be sent to the flow sync peer. With this information it is
possible for the flow sync peer to account for the retransmission.
The values are shown in connection details for individual connections, aggregated in dynamic LiveView, and available as averages
as fields in StatisticsObjects for statistics.
117
5. Statistics concepts
To make sure RTT is correctly aggregated, a timestamp is added to the hello messages in the flow sync network. This makes
it possible to calculate the "ping time" between different PRE systems, which is used later in the RTT calculation.
5.4.2.2. TCP
PacketLogic stores time stamps (based on the clock on the PacketLogic system) when the SYN packet, the SYN/ACK packet,
and the ACK packet of a TCP connection are seen on the channel interfaces of PacketLogic. The difference in time between
the SYN and SYN/ACK packets is accounted as the handshake RTT towards the client side, and the difference in time between
the SYN/ACK and the ACK packets is accounted as the handshake RTT towards the server side. Depending on whether the
client is internal or external, the values are stored as follows:
For TCP connections with the client on the external network, this is the difference between the time when the SYN and
the SYN/ACK packets were seen. Based on Figure 5.7, this is calculated as T2 - T1 .
For TCP connections with the client on the internal network, this is the difference between the time when the SYN and
the SYN/ACK packets were seen. Based on Figure 5.6, this is calculated as T2 - T1 .
118
5. Statistics concepts
5.4.2.3. UDP
For UDP, RTT measurements are optional and enabled by the system configuration value
UDP_RESPONSE_RTT_AS_HANDSHAKE_RTT (see Appendix B, System Configuration Values). If UDP RTT measurements
are enabled, PacketLogic measures the time between the first request packet and the first response in UDP connections. If
the client is on the internal side and the server is on the external side of PacketLogic, the calculated RTT is set as the External
handshake RTT for the connection. If the client is on the external side and the server is on the internal side of PacketLogic, the
calculated RTT is set as the Internal handshake RTT for the connection.
119
5. Statistics concepts
Note
This is not the same metric as the handshake RTT described in Section 5.4.2, “Handshake Round-Trip Time
(RTT)”.
For connections where the optional timestamp field is present in the TCP header, PacketLogic tries to set a calculated RTT value.
A calibration is attempted to determine if the timestamp field can be reliably used to calculate RTT. If the calibration succeeds,
RTT is calculated and stored. This is done separately for the internal and the external side. This means that there can be a value
in one direction but not the other.
The information collected during the traffic analysis is kept for each individual connection and available for viewing in the
PacketLogic client. The PacketLogic ruleset allows for categorization based on the extracted information.
120
5. Statistics concepts
Network protocols
These criteria are defined in ProtocolObjects, by protocol name (such as TCP or UDP) or protocol number for
proprietary protocols (for details, see Section 6.6.1.3.3, “ProtocolObjects” in PacketLogic Real-Time Enforcement
product guide).
URL category
These criteria are defined in ContentLogicObject, as lists of URL categories from the set of categories recognized by
PacketLogic (for details, see Section 6.6.1.3.5, “ContentLogicObjects” in PacketLogic Real-Time Enforcement product
guide).
Channel
These criteria are defined in ChannelObjects, as individual channels (for details, see Section 6.6.1.3.12,
“ChannelObjects” in PacketLogic Real-Time Enforcement product guide).
Properties of the connection (such as file size, server version, user name). Which properties that are
available depends on the application
These criteria are defined in PropertyObjects, as property names and matching strings (optionally with wild cards) (for
details, see Section 6.6.1.3.13, “PropertyObjects” in PacketLogic Real-Time Enforcement product guide).
Flow behavior, which define characteristics such as timing, packet size and distribution
These criteria are defined in FlagObjects, as different transfer behavior (XFB) flags to match as set or not set (for details,
see Section 6.6.1.3.14, “FlagObjects” in PacketLogic Real-Time Enforcement product guide).
121
5. Statistics concepts
Note
• Avoid using NOT conditions in conjunction with objects that can have any direction because it can lead
to unexpected behavior, such as matching all or no traffic.
5.5.3.1. NetObjects
NetObjects group different network entities into named objects for hosts with different IP addresses or IP network classes.
NetObjects can be used in rules, which simplifies maintenance of the rules. If a NetObject is modified, it will affect all rules that
use this NetObject.
• Address: An IP address
• Range: A set of IP addresses specified with a starting IP address and an ending IP address.
• Network: A network is a prefix and a netmask. The network can also be written as prefix length, which will be translated
into a netmask, that is, 24 will be translated into 255.255.255.0.
To exclude a range use the exclude construction available in the the conditions-based ruleset. See Section 6.6.2.1, “Use
conditions to create rules” in PacketLogic Real-Time Enforcement product guide.
• Client NetObject: To match this criterion the client IP address in the connection must be matched by the NetObject.
• Server NetObject: To match this criterion the server IP address in the connection must be matched by the NetObject.
• Host NetObject: To match this criterion either the server or client IP address in the connection must be matched by the
NetObject.
122
5. Statistics concepts
Note
Due to the implementation of the Host NetObject criterion, do not use Host NetObject not equals a
NetObject. The logical expansion of this will make such a rule match all traffic.
• Local NetObject: To match this criterion the internal IP of the connection must be matched by the NetObject. Internal IP is
the destination IP of an inbound packet and the source IP of an outbound packet.
Regular NetObjects and their contained items are defined statically. To change them, you must acquire a lock on the resource,
make the changes, and commit the changes for writing. For large-scale deployments, this can cause problems by an excessive
rate of these transactions. For these purposes, there is a special type of NetObjects and items, referred to as Dynamic.
5.5.3.2. ServiceObjects
ServiceObjects group services together. A service is the PacketLogic representation of the type of traffic carried in a connection.
If the same rule should apply to several services, a ServiceObject can be used. Each ServiceObject consists of a list of items,
where each item is a service.
You can download signature documentation with lists of supported services and protocols in the File Manager window in
PacketLogic Client. Additionally, there are a number of services that are not signatures:
Asymmetric
The service Asymmetric is traffic where PacketLogic determines it only sees one direction of the traffic.
Not Analyzed
The service Not Analyzed is traffic that DRDL does not process.
Being Analyzed
The service Being Analyzed matches all traffic that has not got enough packet information to determine which service it is.
Note: PacketLogic can only detect what service a connection uses after the first data packet has been sent. The
connection is classified as Being Analyzed until enough data is gathered to determine the service.
Unknown
The Unknown service matches all traffic which after enough packet information still can not match the connection to a
known service.
Untracked
The service Untracked matches all traffic where PacketLogic has not seen the initiation of the connection.
No signatures loaded
This service is set on all connections when the engine has not yet loaded a signature set. This is temporary, and as soon
as the signatures are loaded, the full signature set is used. However, all connections that have already set the service
to No signatures loaded stay that way, since DRDL does not reevaluate connections retroactively. As these connections
close or time out, they should gradually disappear altogether.
5.5.4. Attributes
123
5. Statistics concepts
An object can have a number of attributes defined. An attribute is a generic key-value pair, where certain key-value pairs are used
for PacketLogic functionality. For example, link speed attributes, subscriber definitions, and limits for volume-based shaping can
be defined here, as well as attributes defining if the object shall be handled in any special way when displaying it in the client.
Attributes can be viewed, added, and edited by right-clicking an object in the Objects & Rules editor in the PacketLogic client
(Section 3.10, “Objects & Rules Editor window”).
NAT - Only use this pool on specified systems (comma separated) (nat-systemids)
The NAT pool defined by this object shall only be active on specified systems. The value of this attribute should be an
comma separated list of systemids
124
5. Statistics concepts
Comments (Comments)
Free text containing comments relevant for the object
125
5. Statistics concepts
For this reason, object nesting of traffic identification objects is highly recommended for any non-trivial ruleset. Nesting allows
for a fine-grained separation of traffic identification criteria while still being able to easily include large categories of traffic without
126
5. Statistics concepts
selecting many small categories. Also, nesting allows exclusion of objects, which is useful to, for example, impose limits on an
entire network except certain individual hosts.
A license is needed in order to change the default behaviour. If the license module exists, you can change the
default behaviour with the system configuration values PLS_OBFUSCATE_SUBSCRIBERS in the Statistics folder and
INSIGHTS_OBFUSCATE_SUBSCRIBERS in the Insights folder.
• localhost
• Values derived from Session Context columns that are part of the schema key
• proceraImsi
• proceraDeviceId
• proceraMsisdn
• proceraSubscriberIdentifier
• proceraLocalIPV4Host
• proceraLocalIPv6Host
127
5. Statistics concepts
• Columns that contain data from Session Context columns that are part of the schema key.
• Columns that contain data from NetObjects that have the attribute Statistics - Count as subscriber set.
128
6. PIC components and deployment
6.1. Statistics data flow
6.2. Software architecture
6.3. Deployment scenarios
6.4. Statistics user
6.5. Performance considerations
6.6. Bandwidth considerations
6.7. Centralized management
6.8. Monitoring PacketLogic
6.9. Backup and restore
6.10. PacketLogic update
This chapter describes the components of a PIC system and examples of statistics deployments. It also describes how to
operate and monitor PacketLogic.
129
6. PIC components and deployment
1. The engine sends updates with information about connections to the PacketLogic Daemon (PLD):
• Every 5 seconds. You can change the interval with the system configuration value CONNECTION_UPDATE_INTERVAL
in the Connection Handling folder.
For every connection, information about the transferred data and which statistics rules that the connection matches is
kept both in the engine and in the PacketLogic Daemon.
The engine marks updates to send to the PacketLogic Statistics Daemon every 5 minutes. You can change the interval
with the system configuration value STATISTICS_CONNECTION_UPDATE_INTERVAL in the Connection Handling folder.
2. When the PacketLogic Daemon receives a marked update, it forwards it to the PacketLogic Statistics Daemon (PLSD).
3. The PacketLogic Statistics Daemon builds datasets in memory from the information received from the PacketLogic
Daemon every 5 minutes. You can change the interval with the system configuration value PLS_GRAPH_FREQUENCY
value in the Statistics folder.
You can configure the PacketLogic Statistics Daemon to write temporary dataset files locally. These datasets ensure that
data loss is minimized in case of a system failure, as the temporary files are stored persistently.
Note
• Unless there is a system failure, temporary datasets will only be written if the system
configuration value PLS_DISK_CACHE_INTERVAL is smaller than the system configuration value
PLS_DUMP_INTERVAL. Otherwise, the datasets for the interval will be sent directly to the
PacketLogic Database Daemon.
• To avoid running out of disk space for other data, the temporary files are removed when a set limit
of disk space is exceeded. The limit is 50 GB by default, but you can change it in the CLI.
4. The PacketLogic Statistics daemon sends the temporary datasets to the PacketLogic Database Daemon (PLDBD):
130
6. PIC components and deployment
• Every hour. You can change the interval with the system configuration value PLS_DUMP_INTERVAL in the Statistics
folder.
5. The PacketLogic Database Daemon first writes the data to temporary files. It then waits to let all statistics daemons
finish sending data before it writes the data to permanent storage. After 60 seconds the database daemon
starts the PacketLogic Statistics Writer Backend process (PLSWB), which reads the temporary files and writes
the data to the statistics file system (StatsFS). You can change the interval with the system configuration value
PLDB_STATWRITER_GRACE_PERIOD value in the Statistics folder.
Note
• You can avoid bursts in the traffic between the statistics daemon and the database daemon—which may
consume a large part of the available bandwidth—by limiting the dataset transfer rate. Configure the
maximum bandwidth in Kbps with the system configuration value PLS_DATASET_BANDWIDTH_LIMIT in
the Statistics folder. Monitor the transfer rate in the System Diagnostics view with the value Bandwidth
used (Dataset Transfer) in the Statistics zone.
See also
See also
• Section 6.2.7, “Statistics daemon and statistics writer of different firmware version”
131
6. PIC components and deployment
6.2.1. Engine
The Engine is the packet processing core of PacketLogic. Each PLOS instance (engine) receives each individual packet,
determines which connection it belongs to, sends it to DRDL to determine the service of the connection, sets the flow behavior
flags of the connection, and applies the ruleset to the connection. Applying the ruleset can mean enqueueing, dropping, rejecting,
forwarding, rewriting, and combinations of the above. The engine reports connection information to the control application
PacketLogic Daemon (PLD).
The engine is typically a processor. In some systems, the engine runs along with control applications in a single processor. In
other systems, there are several processors running only the engine.
6.2.1.1. Processor
The engine is typically a processor. In some systems, the engine runs along with control applications in a single processor. In
other systems, there are several processors running only the engine.
PL15000/PL20000 chassis products support an extended (bladed) hardware platform. In this modular architecture, each Flow
Processor (FP) module is dedicated to packet processing. The specification of each module varies between each of the
supported chassis platforms:
• PL15000— each module has one physical processor. This processor has 12 cores, each capable of running two individual
processing threads. One core is reserved for controlling the processor, which leaves 11 cores of two threads each. In
all, that means that there are 22 available threads running on the processor. See also Section 6.7.1, “PL15000 chassis
architecture” in PacketLogic Real-Time Enforcement product guide.
• PL20000— each module has two physical processors. These processors have eight cores, each capable of running four
individual processing threads. One core is reserved for controlling the processor, which leaves seven cores of four threads
each. In all, that means that there are 28 available threads running on each processor. See also Section 6.7.1, “PL15000
chassis architecture” in PacketLogic Real-Time Enforcement product guide.
6.2.1.2. Reaper
In a PL15000/PL20000 chassis platforms, each FP has what is called a Reaper. The reaper collects and processes information
from the engine, which it then communicates to the PLD. This functionality is apparent in the system diagnostic zones, where the
values are shown per engine (such as the Packet Processing zone) and engine threads are sorted under an associated reaper.
• Loading the Application Recognition Module (ARM) with the compiled set of signatures to apply for DRDL to use.
• Counters in ShapingObjects.
• Queue synchronization.
132
6. PIC components and deployment
• Communication with all engines in the PacketLogic. Messages are exchanged using TCP.
• Communication with the clients, such as management client, the PacketLogic Statistics Daemon, and the PythonAPI.
• BGP Table management. PLD provides PLRCD with AS paths for the prefixes in the table for ruleset use.
6.2.3.1. Hosts
The PacketLogic Daemon (PLD) holds a data structure for hosts. Hosts are IP addresses on the internal side of a channel,
according to the PacketLogic view of hosts. The host data structure contains information on which NetObjects the host belongs
to and what connections that host has.
An entry in the hosts data structure is created the first time the host has an established connection, that is, a connection that has
had packets in both directions. As soon as a host no longer has any connections, it is removed from the hosts data structure.
The size of the data structure is defined by the system configuration value HOST_NUM_HOSTS. Set the value to the number
of expected concurrent hosts on the internal side of PacketLogic.
If the hosts data structure is exhausted, subsequent hosts cannot be added. This means that the mapping to NetObjects and
connections cannot be created for those subsequent hosts. This affects the reporting that relates to NetObjects in LiveView
and statistics. Hosts that cannot be allocated in the hosts data structure will not be shown in the correct NetObject(s) in Local
Hosts view in LiveView, nor will their traffic be added to the total for the NetObject(s). Likewise for statistics, the traffic for the
host will not be accounted on the correct NetObject. Traffic management relates to connections without any dependency on
the hosts data structure in PLD, so traffic management is not affected. Nor is LiveView and statistics reporting based on other
criteria than NetObjects, for example, services.
• Communication with and management of the local database holding the ruleset and configuration.
• System Diagnostics.
133
6. PIC components and deployment
6.2.4.2. Resources
Resources are kept in the resource table of the PacketLogic Database Daemon, and the current list can be seen in the Resource
Manager in the PacketLogic Client. Each resource defines a subset of the PacketLogic system configuration. Each resource
defines a set of data—database tables or filesystem data—and a set of commands to retrieve or manipulate this data.
When a resource is database bound, a session attached to a resource will always be in a database transaction. There is also
an implicit lock on each resource that is taken when the session sends the first manipulative command for the resource.
Resource commands are divided into read-only commands and write commands. Each user has a read and write privilege for
each separate resource.
• CommitLog governs the CommitLog, which keeps track of changes made to the configuration.
• PSM governs the permissions for access to the PSM web user interface.
• Rules & Object Configuration governs the management of objects and rules, that is, the ruleset.
• StatWriter Backup governs the function writing statistical data to disk on a secondary statistics system.
• System Diagnostics governs the handling of counters and alert levels in System Diagnostics.
• System Overview governs the function to show system information in the System Overview. For more information, see
Section 5.3, “System Overview” in PacketLogic Real-Time Enforcement product guide.
• User Management governs the user database. For more information, see Section 3.18, “User Editor window”.
134
6. PIC components and deployment
See also
You can proxy a resource to a remote database daemon on another PacketLogic system. The local database daemon will
keep a handle connected to the remote database daemon server, and translate/rewrite commands bound to a local session
to a remote session. When you create a session on the local database daemon and attach it to a proxied sresource, the local
database daemon will create a corresponding session to the remote database daemon. All of this is transparent to the user.
Important
• If the network communication fails between the local PacketLogic and the central PacketLogic, the local
PacketLogic will not be able to re-read the proxied resource. In this case, a backup to restore to the local
PacketLogic is essential to ensure operation.
• If you move the database where the proxied resource is stored, the connection to the proxied resource
is lost. To restore the connection to a proxied resource, repoint the database in the PacketLogic Client
System Manager.
This functionality is used to keep the same ruleset (or other resource) on several PacketLogic systems. For more information,
see Section 6.7, “Centralized management”.
Any number of sessions can be attached to the same resource without interfering, as long as they are only sending read
commands. When you issue a write command to a resource, the resource will be locked for writing until you send a "Commit"
message. This triggers the database transaction to commit, and unlock the resource for writing again.
Note
For SSH login, local fallback on external authentication failure is always used. Disabling local fallback in
configuration does not disable local fallback for SSH login.
For client and API logon, permissions for the authenticated users can be defined by configuring a local user and then configuring
the authentication server to provide the applicable local user name in the authentication response. The authenticated user will
then get permissions equivalent to the local user given in the authentication response.
Configuring the authentication server is not included in the PacketLogic external authentication. It is the responsibility of the
administrator of the authentication server.
135
6. PIC components and deployment
• A Freeradius server providing a local user using RADIUS in Appendix I, Freeradius configuration example in PacketLogic
Real-Time Enforcement product guide.
• A Cisco TAC PLUS server providing a local user using TACACS+ in Appendix J, Cisco TAC PLUS configuration example
in PacketLogic Real-Time Enforcement product guide.
For more information on the statistics data flow, see Section 6.1, “Statistics data flow”.
• CONNECTION_UPDATE_INTERVAL
• DYNAMIC_NETOBJECT_PREFIXES_MAX
• HOST_NUM_HOSTS
• HOST_NUM_NETOBJECTS
• HOST_STATS_VOLUME_THRESHOLD
• INSIGHTS_DATA_COLLECTION_SCORE_SERVICE
• INSIGHTS_SESSION_CONTEXT_SCHEMAS
• INSIGHTS_USE_SESSION_CONTEXT
• MAX_CONNECTIONS
• MAX_VISIBLE_NETOBJECTS
• STATISTICS_CONNECTION_UPDATE_INTERVAL
• STATISTICS_MAX_RULES_PER_CONNECTION
See also
136
6. PIC components and deployment
Communication uses PacketLogic Messages, a simple binary protocol that can be used for both request/response and data
message streaming.
Between user-land applications, communications use the proprietary Fast Lightweight Crypto and Key-exchange Abstraction
(FLICKA) library. FLICKA negotiates a PKI encrypted TCP session. It uses RSA for the symmetric key exchange and RC4 for
session data.
In a scenario where the statistics daemon runs on a PRE with higher version than PIC, you need to configure the statistics
daemon to send statistics to an older statistics writer resource.
• Set the system configuration value PLS_STATWRITER_WRITE_VERSION (for the StatWriter resource) or
PLS_STATBACKUP_WRITE_VERSION (for the StatWriter Backup resource) to the major firmware version of PIC. For
example, if the statistics daemon runs on version X.1.1 and the statistics writer on version X.0.9, set the configuration
value to X.0
If the statistics daemon runs on a PRE with lower version than PIC, no configuration is required. The statistics daemon will send
its version to the statistics writer resource, which is backwards compatible when processing datasets.
See also
Depending on the amount of data to be stored, statistics collection and storage can be deployed in different ways. The following
scenarios are described in this product guide.
Local statistics
One PRE collects statistics and writes it to storage on PRE itself.
137
6. PIC components and deployment
See also
Prerequisites:
• PRE must have local statistics enabled. Note that with chassi-based hardware installations of PRE, you need to run the
PacketLogic Statistics Daemon (PLSD) on a separate PIC.
See also
138
6. PIC components and deployment
Prerequisites:
• PRE must proxy the statics reader resource in order to view the statistics stored in PIC.
See also
You create a statistics user to connect between PRE and PIC systems.
You enable/disable local statistics to run/not run the PacketLogic Statistics Daemon (PLSD) locally on PRE.
You add PRE as a remote system on PIC to collect statistical data from traffic passing through PRE.
139
6. PIC components and deployment
You proxy a database resource to locally view and manage a resource that is located on another PacketLogic component.
The statistics reader resource on PRE reads statistics stored on PIC. You can view the statistics in the PacketLogic
Client of PRE.
See also
Prerequisites:
• Each PRE must have local statistics enabled. Note that with chassi-based hardware installations of PRE, you need to run
the PacketLogic Statistics Daemon (PLSD) on a separate PIC.
• The PRE systems must proxy the statistics writer resource to make the the statistics daemons send data to PIC.
140
6. PIC components and deployment
See also
You create a statistics user to connect between PRE and PIC systems.
You proxy a database resource to locally view and manage a resource that is located on another PacketLogic component.
The statistics writer resource on PRE writes statistics collected on PRE in the statistics file system on PIC.
3. Proxy the statistics reader (StatReader) resource on one or more PRE systems to PIC
You proxy a database resource to locally view and manage a resource that is located on another PacketLogic component.
The statistics reader resource on PRE reads statistics stored on PIC. You can view the statistics in the PacketLogic
Client of PRE.
You enable/disable local statistics to run/not run the PacketLogic Statistics Daemon (PLSD) locally on PRE.
See also
141
6. PIC components and deployment
This requires fewer statistics licenses and less memory usage on PRE systems, than in the scenario where each PRE runs a
statistics daemon locally.
Prerequisites:
• The PIC collector must proxy the statistics writer resource to make the the statistics daemon send data to the PIC writer.
• PRE must proxy the statics reader resource in order to view statistics stored on the PIC writer.
See also
1. Create a statistics user on the two PIC systems and on all PRE systems
You create a statistics user to connect between PRE and PIC systems.
You add PRE as a remote system on PIC to collect statistical data from traffic passing through PRE.
You enable/disable local statistics to run/not run the PacketLogic Statistics Daemon (PLSD) locally on PRE.
142
6. PIC components and deployment
4. Proxy the statistics writer (StatWriter) resource on the PIC collector to the PIC writer
You proxy a database resource to locally view and manage a resource that is located on another PacketLogic component.
The statistics writer resource on the PIC collector writes statistics in the statistics file system on the PIC writer.
5. Proxy the statistics reader (StatReader) resource on PRE to the PIC writer
You proxy a database resource to locally view and manage a resource that is located on another PacketLogic component.
The statistics reader resource on PRE reads statistics stored on the PIC writer. You can view the statistics in the
PacketLogic Client of PRE.
See also
You can download a license directly from a Sandvine download server via HTTP. You can also manually download the license
from http://IP_address_of_upgrade_server/pldownload/licenses/machine_ID.lic and then upload it to the Upgrade files folder in
the File Manager in the PacketLogic Client.
To download a license
2. Type system license download {fileserv | master}, to download a license from the File Manager or from the the
Sandvine server.
See also
143
6. PIC components and deployment
Prerequisites:
• Local statistics can't be enabled on chassi-based hardware installations of PRE, as there isn't enough memory and disk
space. In these cases, you need to run PLSD on a separate PIC.
3. Type set service statistics local {true | false} to enable/disable local statistics.
4. Type commit.
See also
Prerequisites: There must be a user user with the relevant permissions on PRE. For more information about user permissions,
see Section 6.4, “Statistics user”.
3. To add a PRE, type set service statistics retrieve-statistics-from {host_ip_address |host_name} username
user_name password password.
The IP address can be the address of the administration interface or the auxiliary interface. The user name is the name
of a statistics user on PRE.
4. Type commit.
See also
144
6. PIC components and deployment
2. In System Diagnostics view, ensure that the Statistics and Statistics writer zones are available.
See also
Prerequisites: There must be a user with the required permissions on the remote system.
For more information about user permissions, see Section 6.4, “Statistics user”.
3. In the Resource Manager window, double-click the resource you want to proxy.
5. In the Proxy address box, type the IP address of the remote system.
The IP address can be the address of the administration interface or the auxiliary interface.
6. In the Proxy user box, type the name of a user on the remote system.
8. Click OK.
Verify that the mode of the resource changes to Proxy and that the status of the resource is Proxy ready.
See also
145
6. PIC components and deployment
• Proxying the statistics reader (StatReader) resource from PRE to PIC. This makes it possible to view statistics stored on
PIC in the PacketLogic Client of PRE.
• Proxying the statistics writer (StatWriter and StatWriter Backup) resources from PRE to PIC, or from PIC collector to PIC
writer. This makes it possible to to store statistics on PIC when the statistics daemon is located on PRE.
• Creating a remote connection to PRE from PIC. This makes it possible for PIC to collect statistics from PRE when the
statistics daemon is located on PIC.
You may use different users for the different purposes, but we recommend that you have only one dedicated statistics user.
Configure the statistics user in the same way on both PRE and PIC with all the permissions listed in the table.
See also
Note
We recommended that you create a user that is dedicated to statistics retrieval, on both PRE and PIC. For
more information about recommended user permissions, see Section 6.4, “Statistics user”.
2. On the Edit menu, click User. The User Editor window is opened.
146
6. PIC components and deployment
7. Click Create.
8. On the Database Permissions tab, configure the permissions to different database resources.
See also
The number of values affects storage space. It also affects performance, since it will take longer time to write all the values to
disk. Graph point values consume more resources than total values.
Connection logging
When connection logging is enabled, storage space and performance are affected considerably, especially if the traffic has a
lot of new connections per second.
You can configure the connection logging storage with the system configuration values
PLS_CONNLOG_REINDEXING_ENABLED and PLS_CONNLOG_SEARCHABLE_CRITERIAS.
• PLS_CONNLOGT_REINDEXING_ENABLED enables reindexing of connection logging data. The default value is True.
• PLS_CONNLOG_SEARCHABLE_CRITERIAS holds a comma separated list of searchable criteria for connection logging.
Disable PLS_CONNLOG_REINDEXING_ENABLED to decrease disk usage for connection logging data by up to 30%.
Additionally, the more searchable criteria that are listed with PLS_CONNLOG_SEARCHABLE_CRITERIAS, the more storage
space will be used. Select only a few of the criteria to save an additional 20% of the storage space and to further increase
the performance.
Distribution by property
Using properties in a distribution level of a StatisticsObject can consume considerable resources. If you enable a statistics
rule connected to such a StatisticsObject, we recommend that you monitor resource consumption to ensure the system is
not overloaded. Monitor memory usage in the PacketLogic Engine and the PacketLogic Daemon (PLD) and bandwidth usage
between the engine, PLD, and the PacketLogic Statistics Daemon (PLSD).
147
6. PIC components and deployment
See also
PacketLogic components in a system can take on two different roles for centralized management:
• Proxy stores resources (statistics, a ruleset, or any other resource) and and exposes them to one or more local PacketLogic
components to read when needed.
• Local PacketLogic components, in this context, read the resources stored on a remote PacketLogic.
You configure proxy from the Resource Manager on the local PacketLogic component. For more information, see Section 3.25,
“Resource Manager window”.
On the remote PacketLogic component, you must verify that the user account used to set up the Proxy on the local PacketLogic
component has the required permissions to the resource.
For recommendations on how to use the centralized management features in PacketLogic, see Section 6.7.4, “Recommended
use”.
6.7.1. Proxy
Caution
Proxying resources should only be done between systems of the same major version. Trying to proxy a
resource to a system with a different major version installed may cause the system to fail.
Proxying resources means that a local PacketLogic component completely defers the task of storing a resource (such as the
ruleset) to another PacketLogic component. A client connecting to the PacketLogic that has a resource proxy will not see that
the resource is stored remotely. There is no copy of the resource stored on the local PacketLogic. The deferred transactions
are transparent to both sides:
Note
• Set up scheduled backups of the proxied resource in the central PacketLogic. If, for any reason, the
network communication fails between the local PacketLogic and the central PacketLogic, the local
148
6. PIC components and deployment
PacketLogic will not be able to re-read the proxied resource. In this case, a backup to restore to the local
PacketLogic is essential to ensure operation.
• If you move the database where the proxied resource is located, the connection to the proxied resource
is lost.
• For backups to work on the local PacketLogic, the Backup resource must also be set to proxy. Otherwise,
the backup will be of the local database content, which is not the running configuration.
Prerequisites: There must be a user with the required permissions on the remote system.
For more information about user permissions, see Section 6.4, “Statistics user”.
3. In the Resource Manager window, double-click the resource you want to proxy.
5. In the Proxy address box, type the IP address of the remote system.
The IP address can be the address of the administration interface or the auxiliary interface.
6. In the Proxy user box, type the name of a user on the remote system.
8. Click OK.
Verify that the mode of the resource changes to Proxy and that the status of the resource is Proxy ready.
See also
149
6. PIC components and deployment
For information on how to configure System Overview values, see Section 5.3, “System Overview” in PacketLogic Real-Time
Enforcement product guide.
You configuring System Diagnostics to proxy values in the Resource Manager by setting the System Diagnostics resource
to proxy, with IP address and user information for the intended proxy master.
150
6. PIC components and deployment
Resource copying is another option when you want to synchronize configurations. Resource copying creates a backup of a
remote resource (Users and Rules & Objects are supported) and restores it locally. When you use resource copying, the
remote resource receives notifications when the remote resource is changed. When the remote resource is changed, a new
backup of the remote resource is created and then restored locally.
Resource copying means that configuration data is available locally even if the connection to the remote system is lost.
Note
If the connection to the remote system is lost, changes on the remote system are not applied to the local
system.
Using resource copying for Objects & Rules means that, when the resource is changed on the remote system, the ruleset is
recompiled on the local system.
You configure resource copying in the CLI (PacketLogic CLI Reference Guide).
• Proxied ruleset. This is useful to define central rules and objects to apply in an entire network with several deployed local
PacketLogic units. When using proxy, it is recommended to clear out the local ruleset to avoid confusion
• System Overview. This is useful to get a quick overview of selected system diagnostics values from several PacketLogic
systems. See Section 6.7.1.2, “System Overview” for instructions on configuring System Overview.
• System Diagnostics. This is useful to view diagnostics for several PacketLogic systems.
To use centralized management for other resources, it is recommended to consult with the local PacketLogic technical contact
before proceeding, to avoid unwanted side-effects. For centralizing user management and authorization, it is recommended to
use the external authentication mechanisms (see Section 6.2.4.3, “External authentication sources”).
• Viewing them in the System Diagnostics view in the Surveillance part of the PacketLogic client interface (Section 5.5,
“System Diagnostics view” in PacketLogic Real-Time Enforcement product guide).
• Retrieving them with an SNMP management station, after setting up SNMP on the PacketLogic (see the PacketLogic CLI
Reference Guide).
• Retrieving them with a Python script using the PacketLogic Python API for custom handling.
Additionally, PacketLogic can actively inform an administrator of values exceeding their thresholds. For each value in System
Diagnostics, alert limits can be configured by right-clicking the value and selecting the option Alert limits option. In the Alert
Limits editor, values can be defined for when the value shall generate an alert. Also, a comment can be added that will be
included in the messages sent when the alert is generated. Once the alert limits are defined, the alerts can be provided in
several different ways:
• When connecting to the LiveView part using the PacketLogic client, any alerts generated are shown as popup messages.
This also acknowledges the alert.
• An email can be sent informing the recipient that the alert has been generated. This must be configured in the CLI (see
the PacketLogic CLI Reference Guide).
151
6. PIC components and deployment
• SNMP traps can be sent to a management station configured to receive traps, after setting up SNMP on the PacketLogic
(see the PacketLogic CLI Reference Guide).
Once an alert limit is exceeded, an alert is generated and sent out to the configured alert destinations. Once the alert is sent, it
is not sent again until a client has logged on to the PacketLogic and has seen and acknowledged the alert.
6.8.1.1.1. Statistics
OID: 1.3.6.1.4.1.15397.2.1.136.31
Alarm when
Value approaches the link capacity between PLD and PLSD (in the case where PLSD runs on the PIC system and relies
on network connectivity to PLD on PRE).
Impact
Minor
Action
Review the amount of data sent (number of values stored due to StatisticsObject complexity or amount of subscribers/
hosts), or review link capacity between PRE and PIC (in the case where PLSD runs on PIC).
6.8.1.1.1.2. Connects
OID: 1.3.6.1.4.1.15397.2.1.136.33
Alarm when
Value increases in conjunction with high ringbuffer usage (see Section 6.8.1.1.1.3, “Recv Ringbuf usage (Collector)”).
Impact
Minor
Action
Review ringbuffer usage (see Section 6.8.1.1.1.3, “Recv Ringbuf usage (Collector)”) and size (PLS_RINGBUF_MEGS)
This shows the number of times PLD has connected to PLSD. This in itself does not cause problems, but if it rises in conjuction
with high ringbuffer usage, it can be an indication that PLD is disconnecting because the ringbuffer is full and PLD can not put
more connection updates in the ringbuffer. There is a ringbuffer both in PLD and PLSD, and PLD disconnects when the sending
ringbuffer is full. This can happen if the PLSD receiving ringbuffer (see Section 6.8.1.1.1.3, “Recv Ringbuf usage (Collector)”)
becomes full and can no longer drain the sending ringbuffer on the PLD side, but if the sending ringbuffer becomes full due to,
for example, a connectivity issue between PLD and PLSD (such as a network problem when PLSD runs on the PIC system),
PLD will also disconnect despite the receiving ringbuffer not showing signs of running full.
152
6. PIC components and deployment
OID: 1.3.6.1.4.1.15397.2.1.136.28
Alarm when
Value increases, approaching the maximum (defined by PLS_RINGBUF_MEGS), especially in conjunction with increasing
Connects (see Section 6.8.1.1.1.2, “Connects”).
Impact
Minor
Action
Review ringbuffer usage and size (PLS_RINGBUF_MEGS)
This shows the usage (in bytes) of the PLSD receiving ringbuffer, which is used to receive connection updates from the PLD
sendind ringbuffer. If this runs full, the PLD sending ringbuffer will fill up, eventually leading to PLD disconnecting from PLSD
(increasing the number of connects, see Section 6.8.1.1.1.2, “Connects”). The receiving ringbuffer size can be adjusted with
the system configuration value PLS_RINGBUF_MEGS.
OID: 1.3.6.1.4.1.15397.2.1.136.6
Alarm when
rate > 0/s
Impact
Major, statistics values are discarded.
Action
If possible, increase PLS_MAX_VALUES to allow more values. If the resources (mainly memory) on PIC does not allow
this, upgrading the capacity is recommended. Short term, or if the amount of values is due to an unnecessary complexity
in what statistics are stored, reduce amount of statistics or statistics distribution complexity.
The number of statistics values not saved due to lack of resources. This represents values that are not set with Priority High in the
distribution of the StatisticsObject. Those values are not created if the value usage is higher than PLS_PRIORITY_THRESHOLD.
OID: 1.3.6.1.4.1.15397.2.1.136.7
Alarm when
rate > 0/s
Impact
Major, statistics values are discarded.
Action
In addition to the measures described in Section 6.8.1.1.1.4, “Values not created, Cache exhausted”, the system
configuration value PLS_PRIORITY_THRESHOLD can be adjusted. Setting it higher will allow a higher usage before normal
priority values are discarded, but will also exhaust the value cache quicker. Setting it lower will discard more normal priority
153
6. PIC components and deployment
values but preserve the cache space longer for high priority values. To monitor the trend of cache usage before any
values are discarded, see Section 6.8.1.1.1.6, “Value Cache Usage”.
The number of values currently in the value cache. When this exceeds PLS_PRIORITY_THRESHOLD, values stored with normal
priority in the StatisticsObject distribution are discarded (see Section 6.8.1.1.1.5, “Values not created, Priority Threshold”).
OID: 1.3.6.1.4.1.15397.2.1.136.48
Alarm when
value exceeds 80% of PLS_MAX_VALUES (based on default PLS_PRIORITY_THRESHOLD which is 90. If the threshold
is adjusted, it is advised to review this alarm threshold as well.)
Impact
Minor, monitor for trends of usage.
Action
Increase PLS_MAX_VALUES or reduce amount of statistics collected.
The number of values dropped by the statistics writer because the value cache in the writer was exhausted.
OID: 1.3.6.1.4.1.15397.2.1.137.5
Alarm when
Value > 0
Impact
Impact: Major, statistics data affected.
Action
Increase PLDB_STATISTICSFS_MAX_VALUES_DATASET
The number of values dropped by the statistics writer because the Global Index in the writer was exhausted.
OID: 1.3.6.1.4.1.15397.2.1.137.7
Alarm when
Value > 0
Impact
Impact: Major, statistics data affected.
Action
Increase PLDB_STATISTICSFS_MAX_VALUES
154
6. PIC components and deployment
OID: 1.3.6.1.4.1.15397.2.1.137.33
Alarm when
value significantly exceeds baseline
Impact
Minor. Affects statistics retention time.
Action
Reduce amount of statistics collected to achieve desired retention time.
Statistics retention time (in days) can be estimated as 90% of "Statistics Writer / Statisticsfs, Disk Size" divided by "Statistics
Writer / Statisticsfs, Disk Usage Per Day (Statistics)". Actual retention time is lower if connection logging ("connlog") is in use.
OID: 1.3.6.1.4.1.15397.2.1.137.14
Alarm when
value exceeds 90% of the dump interval (default one hour).
Impact
Major. Affects statistics.
Action
Reduce amount of statistics collected to reduce dataset size.
By default, the interval at which statistics are written to disk is one hour. To ensure smooth operation, the statistics from the
previous interval should be completely written prior to the next write beginning.
155
6. PIC components and deployment
Download the file to a location in the file system where net-snmp stores MIB files (for example /usr/local/share/snmp/
mibs/). This will enable the use of the text strings for the OIDs available in the PACKETLOGIC-MIB.
For v3, assuming that a user with name "user" and authentication key "authkey" is configured in the PacketLogic SNMP
configuration, use the following command:
PACKETLOGIC-MIB::connectionCreateAttemptsInboundVal.0 = Counter64: 0
PACKETLOGIC-MIB::connectionCreateAttemptsInboundMom.0 = Gauge32: 0
PACKETLOGIC-MIB::connectionCreateAttemptsInboundMax.0 = Gauge32: 0
156
6. PIC components and deployment
For v3, assuming that a user with name "user" and authentication key "authkey" is configured in the PacketLogic SNMP
configuration, use the following command:
PACKETLOGIC-MIB::connectionCreateAttemptsInboundVal.0 = Counter64: 0
PACKETLOGIC-MIB::connectionCreateAttemptsInboundMom.0 = Gauge32: 0
PACKETLOGIC-MIB::connectionCreateAttemptsInboundMax.0 = Gauge32: 0
To receive traps using SNMP v3, a user must be created matching a user in the PacketLogic SNMP configuration. If a user with
user name "user" and authentication key "authkey" is configured on PacketLogic, create a file with the following contents:
To start the trap server using the configuration above (assuming the file was named snmptrapd.conf and placed in the /
tmp directory), use the following command:
157
6. PIC components and deployment
The example above shows a trap generated because the value generalClientsVal (the number of currently connected clients)
had the value 7 and an alert limit configured to 5.
For further processing of SNMP traps, refer to the documentation for the SNMP management station software used.
Disk usage
When the system disk (pl2) reaches 80% usage or any of the data or statistics partitions reach 90% usage, an
mteTriggerFired from the DISMAN-EVENT-MIB is sent.
ContentLogic Updates
PacketLogic sends SNMP traps (defined in the PACKETLOGIC-TRAP-MIB) for the following ContentLogic update events:
Wherever applicable, a text string is sent with the trap detailing the cause of the event.
Client backup
Copies the PLDB Resources (see Section 6.2.4.2, “Resources”) to an XML file that contains only the configuration
settings of resources that are actively chosen during the backup process.
The file syntax for Client backups include a date and timestamp followed by .plb suffix, for example,
20180214-11.45.plb.
158
6. PIC components and deployment
CLI backup
Copies the entire running configuration to a backup file. Restoring CLI backups can potentially reinstate everything in the
system to the state it was when the backup was made. The various CLI backup types are distinguished by their given
syntax and file extensions, where:
Configuration backups include the system hostname and distribution together with a date and timestamp, for example,
pl2-colt1-19.0.0.0-1802051611-180214-1738.tar.gz.gpg
Conlog backups include the system hostname together with a date and timestamp, for example, pl2connlog-
colt1-2018-02-20-1.tar.gz
Log backups include the system hostname together with a date and timestamp, for example, pl2logs-
colt1-2018-02-16.tar.gz
Statistics backups include the system hostname together with a date and timestamp, for example, pl2stats-
colt1-2018-02-16-1-1513036800.tar.gz
Note
• Client backups cannot be restored to any other major release from that they were made, that is, backups
taken from 18.x can not be restored to a later 19.x release.
• Backups only archive resources that are stored locally, that is, resources set to Proxy are not included.
This means that In a proxy setup, where resources are delegated to another remote PacketLogic system,
Backups must be set to the same proxy as the other resources. If not, only the contents of the local
database are included in the backup.
1. Start a terminal session, and type plclient & to run the PacketLogic client application from its local directory—and
open the the PacketLogic Manager dialog.
Note: Be sure to use the same PacketLogic Client version as the firmware running on the system to which you connect.
For example, run only PacketLogic Client v19.0 to connect with a PacketLogic system running v19.0 software.
2. In the System Manager dialog, select System Overview as the Default view, enter the IP Address and Username of the
system to which you want to connect. Click Connect to start the client session.
3.
Click the Backup Manager icon to open the Backup Manager.
159
6. PIC components and deployment
4.
Click the New Backup button to create the system backup file. The archived file is subsequently shown with an
appropriate timestamp and .plb file extension in the Backup list, for example, 20180214-15.00.plb.
5.
To archive the backup remotely, select the new backup file in the Backup list and click the Download button . This
copies the backup file from PacketLogic file system to the chosen folder location on the client host.
1. Start a terminal session, and type plclient & to run the PacketLogic client application from its local directory—and
open the the PacketLogic Manager dialog.
160
6. PIC components and deployment
Note: Be sure to use the same PacketLogic Client version as the firmware running on the system to which you connect.
For example, run only PacketLogic Client v19.0 to connect with a PacketLogic system running v19.0 software.
2. In the System Manager dialog, select System Overview as the Default view, enter the IP Address and Username of the
system to which you want to connect. Click Connect to start the client session.
3.
Click the Backup Manager icon to open the manager.
4.
Click the Upload button if the backup file you want to restore is not included in the Backup list, but is instead
archived on your workstation—or another remote system. Navigate to the (.plb) file you want, and click Open to start the
upload. Click OK in the subsequent Backup uploaded dialog to complete the operation.
5. In the Backup Restore dialog, select the resource or resources you want to restore—or right-click and Select All and
restore the entire configuration. Click OK.
161
6. PIC components and deployment
162
6. PIC components and deployment
Dependent on the choice of command, backups taken in the CLI configuration mode can potentially include system
configurations, connlogs, logs, and statistics. With any remote ftp/ssh host optionally configured (see Section 6.9.2.1,
“Configuring the remote host”), any of these backup types can then be saved to either the local system or the previously
defined remote host—or both. See also PacketLogic CLI Reference Guide.
• In preparation for configuring a remote host, it is necessary to copy/paste the public ssh-rsa key of the PacketLogic system
to the authorized_keys folder (or similar) on the remote (ftp/ssh) host. Enter ssh-key in the CLI operation mode
to display the PacketLogic public key. This operation is prerequisite for the remote host to recognize and subsequently
authenticate the user. Failure to do this causes the upload to fail with the following (or similar) error message:
• Although it is only necessary for the remote server to be preinstalled with ssh server software in order to download all CLI
backup types, the remote server must additionally be preinstalled with either ftp and/or http server software in order to
restore both connlog and statistic files. As configuration backups can be restored using both ssh or ftp, preinstalled ssh
server software is sufficient if statistics and connlog uploads are not anticipated.
1. In Terminal, enter the following command to login to the PacketLogic system using SSH on port 42002.
3. In the initial CLI operational mode, enter the command configure to enter CLI configuration mode. All subsequent
commands in this procedure are given in this mode.
4. With the following command define the server name, host IP address, protocol, port and (folder) path and username
of the remote server:
set system remotehosts server <server name> host <server IP address> protocol <ftp
or ssh> port <port number> path <folder structure> <username>
set system remotehosts server myserver host 192.168.0.1 protocol ssh port 42002
path /home/backups username jsmith
5. To enable the option for saving all subsequent configuration backups to a remote host (as defined in the previous step),
enter the command: set system backups configuration backup-host <server name>.
6. Use similarly modified commands to set the remote host for any required statistics, logs or connlog backups, for example,
set system backups {statistics | logs | connlog } backup-host myserver
163
6. PIC components and deployment
If any previously configured daily backups are no longer required, enter the command:
8. At any time, check the assignment of the backup-host for the statistics, connlog, log, and configuration backups using
the show configuration command.
The following example shows a configuration defined for daily backup and common host for all backup types.
Example
Prerequisites
• Section 6.9.2.1, “Configuring the remote host”—if backups are to be archived to a remote host (recommended).
• To generate connlogs and statistics, it is first necessary to turn on the PLSD and set up the Statistics filesystem with the
command set service statistics local true, and set the Statistics parameter PLS_CONNLOG_ENABLED
164
6. PIC components and deployment
parameter to True using the System Configuration Editor. The Enable connection log checkbox must also be set when
creating the related Statistics rule.
Note
The various combinations of all given CLI examples in these procedures are further described in PacketLogic
CLI Reference Guide.
1. In Terminal, enter the following command to login to the PacketLogic system using SSH on port 42002.
3. To make the configuration backup, enter the following command in CLI configuration mode:
Example: The following transcription shows the result of actively responding to both prompts to create backup archives
to both a temporary local file location (tmp/fileserv on the PacketLogic system, and the predefined remote backup server.
pladmin@colt1> configure
pladmin@colt1%> system backup configuration create
Upload backup file to remote host? (y/N): y
Use local storage (backup file available in fileserv)? (y/N): y
Creating backup pl2-colt1-19.0.0.0-1802051611-180214-1738.tar.gz.gpg
Uploading backup pl2-colt1-19.0.0.0-1802051611-180214-1738.tar.gz.gpg
File uploaded OK
The file is now available in the CLI provided backups fileserv area.
[ok][2018-02-14 17:38:23]
pladmin@colt1>
Important
As all local backups archived in both the CLI provided backups and Upgrade files folders of the
PacketLogic Client are stored in temporary memory tmp/fileserv, these files are deleted when the
PacketLogic system is rebooted. Consequently, all CLI backups must be archived to a remote file
location if they are to be later available for recovery purposes.
4. Enter similar commands in CLI operational mode to initiate separate log/connlog/statistics backup files:
Example transactions for each of these backup types are shown below.
165
6. PIC components and deployment
colin
A) Abort
> s
Use the format yyyy-mm-dd to construct one or more patterns. Separate
patterns with spaces.
Example patterns:
Year 2011
Month 2011-04
Date 2011-04-29
Combined 2011-04 2011-05
Specify date pattern(s), separate with space (a to abort): 2011-04 2011-05
Time needed for the backup job to complete is dependant on the size of
the network, number of rules in place and the number of days included.
[ok][2018-02-16 12:20:27]
> y
[ok][2018-02-16 16:00:19]
166
6. PIC components and deployment
pladmin@colt1>
1. In Terminal, enter the following command to login to the PacketLogic system using SSH on port 42002.
3. To restore previously archived configuration backup files from the local PacketLogic host, enter the following command
In the CLI configure mode:
Example
Note: To initially list all existing backup backup files, enter system backup configuration restore file /
4. Alternatively, restore previously archived backups from a defined remote (ssh) server using the following command in
CLI configure mode:
Example
Note: If the remote server has previously been defined with the (anonymous) ftp protocol in Section
6.9.2.1, “Configuring the remote host”, restore the backup file using the command: system backup
configuration restore url ftp://ftp.plbackup@172.20.57.21:/home/plbackup/pl2-
colt1-19.0.0.0-1802051611-180214-1738.tar.gz.gpg
5. Use the following command options in CLI operational mode to restore previously archived statistics and connlog backups
over ftp or http:
service statistics backup restore and service statistics backup connlog restore
At the prompt, specify the location of the backup file. Note that restoring any statistics backup downloads an additional
values file.
167
6. PIC components and deployment
'See also
Prerequisites: The PacketLogic system must have a valid license for the firmware version that you want to update to.
Caution
Local backups are stored in temporary memory and are deleted when the PacketLogic is rebooted.
Download the backup to a remote server to make sure that they are available for later recovery
purposes.
Download the latest PacketLogic firmware to your workstation from the Sandvine software library.
168
6. PIC components and deployment
See also
To update firmware
1. In the CLI of PacketLogic, type system update firmware file. A list of available PacketLogic firmware versions for
the platform is shown.
4. Type yes at the prompt Reboot system? [yes,NO]. The connection to PacketLogic is closed during the reboot.
See also
169
170
7. PacketLogic statistics file system
7.1. StatisticsObject
7.2. Distribution tree structure
7.3. Depth in NetObjects and ServiceObjects
7.4. Depth in AS path
7.5. Value paths
7.6. Links
7.7. Session Context in statistics
7.8. Subscriber NetObjects
7.9. NAT statistics
7.10. Averages based on usage analysis
7.11. Aggregation
7.12. Statistics ruleset templates
This chapter describes how statistics are stored in the PacketLogic statistics file system (StatsFS).
171
7. PacketLogic statistics file system
7.1. StatisticsObject
Statistics rules set conditions for which traffic to select for statistics storage, and apply StatisticsObjects to that traffic. The
StatisticsObjects determine what information to store and how to organize all statistical data to which the StatisticsObjects are
applied. Examples of possible information to store include statistics for local visited websites, remote visited websites, users
(defined by IPs, NetObjects, MAC-addresses and Switch Ports (using DHCP snooper and option 82), RADIUS usernames, and
so on), and applications or protocols. The combinations are endless. Any subset of traffic that can be matched with a statistics
rule can create statistics. You can configure statistics rules and StatisticsObjects to generate, for example, the following statistics:
The configuration of a StatisticsObject has fields to determine which metrics from the traffic to store and a distribution to determine
how the information is organized. You can set limits for the volume of incoming or outgoing traffic that must be sent to the
StatisticsObject for it to start storing statistics. You can also aggregate statistics to an aggregation server.
See also
To create a StatisticsObject
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
7. On the Fields tab, select the check boxes for the values that will generate statistics.
8. On the Distribution tab, click Add, and then click a value type.
172
7. PacketLogic statistics file system
10. Optionally, on the Limits tab, enter volume limits for then to start storing statistics.
See also
The figure illustrates how statistics can be distributed per NetObject and service. NetObjects are at the top level and services
underneath the NetObjects. A value is built for each of the NetObjects A, B, and C. Then, under each NetObject, a value is
built for each service.
This simple distribution example can be fine-tuned by using a multi-level NetObject structure, changing the depth of the NetObject
distribution, or changing the NetObject root. The next figure expands the distribution above, by adding a top-level distribution
for local hosts with a distribution of remote hosts on the level below.
173
7. PacketLogic statistics file system
For an example that illustrates a distribution configuration and the resulting statistics, see Section 8.7, “Distribution example”.
See also
With the NetObject tree shown in Figure 7.3 and the simple distribution in Figure 7.1, the distribution tree would look as in
Figure 7.4.
174
7. PacketLogic statistics file system
The entire object trees are included by default. If you only want to include part of the tree, you need to include the root of
that subtree in the StatisticsObject distribution. Select the NetObject root that you want in the Link/Root/Property list in the
distribution configuration.
Figure 7.5 illustrates a distribution with the NetObject root set to All NetObjects/Network/Customers with the NetObject tree
in Figure 7.3 configured.
175
7. PacketLogic statistics file system
You can also limit how far into an object tree to go before using the next distribution type underneath. This is done by specifying
the depth of a NetObject or ServiceObject. Returning to the example, if it is only desired to show statistics for the Staff, Guests,
and Customers NetObjects before distributing by Service, the depth can be limited. This is done by setting the depth parameter
to something other than All on the distribution level with NetObjects or ServiceObjects.
For example, setting depth to 2 for the NetObject distribution in the example would give the distribution shown in Figure 7.6. In
this illustration, the NetObject root has been set back to the default of All NetObjects.
176
7. PacketLogic statistics file system
See also
• Collecting all HTTP traffic and, under that, all HTTP traffic for each host in a set of 5000 hosts constitutes 5001 value paths.
For example:
• An embedded value path is a path that includes the value type. You can find the embedded value path in the address bar
in the Statistics view in the PacketLogic Client. The value type is referred to as splittype in the address bar.
For example:
See also
7.5.1. Fields
177
7. PacketLogic statistics file system
A value path can consist of several fields. A field is a metric of the traffic for which to keep statistics. Fields are available as
total fields and graph fields. Total fields collect accumulated metrics, that is, how much has been accumulated until now. Graph
fields collect samples, which show how the metric has varied over time. In the Field configuration of the StatisticsObject the
name of the total field is used.
You can use the following total fields and graph fields to store data. Some of the fields can also be used to display the data
by in Statistics view.
Connections CPS
Total Bytes (calculated from Incoming Bytes and Outgoing Tota bps (calculated from Incoming Bytes and Outgoing Bytes)
Bytes)
178
7. PacketLogic statistics file system
See also
Base Service The name of the service that generated the connection. Services are identified by DRDL
signatures and can be an application or a protocol (e.g., Netflix or Facebook). For more
information, see Section 5.5.3.2, “ServiceObjects”.
If Base Service differs from Service, a virtual service definition is providing the Service.
Categories The ContentLogic categories that match the connection. A connection can belong to
several different categories. For more information, see Section 7.4, “Intelligence Feeds” in
PacketLogic Real-Time Enforcement product guide.
Device ID The device ID used to detect line sharing. For more information, see Section 7.15, “Line
Sharing - estimation and enforcement” in PacketLogic Real-Time Enforcement product
guide.
When Device ID is used in the distribution, the first statistics distribution level will consist of
device types, with the device IDs on the level below.
Since the device ID is unique per PRE, the value types System and Local Host must be
included in statistics distributions related to line sharing.
External ASpath The Border Gateway Protocol (BGP) AS path, from PacketLogic to the host on the external side
of PacketLogic. For more information, see Section 7.5, “Border Gateway Protocol (BGP)”
in PacketLogic Real-Time Enforcement product guide.
The depth parameter in the configuration specifies the length of the AS path. E.g., a connection
with AS path 1,2,3,4 and depth set to All would give values for AS 1, below that AS 2, below
that AS 3, and below that AS 4. Setting the depth to 2 would give values for AS 1 and below
that for AS 2.
External BGP Community The Border Gateway Protocol (BGP) Community on the external side of the PacketLogic. For
more information, see Section 7.5, “Border Gateway Protocol (BGP)” in PacketLogic Real-
Time Enforcement product guide.
The depth parameter in the configuration specifies the length of the AS path. E.g., a connection
with AS path 1,2,3,4 and depth set to All would give BGP Community values for AS 1, below
that AS 2, below that AS 3, and below that AS 4. Setting the depth to 2 would give values
for AS 1 and below that for AS 2.
In Channel The ID of the channel on which the inbound packets in the connection arrive.
In DSCP The value of the Differentiated services Code Point (DSCP) field found on inbound packets in
the connection. For more information, see Section 6.5.1, “Packet analysis” in PacketLogic
Real-Time Enforcement product guide.
179
7. PacketLogic statistics file system
Name Description
In MPLS The Multiprotocol Label Switching (MPLS) label found on inbound packets in the connection.
For more information, see Section 6.5.1, “Packet analysis” in PacketLogic Real-Time
Enforcement product guide.
In Vlan ID The ID of the VLAN header on the inbound packets in the connection. For more information,
see Section 6.5.1, “Packet analysis” in PacketLogic Real-Time Enforcement product guide.
The depth parameter in the configuration specifies the number of VLAN levels used to build
statistics values. Values can be built for a maximum number of four levels. E.g., a depth of
4 would give values for level 1, 2, 3 and 4. Setting the depth to 1 would give values for the
outermost level only.
In Vlan Priority The priority code point (PCP) of the VLAN header on the inbound packets in the connection.
For more information, see Section 6.5.1, “Packet analysis” in PacketLogic Real-Time
Enforcement product guide.
The depth parameter in the configuration specifies the number of VLAN levels used to build
statistics values. Values can be built for a maximum number of four levels. E.g., a depth of
4 would give values for level 1, 2, 3 and 4. Setting the depth to 1 would give values for the
outermost level only.
Internal ASpath The Border Gateway Protocol (BGP) AS path, from PacketLogic to the host on the internal side
of PacketLogic. For more information, see Section 7.5, “Border Gateway Protocol (BGP)”
in PacketLogic Real-Time Enforcement product guide.
The depth parameter in the configuration of the distribution specifies the length of the AS path.
E.g., a connection with AS path 1,2,3,4 and depth set to All would give values for AS 1, below
that AS 2, below that AS 3, and below that AS 4. Setting the depth to 2 would give values
for AS 1 and below that for AS 2.
Internal BGP Community The Border Gateway Protocol (BGP) Community on the internal side of the PacketLogic. For
more information, see Section 7.5, “Border Gateway Protocol (BGP)” in PacketLogic Real-
Time Enforcement product guide.
The depth parameter in the configuration specifies the length of the AS path. E.g., a connection
with AS path 1,2,3,4 and depth set to All would give BGP Community values for AS 1, below
that AS 2, below that AS 3, and below that AS 4. Setting the depth to 2 would give values
for AS 1 and below that for AS 2.
IP Protocol The IP protocol used for the connection (e.g., 6 for TCP or 17 for UDP).
Link A link to another distribution. By using a link, the value paths built by the linked distribution can
be reused to save storage space. For more information, see Section 7.6, “Links”.
Local Vhost The virtual host name of the local host in the connection.
The depth parameter in the configuration specifies the number of sections in the local host
name used to build values. The top-level domain is accounted for as depth 1, even if it consists
of multiple sections (e.g., "google.co.uk", where "co.uk" is the top-level domain). To determine
which sections that form the top-level domain, the Public Suffix List (https://publicsuffix.org/
list/public_suffix_list.dat) is used. If the top-level domain cannot be found in the list, the first
entry will be considered the top level.
NetObject A NetObject that groups hosts into different categories. For more information, see Section
5.5.3.1, “NetObjects”.
180
7. PacketLogic statistics file system
Name Description
The root and depth parameters in the configuration specify for which levels in the NetObject
tree that values should be built. The root specifies the level in the NetObject tree where the
path should start. The depth specifies how deep the path should go from that point. E.g., a
depth of 2 includes the next two levels below the root. For more information, see Section 7.3,
“Depth in NetObjects and ServiceObjects”.
Origin AS The Border Gateway Protocol (BGP) AS number of the autonomous system (AS) furthest away
on the external side of the PacketLogic. For more information, see Section 7.5, “Border
Gateway Protocol (BGP)” in PacketLogic Real-Time Enforcement product guide.
Out Channel The ID of the channel on which the outbound packets in the connection are sent.
Out DSCP The value of the Differentiated services Code Point (DSCP) field found on outbound packets in
the connection. For more information, see Section 6.5.1, “Packet analysis” in PacketLogic
Real-Time Enforcement product guide.
Out MPLS The Multiprotocol Label Switching (MPLS) label found on outbound packets in the connection.
For more information, see Section 6.5.1, “Packet analysis” in PacketLogic Real-Time
Enforcement product guide.
Out Vlan ID The ID of the VLAN header on the outbound packets in the connection. For more information,
see Section 6.5.1, “Packet analysis” in PacketLogic Real-Time Enforcement product guide.
The depth parameter in the configuration specifies the number of VLAN levels used to build
statistics values. Values can be built for a maximum number of four levels. E.g., a depth of
4 would give values for level 1, 2, 3 and 4. Setting the depth to 1 would give values for the
outermost level only.
Out Vlan Priority The priority code point (PCP) of the VLAN header on the outbound packets in the connection.
For more information, see Section 6.5.1, “Packet analysis” in PacketLogic Real-Time
Enforcement product guide.
The depth parameter in the configuration specifies the number of VLAN levels used to build
statistics values. Values can be built for a maximum number of four levels. E.g., a depth of
4 would give values for level 1, 2, 3 and 4. Setting the depth to 1 would give values for the
outermost level only.
Outgoing TTL The last seen Time To Live (TTL)/Hop Limit in the header on an outbound packet in the
connection. For more information, see Section 6.5.1, “Packet analysis” in PacketLogic Real-
Time Enforcement product guide.
Property The DRDL properties of the connection. Which properties that are available (e.g., file size,
server version, and user name) depends on the application and can be selected in the
configuration.
Remote Vhost The virtual host name of the remote host in the connection.
The depth parameter in the configuration specifies the number of sections in the remote host
name used to build values. The top-level domain is accounted for as depth 1, even if it consists
of multiple sections (e.g., "google.co.uk", where "co.uk" is the top-level domain). To determine
which sections that form the top-level domain, the Public Suffix List (https://publicsuffix.org/
list/public_suffix_list.dat) is used. If the top-level domain cannot be found in the list, the first
entry will be considered the top level.
181
7. PacketLogic statistics file system
Name Description
Service The name of the service that generated the connection. Services are identified by DRDL
signatures and can be an application or a protocol (e.g., Netflix or Facebook). For more
information, see Section 5.5.3.2, “ServiceObjects”.
If Base Service differs from Service, a virtual service definition is providing the Service.
ServiceObject A ServiceObject that groups services into different categories. For more information, see
Section 5.5.3.2, “ServiceObjects”.
The root and depth parameters in the configuration specify for which levels in the ServiceObject
tree that values should be built. The root specifies the level in the ServiceObject tree where
the path should start. The depth specifies how deep the path should go from that point. E.g.,
a depth of 2 includes the next two levels below the root. For more information, see Section
7.3, “Depth in NetObjects and ServiceObjects”.
Session Context Column Session Context data about a connection provisioned from PSM.
The schema and column parameters in the configuration specify how to distribute statistics
by Session Context data. For more information, see Section 7.7, “Session Context in
statistics”.
System An identifier for the PRE system that processed the traffic. The machine ID will be used, unless a
system name has been configured. (The system name can be set by the system configuration
value SYSTEM_NAME found in the General directory.)
XFB Flags The eXtended File Broker (XFB) flags. The flags describe the transfer behaviour of the traffic
(e.g., timing, packet size and distribution). One connection can have several XFB flags.
For more information, see Section 6.6.1.3.14, “FlagObjects” in PacketLogic Real-Time
Enforcement product guide.
The following tables list the name and ID of value types. The IDs can be used in queries in the SQL Interface and in the PythonAPI.
StatisticsObject / Root 0
NetObject 513
ServiceObject 517
Service 518
In VLAN 521
IP Protocol 523
182
7. PacketLogic statistics file system
Name ID
In DSCP 527
In Channel 529
In MPLS 531
Origin AS 536
Property 537
Categories 541
System 545
Device ID 546
183
7. PacketLogic statistics file system
See also
• Section 7.15, “Line Sharing - estimation and enforcement” in PacketLogic Real-Time Enforcement product guide
• Section 7.5, “Border Gateway Protocol (BGP)” in PacketLogic Real-Time Enforcement product guide
7.6. Links
Linking in statistics is a way of reducing the number of stored value paths by reusing value paths created by other statistics
distributions. Linking between StatisticsObjects reduces duplicate value paths and is an effective way of saving storage space,
without removing complexity from the distribution. When you add a link in the distribution configuration of a StatisticsObject, the
value paths built by the distribution below the link will be retrieved from statistics stored by another distribution.
See also
184
7. PacketLogic statistics file system
Prerequisites: There must be another StatisticsObject configured, that you link to.
To configure a link
1. Create a StatisticsObject.
See also
The distribution that Topology 1 links to is configured to store values for all subscribers in the NetObject PSM/All Subscribers.
185
7. PacketLogic statistics file system
The StatisticsObject Topology 1 builds value paths in the form /Topology 1/<CMTS>/<subscriber>, such as:
/Topology 1/
/Topology 1/CMTS 1
/Topology 1/CMTS 1/subscriber 1
/Topology 1/CMTS 1/subscriber 2
/Topology 1/CMTS 2
/Topology 1/CMTS 2/subscriber 3
/Topology 1/CMTS 2/subscriber 4
See also
A StatisticsObject called Topology 1 is distributed by cell tower. Since a subscriber can move between cell towers and thereby
be located in different NetObjects, the resulting values should also be accumulated per cell tower. A subscriber that has used
more than one cell tower will have value paths stored for all those cell towers.
In this example, the problem is that the values linked from the StatisticsObject Subscribers 1 are values that the subscribers have
accumulated daily, regardless of how many cell towers that have been used. The value paths that are built from this distribution
show values for each cell tower that could be accumulated for several cell towers.
StatisticsObject, Topology 1
|- NetObject, By Celltower
|- Link, Subscribers 1
|- NetObject, PSM/All Subscribers
StatisticsObject, Subscribers 1
186
7. PacketLogic statistics file system
Another requirement for a link to work properly is that the distribution that the link is pointing to must contain all possible NetObjects
of interest. This is usually all subscribers or local hosts.
See also
When there is only one NetObject distribution at a certain distribution level, the value paths that are stored do not use the
NetObject root name. For example, if the NetObject root is configured to PSM/All Subscribers in a distribution with only one
NetObject on the relevant level, the value paths will not contain All Subscribers, which is the root name. Instead the NetObject
below All Subscribers—in this case each subscriber—will be added in the path directly. On the other hand, when there are more
than one NetObject at a linked distribution level, the NetObject root name is included in the stored value paths. When a link is
configured in a StatisticsObject, the path to link to has to be exactly specified.
Double NetObjects in a link are required when there are two or more NetObjects at the link target distribution level. When the
values are built for a StatisticsObject that contains two or more NetObjects at a distribution level, the value path will contain the
NetObject root name. This will not be the case for StatisticsObjects containing one NetObject at the relevant level.
A StatisticsObject called Topology 1 links to the StatisticsObject Subscribers 1 which is distributed by one NetObject. Thereby
only one NetObject is added in the link with the root starting at PSM/All Subscribers, which means that the NetObjects in PSM/
All Subscribers will be added directly in the value path, and all NetObjects in PSM/All will have values if they use traffic. The value
paths will be built in the form /Topology 1/<CMTS>/<subscriber>. For example:
StatisticsObject, Topology 1
|- NetObject, PSM/By CMTS
|- Link, Subscribers 1
|- NetObject, root=PSM/All
StatisticsObject, Subscribers 1
|- NetObject, PSM/All Subscribers
/Subscribers 1
/Subscribers 1/subscriber 1
/Subscribers 1/subscriber 2
187
7. PacketLogic statistics file system
PSM
|- All Subscribers
|- By Tier
|- By CMTS
A StatisticsObject called Topology 2 links to the StatisticsObject Subscribers 2 which has a distribution with two NetObjects
on the same level. Thus, two NetObjects with the root starting at PSM/All Subscribers are added in the link. The value path
the link is pointing to has to be exactly specified. The value path names resulting from the StatisticsObject PSM/All Subscribers
will contain the NetObject root, so double NetObjects in the link are required. However, as a result of the internal process of
retrieving the resulting value paths—including the linked values—when querying the statistics system, the values of Topology
2 will have the same form as for Topology 1 in the example above. When the statistics file system is queried, the value paths
will have the form /Topology 2/<CMTS>/<subscriber>.
StatisticsObject, Topology 2
|- NetObject, PSM/By CMTS
|- Link, Subscriber 2
|- NetObject, PSM/All Subscribers
|- NetObject, PSM/All Subscribers
StatisticsObject, Subscribers 2
|- NetObject, PSM/All Subscribers
|- NetObject, PSM/By Tier
Examples of value paths resulting from the Subscribers 2 distribution, where the root name is included:
/Subscribers 2
/Subscribers 2/All Subscribers/subscriber 1
/Subscribers 2/All Subscribers/subscriber 2
/Subscribers 2/By Tier/Tier A
/Subscribers 2/By Tier/Tier A/subscriber 1
/Subscribers 2/By Tier/Tier B/subscriber 2
PSM
|- All Subscribers
|- By Tier
|- By CMTS
See also
188
7. PacketLogic statistics file system
in the value path of the link target distribution. The value paths will look different depending on if there is one or more NetObjects
on the link target distribution level.
In the examples in Section 7.6.4, “Single or double NetObjects in a link”, the StatisticsObject Topology 1 contains a link
to the StatisticsObject Subscribers 1. The embedded value paths of Subscribers 1 will have the form /Subscribers 1?
StatisticsObject/<subscriber>?NetObject. Every value path will contain one NetObject, and the depth should be
set to 1 for the NetObject root PSM/All Subscribers in Topology 1.
The StatisticsObject Topology 2 in the example, contains a link to the StatisticsObject Subscribers 2, which is distributed by
two NetObjects. The embedded value paths for the PSM/All Subscribers NetObject of Subscribers 2 will have the form /
Subscribers 2?StatisticsObject/All Subscribers?NetObject/<subscriber>?NetObject. Every value
path will contain two NetObjects, and the depth should be configured to 2 for the NetObject root PSM/All Subscribers in
Topology 2.
See also
Subscribers, StatisticsObject
|- NetObject, PSM/All Subscribers
| |- Service
|- NetObject, PSM/By Tier
|- Link, Subscribers
|- NetObject, PSM/All Subscribers
|- NetObject, PSM/All Subscribers
189
7. PacketLogic statistics file system
See also
You need to specify which column in the Session Context schema that identifies a subscriber to be used in statistics and for
subscriber count purposes. When a subscriber count is performed in the PacketLogic Client, the SQL interface, or the PythonAPI,
all levels in the StatisticsObject tree structure are searched recursively to find all unique subscribers. A subscriber count differs
from a sub-item count, which, if configured, is collected and stored for the sub-level of every level in the distribution.
The value paths created by distributions using SessionContextObjects will be shown with the value type NetObject in the
Statistics view in the PacketLogic Client.
FIGURE 7.9 Session Context value path with value type NetObject
A StatisticsObject with a distributions that contains Session Context data, will build statistics values for both the column name
level and item level. There is an option to exclude the column name from the statistics value structure, so that the resulting
distribution levels are compatible with data collected using NetObject distributions in previous versions of PacketLogic.
See also
• Sub-Item Count
You specify which column in the Session Context schema that identifies a subscriber to be used in statistics and for
subscriber count purposes.
190
7. PacketLogic statistics file system
Set the system configuration value PLS_SCHEMA_COLUMN_SUBSCRIBER in the Statistics folder to schema_name/
column_name.
2. Configure a StatisticsObject
You configure a StatisticsObject to use Session Context data provisioned from PSM in statistics.
3. Configure a SessionContextObject
You configure a SessionContextObject to define specific values in fields of a Session Context Schema in PSM.
You configure a statistics rule with a SessionContextObject to match traffic with a StatisticsObject.
See also
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
7. On the Fields tab, select the check boxes for the values that will generate statistics.
8. On the Distribution tab, click Add, and then click Session Context Column.
9. In the Link/Root/Property box, type schema_name/column_name to use a column in the Session Context data to
distribute statistics.
191
7. PacketLogic statistics file system
10. To exclude the Session Context column name from the distribution, in the Column Name list, click Exclude.
See also
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
6. In the workspace, click the plus icon, point to Add Condition, and then click New Condition.
For more information about how to configure conditions, see Section 6.6.2.1, “Use conditions to create rules” in
PacketLogic Real-Time Enforcement product guide.
8. In the Type column, click the arrow on the condition and select SessionContextObject.
9. In the Name/Object column, click the the arrow and select a SessionContextObject.
10. In the navigation pane, expand the new rule and click StatisticsObjects.
11. In the Available list, click a StatisticsObject, and then click the right-pointing arrow to add the object to the rule.
See also
192
7. PacketLogic statistics file system
When a subscriber count is performed to be presented in the PacketLogic Client, or by using subscriber count queries in the
SQL interface or the PythonAPI, all levels in the StatisticsObject tree are searched recursively to find all unique subscribers. A
subscriber count differs from a sub-item count, which, if configured, is collected and stored for the sub-level of every level in
the distribution. (Sub-Item Count).
See also
• Sub-Item Count
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
3. In the navigation pane, expand the Objects folder, and then expand the NetObjects folder.
7. Click OK.
See also
193
7. PacketLogic statistics file system
Consider the following example. A connection sees 3000 bytes of traffic during 10 seconds of a five-minute (300 seconds)
graph interval. The average value for that connection will be calculated as follows:
Using only the 10 seconds that the connection was active would result in a more accurate view of the peak value of that time
interval:
Averages based on usage analysis is a feature that stores an activity bitmask along with the graph data based on the graph
interval of five minutes. This means that additional graph data points based on the five second intervals that the connection has
been active can be calculated. The traffic volume that a connection sees during the five minute graph point interval will then be
divided by the active five second intervals of the connection to get the average value based on the usage analysis.
The bitmask that is linked to the connection is used to determine which five second intervals are active for the connection.
Each bit in the bitmask corresponds to a connection update interval, which is five seconds by default. If the connection is active
during the connection update interval, the corresponding bit is set. The time interval to use for the calculation of the average
is then based on how many bits are set in the bitmask. If a connection is active during two connection update intervals, two
bits in the bitmask will be set, and the calculation of the average for the five minute graph point interval will be based on the
10 seconds that the connection was active.
If two or more connections are related to the same value, they are linked to form one bitmask. The resulting bitmask is then
stored along with the value of the connection.
194
7. PacketLogic statistics file system
Note
The graph point interval is five minutes by default and the connection update interval is five seconds by default. You
can configure the intervals with the system configuration values PLS_GRAPH_FREQUENCY in the Statistics
folder and CONNECTION_UPDATE_INTERVAL in the Connection Handling folder. For averages based on
usage analysis to work properly, the following condition should be met:
PLS_GRAPH_FREQUENCY / CONNECTION_UPDATE_INTERVAL ≤ 64
The graph point interval divided by the connection update interval must be less than or equal to 64, since that
is the length of the bitmask when the values are built. The following example uses the default values:
In this case the first 60 bits in the bitmask will be used for setting the activity of a connection.
See also
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
3. In the navigation pane, expand the Objects folder, and then expand the StatisticsObjects folder.
4. Select a StatisticsObjects.
5. On the Distribution tab, in the Graph Points list, click Add, and then click Usage analysis.
See also
2. In Statistics view, on the Graphs tab, select the Use usage analysis data checkbox.
195
7. PacketLogic statistics file system
See also
7.11. Aggregation
Aggregation is suitable for deployments where a high level view of statistics stored by multiple PIC systems is required.
Aggregation can be done for a variety of reasons:
• A single statistics system cannot handle all statistics generated by a multi-system deployment, but you still want some data
from all systems to be combined to show total network statistics.
• You need an aggregated high-level view for central network management staff, but detailed data is necessary for local
engineers.
Statistics can be aggregated for each StatisticsObject to a dedicated aggregation server. The aggregation server is a PIC, which
receives values from other PIC systems, instead of directly from PRE. Statistics reader peering can be used to share statistics
between multiple PIC systems. For more information, see Section 8.3, “Statistics reader peering”.
Two PIC systems are placed at different locations. One PIC manages the staff network, and the other PIC manages the customer
network. The total network is defined by the NetObject tree shown in the figure, which is shared among the PIC systems by
means of a resource proxy.
The StatisticsObjects to store statistics data are defined locally on both PIC systems. The local PIC builds data sets and sends
them to the aggregation system where they will be stored. The aggregation system is configured on the local PIC systems as
the aggregation resource. Statistics that are sent to the aggregation server cannot be retrieved from the local PIC, but only be
viewed on the aggregation system.
Note
If the StatisticsObject that is configured to send statistics to the aggregation resource contains links to other
StatisticsObjects, the link target objects also need to be configured to aggregate statistics.
196
7. PacketLogic statistics file system
See also
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
3. In the navigation pane, expand the Objects folder, and then expand the StatisticsObjects folder.
4. Select a StatisticsObjects.
6. On the Aggregation tab, select the Aggregate this object to the aggregation server check box.
See also
4. On the Aggregation tab, select the Aggregate this object to the aggregation server check box.
197
7. PacketLogic statistics file system
6. In the Proxy address box, type the IP address of the aggregation server.
The IP address can be the address of the administration interface or the auxiliary interface.
7. In the Proxy user box, type the name of a user on the aggregation server.
9. Click OK.
The status of the resource should say Ready after a short while.
See also
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
3. On the File menu, point to Import Template, and then click Stock.
See also
198
7. PacketLogic statistics file system
StatisticsObjects
Services
This StatisticsObject is configured so that information about services, service categories and the local hosts using them
is gathered. The information can be used to find out which applications are the most popular, or which subscribers use
the most downstream volume for a particular service.
Subscribers
This StatisticsObject is configured so that information about traffic behaviour and habits of the subscribers is collected.
The information can for example be used to list the applications that the subscribers who use the most downstream
volume are using, or the most popular services among the subscribers of a certain tier or subnet.
Web
This StatisticsObject is configured so that information about service categories, remote virtual hosts and the local hosts
connecting to them is collected. Information about the devices used to access the services is also stored. If applicable,
information about ContentLogic categories is also collected.
Devices
This StatisticsObject is configured so that information about the devices used in the network is collected. The most
popular devices and applications used by particular devices are examples of the type of information collected.
BGP
The BGP StatisticsObject is distributed to gather Origin AS and External AS information for service catetgories and
services.
Statistics rules
All Hosts
This rule applies to templates that do not require PSM provisioning. It links the hosts in the All Hosts NetObject to the
Services, Subscribers and Devices StatisticsObjects, so that information can be collected according to the configurations
of these objects for all subscribers in the network.
Web
This rule links the service categories Web Browsing and Streaming Media to the Web StatisticsObject. The rule ensures
that only connections with the property Server Hostname set is accounted for.
In PSM
This rule applies to templates that require PSM provisioning. It links the subscribers in the PSM NetObject to the Services,
Subscribers and Devices StatisticsObjects, so that information can be collected according to the configurations of these
objects for all subscribers in the network.
PropertyObject
Empty Hostname
This PropertyObject is used by the Web rule on connections that have the Server Hostname property.
Note
If the compatible NetObject tree is not in place on PRE, the distribution of the StatisticsObject will point to the
top level NetObject (instead of the PSM provisioned NetObject), and the template will not work.
199
7. PacketLogic statistics file system
7.12.4. T1 — No PSM
When the t1-no-psm.xml file is installed on PRE, the most basic statistics ruleset template is created. It does not demand PSM
provisioning, and only needs traffic passing through PRE to function. The information that is collected once T1 is installed, is
general and valuable statistics about services, hosts and devices. The following rules and objects are built when installing the
template:
• Subscribers • Web
• Web
• Devices
See Section 7.12.2, “Objects and rules in statistics ruleset templates” for information about the objects and rules.
NetObjects
|- NetObject, All Hosts
|- NetObject, By Subnet
|- NetObject, <Subnet ID>
The All Hosts NetObject holds all local hosts in a flat list. The By Subnet NetObject contains a NetObject for each subnet, which
holds the local hosts of that subnet. The Subnet NetObjects that are created when installing the file can be adjusted to fit the
network. These NetObjects do not necessarily have to be used in the installation, but they need to be available in the NetObject
structure for T1 to work properly.
• Subscribers • Web
• Web
• Devices
See Section 7.12.2, “Objects and rules in statistics ruleset templates” for information about the objects and rules.
200
7. PacketLogic statistics file system
NetObject, PSM
|- NetObject, All Subscribers
| |- NetObject, <SubscriberID>
|- NetObject, By Tier
|- NetObject, <TierID>
|- NetObject, <SubscriberID>
The following NetObject tree syntax can be used in the PSM to provision the NetObject structure on PRE. The syntax should
be adjusted to suit the current configuration. See the PSM Product Guide for information configuration of the NetObject tree.
/All Subscribers !
/By Tier/<subscriber.tier> !
7.12.6. T7 — BGP
The T7 template is a superset of T2 — Subscriber Awareness, which means that this template is dependent on PSM intergration
with a specific configuration. T7 requires the same NetObject structure as T2, see Section 7.12.5.1, “T2 NetObject structure”.
The information that is collected when this template is installed and the relevant NetObject tree is in place is the same as for T2,
but with additional BGP information included. The following objects and rules are installed when importing the template:
• Subscribers • Web
• Devices
• Web
• BGP
See Section 7.12.2, “Objects and rules in statistics ruleset templates” for information about the objects and rules.
• Subscribers • Web
201
7. PacketLogic statistics file system
• Web
• BGP
See Section 7.12.2, “Objects and rules in statistics ruleset templates” for information about the objects and rules.
202
8. PacketLogic statistics reading
8.1. Statistics reading overview
8.2. Statistics reader proxy workflow
8.3. Statistics reader peering
8.4. Statistics view navigation
8.5. Peak analysis
8.6. Duration for limits
8.7. Distribution example
This chapter describes how to read statistics stored in the PacketLogic statistics file system in PacketLogic Client.
203
8. PacketLogic statistics reading
• You can use Statistics view in PacketLogic Client to create reports and view statistics.
• When there are multiple PICs storing statistics, you can use peering to view aggregated statistics from more than one PIC
in the same client.
• When data is stored on a PIC, you can view the statistics in the client of PRE, if you proxy the statistics reader (StatReader)
resource on PRE to PIC.
For more information, see Section 8.2, “Statistics reader proxy workflow”.
See also
You create a statistics user to connect between PRE and PIC systems.
You proxy a database resource to locally view and manage a resource that is located on another PacketLogic component.
The statistics reader resource on PRE reads statistics stored on PIC. You can view the statistics in PacketLogic Client
of PRE.
204
8. PacketLogic statistics reading
See also
In large deployments—where a single PIC is not capable of holding all the data for the configured statistics objects and rules
(for example due to load)—the data can be shared among multiple PIC systems. You can use peering to connect to a single
system and still see all the data. One PIC can be designated as the one to use for statistics reading, and have all other PIC
systems with relevant data as peers.
Note
• Statistics reader peering has only limited handling of query loops. If two systems both are peering with
each other, this is handled. If three or more systems are peering with each other, queries will result in
loops and cause statistics reading to fail.
• If network or system issues or misconfiguration prevent a PIC using peering from receiving replies from
all its peers, no data will be shown for the query.
See also
Note
For releases earlier than 17.1, all peering PICs must be of the same major release version.
See also
205
8. PacketLogic statistics reading
Prerequisites: There must be a user with the relevant permissions on each peering PIC. For more information about user
permissions, see Section 6.4, “Statistics user”.
3. To add a peering PIC system, type set service statistics statistics-reader-peers {host_ip_address | host_name}
password password username user_name.
You can type either the IP address or name of the host to be added as a peer. The user name is the name of a
statistics user on the peer.
4. Type commit.
See also
• Right-click an item to copy the chart or the link location for the item to the clipboard.
• Click an item show a chart for the item in the current tab. Right-click the item to open the chart in a new tab with Open
Link in New Tab.
• Point to an item in a chart to display a tooltip with information about the item.
206
8. PacketLogic statistics reading
• In line charts and stacked area charts, zoom by holding down Shift while moving the pointer over to interval.
• In line charts and stacked area charts, display peak data by holding down Ctrl while clicking a graph point.
8.4.3. Bookmarks
Bookmarks are used save a specific view when you explore statistics in StatsFS. Use the Export Bookmarks option on the
context menu of a folder in Statistics view to export bookmarks. Bookmarks can be imported to a bookmarks folder with the
Import Bookmarks option on the same menu. For more information, see Section 3.3.2.1, “Bookmarks tab context menu”.
Bookmarks are exported in PacketLogic Bookmarks (.pbx) format. This is an example of the content of a PBX file, where the
folder is called 'My bookmarks' and contains the two bookmarks 'Local hosts' and 'URLs'.
<!DOCTYPE plclient-bookmarks-1>
<bookmarks>
<item type="folder" name="My bookmarks">
<item type="bookmark" date="2019-11-05T00:00:00" interval="day" name="Local hosts"
datemode="fixed" numberofvalues="0"
address="bar:/Local hosts?Statistics Object/?splittype=Local
Host&datatype=Traffic"/>
<item type="bookmark" date="2019-11-05T00:00:00" interval="day" name="URLs"
datemode="fixed" numberofvalues="0"
address="bar:/URLs?Statistics Object/?splittype=Property&datatype=Traffic"/>
</item>
</bookmarks>
See also
See also
207
8. PacketLogic statistics reading
2. In Statistics view, navigate to the graph you want to see peak data for.
See also
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
3. In the navigation pane, expand the Objects folder, and then expand the StatisticsObjects folder.
4. Select a StatisticsObject.
5. On the Fields tab, select the Graph Points check box to collect graph data for a field.
6. On the Distribution tab, in the Graph Points list, click Normal to collect graph data for sub-item.
See also
4. On the Navigation tab, select the Show duration for matches check box.
5. Click Apply.
208
8. PacketLogic statistics reading
See also
Distribution
|
+ -- Device category
| |
| + -- Device name
| |
| + -- ServiceObject
| |
| + -- Service
| |
| + -- Local Host
|
+ -- Service
|
+ -- Device category
|
+ -- Device name
|
+ -- Local Host
The configuration of the StatisticsObject in the Objects & Rules Editor in PacketLogic Client has a value type for each distribution
level.
• Device category and Device name are properties and use the Property value type. For more information, see Section
7.5.2, “Value types”.
• Depth and root are specified for the ServiceObject. Here, depth is set to 1 and root is set to Procera Networks Categorization/
Categories. For more information, see Section 7.3, “Depth in NetObjects and ServiceObjects”.
209
8. PacketLogic statistics reading
The resulting statistics can be viewed in the Statistics viewer in PacketLogic Client. On the top level of the StatisticsObject there
are two distributions to choose between—Service and Property.
In this example, Property is selected. Since the property value type is set to Device category on the first level of the StatisticsObject
configuration, the bar chart shows a list of device categories.
210
8. PacketLogic statistics reading
On the level below device categories, statistics are distributed by device name. The bar chart shows a list of the devices in
the device category. The value path is /Devices?Statistics Object/Device category?Property/Computer?
Property/Device name?Property/?splittype=Property.
On the level below devices, there are three different distributions to choose between—ServiceObject, Service, and Local Host.
All these three distributions are on the lowest level. Since the depth is set to 1 for the ServiceObject, this is the lowest level
also for that distribution.
• Selecting ServiceObject shows all the ServiceObjects for the device. The value path is /Devices?
Statistics Object/Device category?Property/Computer?Property/Device name?Property/
Mac?Property/?splittype=ServiceObject.
211
8. PacketLogic statistics reading
• Selecting Service shows all the services for the device. The value path is /Devices?Statistics Object/
Device category?Property/Computer?Property/Device name?Property/Mac?Property/?
splittype=Service.
212
8. PacketLogic statistics reading
• Selecting Local Host shows all the Local Hosts for the device. The value path is /Devices?
Statistics Object/Device category?Property/Computer?Property/Device name?Property/
Mac?Property/?splittype=Local Host.
See also
213
214
9. Insights Data Storage
9.1. About Insights Data Storage
9.2. Data export to Insights Data Storage
This chapter describes values and procedures for configuring data export from PacketLogic systems to Insights Data Storage.
215
9. Insights Data Storage
Insights data is organized in two database schemas for traffic and score data. The table columns contain either a metric of an
accumulated value or a dimension used for categorizing the data.
• Traffic data is located in the traffic.stats table. It stores subscriber application and diagnostics data. Each row in the table
holds the accumulation of metrics during 5-minute periods for each unique combination of the dimensions.
• Score data is located in the in the score.stats_hourly table. It stores quality measurements with higher resolution than the
traffic data. Each row in table holds the accumulation of metrics during 1-hour periods for each unique combination of
the dimensions.
The PacketLogic system can be a PRE or a PIC that runs the PacketLogic Statistics Daemon (PLSD). In order to run the statistics
daemon on PRE, PRE must have a Statistics license and local statistics enabled. For more information, see Section 6.3.6,
“Enabling/disabling local statistics”.
You enable Insights data export to send data from PacketLogic to Insights Data Storage.
The procedure should be performed on all PacketLogic systems that run the PacketLogic Statistics Daemon (PLSD) and
provide Insights Data Storage with data.
You add Insights Data Storage nodes as data collectors to store data from PacketLogic.
The procedure should be performed on all PacketLogic systems that run the PacketLogic Statistics Daemon (PLSD)
and provide Insights Data Storage with data. To achieve load balance in the cluster, all Insights Data Storage nodes
must be added.
You follow this procedure to specify which dimensions that will be used for data export to Insights Data Storage.
The procedure should be performed on all PacketLogic systems that run the PacketLogic Statistics Daemon (PLSD) and
provide Insights Data Storage with data.
216
9. Insights Data Storage
Section 9.2.4, “Selecting dimensions for data export to Insights Data Storage”
4. Select the traffic used for traffic data export to Insights Data Storage
You configure a statistics rule to specify which network traffic that will be used for traffic data export to Insights Data
Storage.
The procedure should be performed on all PacketLogic systems that run the PacketLogic Statistics Daemon (PLSD) and
provide Insights Data Storage with data.
See also
• Section 9.2.4, “Selecting dimensions for data export to Insights Data Storage”
1. Log on to PacketLogic Client of the system that runs the PacketLogic Statistics Daemon (PLSD)—this can be PRE
or PIC.
3. In the navigation pane, expand the Insights folder and select the system configuration value
INSIGHTS_TRAFFIC_ENABLED.
4. In the Value list, click True to enable traffic data export to Insights Data Storage.
Note
The Insights Data Storage traffic update interval is 5 minutes. When INSIGHTS_TRAFFIC_ENABLED
is set to True, the system configuration value STATISTICS_CONNECTION_UPDATE_INTERVAL in
the Connection Handling folder must be set to either 5 minutes (default) or 1 minute for the data
export to work properly.
5. In the navigation pane, expand the Host Stats folder and select the system configuration value
HOST_STATS_ENABLED.
6. In the Value list, click True to enable score data export to Insights Data Storage.
7. If the PacketLogic Statistics Daemon runs on PIC, log on to PacketLogic Client of PRE
217
9. Insights Data Storage
See also
1. Log on to the CLI of the system that runs the PacketLogic Statistics Daemon (PLSD)—this can be PRE or PIC.
3. To add an Insights Data Storage node, type set service statistics insights-remote hosts host_ip_address.
You do not need to specify the password, unless the default password has been changed on the Insights Data Storage
node.
Repeat this step for every node in the Insights Data Storage cluster.
4. Type commit.
See also
Note
In PacketLogic systems that use NetObjects, set the system configuration values to point to the NetObjects
that contain the relevant data.
1. In PacketLogic Client of PRE, open the Edit menu and click System Configuration.
218
9. Insights Data Storage
6. In the Description box, type the name of the Session Context schema from which data will be retrieved.
To type multiple schema names, separate them by comma without spaces between the comma and the schema
name.
7. If the PacketLogic Statistics Daemon (PLSD) runs on PIC, log on to PacketLogic Client of PIC for the following steps.
Otherwise, perform the steps on PRE.
Note
If PLSD runs on PIC, the values for INSIGHTS_USE_SESSION_CONTEXT and
INSIGHTS_SESSION_CONTEXT_SCHEMAS will be retrieved automatically from PRE.
8. In the Insights folder, select the system configuration value for the dimensions you want to export.
Some of the dimensions are mandatory for the data export to work, and some are optional. For more information, see
Section 9.2.6, “Values for data export”.
9. For each system configuration value, in the Description box, type the name of the Session Context column that
contains the relevant data.
If multiple schemas are used, the columns in each schema must have the same column names.
See also
Prerequisites: There must be a statistics rule on PRE, which matches traffic that is to be exported to Insights Data Storage. The
statistics rule does not have to be linked to a StatisticsObject.
1. In PacketLogic Client of PRE, open the Edit menu, then point to Objects & Rules and click Open Without Stealing
Resource.
3. Select the statistics rule that will be used for export to Insights Data Storage.
See also
219
9. Insights Data Storage
Subscriber identifying values are obfuscated by default when statistics are exported to Insights Data Storage. For more
information, see Section 5.6, “Subscriber identity integrity”.
See also
INSIGHTS_DIMENSIONS_SUBSCRIBER
Set this value to the subscriber identifiers.
Important
You must always specify the Session Context column that contains the subscribers. If
INSIGHTS_DIMENSIONS_SUBSCRIBER is not configured correctly, no data is exported to Insights
Data Storage.
INSIGHTS_DIMENSIONS_SERVICE_PLAN
Set this value to the names of the service plans.
INSIGHTS_DIMENSIONS_ACCESS_NODE
Set this value to the names of the access nodes.
INSIGHTS_DIMENSIONS_LOCATION
Set this value to the location identifiers (for example cell IDs in a mobile network, or names of locations in a fixed network).
INSIGHTS_DIMENSIONS_DEVICE
Set this value to the device identifiers (for example TACs or MAC addresses).
See also
220
9. Insights Data Storage
• System configuration values that begin with INSIGHTS_DIMENSIONS_* configure the dimensions to export. Most of these
values require you to specify a Session Context column that contains the relevant data. Some of the values require other
specifications, which are described below. If these values are left empty, the dimension will not be exported.
INSIGHTS_DATA_COLLECTION_SCORE_SERVICE
Set this value to True to export the service name and service category to the raw data tables for the score schema. This
value is set on PRE and will be retrieved automatically from PRE if PLSD runs on PIC. The default value is False.
INSIGHTS_DATA_COLLECTION_TRAFFIC_BGP
Set this value to True to enable export of the BGP dimensions origin AS and next N hop AS to the traffic schema. The
default value is False. The value of N is set by INSIGHTS_DIMENSIONS_BGP_EXT_N_HOP.
INSIGHTS_DATA_COLLECTION_TRAFFIC_CONNECTION
Set this value to True to enable export of connection metrics to the traffic schema. The default value is True.
INSIGHTS_DATA_COLLECTION_TRAFFIC_CONTENTLOGIC
Set this value to True to export ContentLogic categories to the traffic schema. The default value is False.
INSIGHTS_DATA_COLLECTION_TRAFFIC_LS_DEVICE_COUNT
Set this value to True to export the line sharing data device count based on timestamp detection and port block detection.
The default value is False.
INSIGHTS_DATA_COLLECTION_TRAFFIC_LS_DEVICE_ID
Set this value to True to export the line sharing data device ID and device detection type to the traffic schema. The default
value is False.
Note
Enabling INSIGHTS_DATA_COLLECTION_TRAFFIC_LS_DEVICE_ID will cause significant row
explosion in the traffic.stats table in Insights Data Storage.
INSIGHTS_DATA_COLLECTION_TRAFFIC_POLICY
Set this value to True to export metrics about policy (packet drops, latency) to the traffic schema. The default value is True.
INSIGHTS_DATA_COLLECTION_TRAFFIC_QUALITY
Set this value to True to export metrics about quality (RTT, packets, lost packets) to the traffic schema. The default value
is True.
INSIGHTS_DIMENSIONS_ACCESS_TECHNOLOGY
Configure this value to export the names of the access technologies in use, for example RAT in a mobile network or wifi
technology in a wifi network, to the traffic and score schemas.
INSIGHTS_DIMENSIONS_APN
Configure this value to export the access point names in a mobile network to the traffic and score schemas.
INSIGHTS_DIMENSIONS_BGP_EXT_N_HOP
Configure the value of N to export next N hop AS, i.e., the AS that is N hops away from the PacketLogic
towards the origin AS. The default value is 1 (the next hop). Export of BGP data must first be enabled by
INSIGHTS_DATA_COLLECTION_TRAFFIC_BGP.
INSIGHTS_DIMENSIONS_CHANNELS_DS
Configure this value to export the channels used for downstream traffic to the traffic and score schemas.
INSIGHTS_DIMENSIONS_CHANNELS_US
Configure this value to export the channels used for upstream traffic to the traffic and score schemas.
221
9. Insights Data Storage
INSIGHTS_DIMENSIONS_CUSTOM_1 ...INSIGHTS_DIMENSIONS_CUSTOM_10
Configure the custom values 1 - 10 to export the contents of any Session Context column in the ruleset to the traffic
and score schemas.
INSIGHTS_DIMENSIONS_GATEWAY
Configure this value to export the names of the gateways hosting the subscribers to the traffic and score schemas.
INSIGHTS_DIMENSIONS_GEOLOGIC_CITY
1
Specify the GeoLogic database column to export to the city column in the traffic schema.
INSIGHTS_DIMENSIONS_GEOLOGIC_COUNTRY
1
Specify the GeoLogic database column to export to the country column in the traffic schema.
INSIGHTS_DIMENSIONS_GEOLOGIC_REGION
1
Specify the GeoLogic database column to export to the region column in the traffic schema.
INSIGHTS_DIMENSIONS_INTERFACE
Configure this value to export the names of the interfaces subscribers are connected to to the traffic and score schemas.
INSIGHTS_DIMENSIONS_NETWORK
Configure this value to export the networks when the same network is used by multiple logical entities, for example a
mobile network and a fixed network sharing the same system, to the traffic and score schemas.
INSIGHTS_DIMENSIONS_SIGNATURE_DEVICE_CATEGORY
Configure this value to export the device categories used, such as "laptop", "phone", to the traffic and score schemas.
This value uses a Property name to populate the dimension. If INSIGHTS_DIMENSIONS_USE_PINNED_DEVICES is set
to True, a Session Context column can also be used. The default value is Device category.
INSIGHTS_DIMENSIONS_SIGNATURE_DEVICE_NAME
Configure this value to export the names of devices used, such as "Xbox 360", "Windows Phone",
to the traffic and score schemas. The value uses a Property name to populate the dimension. If
INSIGHTS_DIMENSIONS_USE_PINNED_DEVICES is set to True, a Session Context column can also be used. The
default value is Device name.
INSIGHTS_DIMENSIONS_SIGNATURE_SERVICE_CATEGORY
Configure this value to export the service categories used, such as "Streaming Media", "Networking", to the traffic and
score schemas. This value requires a path to a ServiceObject category. Depth can be specified to use a level below the
path. The default value is /Procera Networks Categorization/Categories.
INSIGHTS_DIMENSIONS_SITE
Configure this value to export the names of geographical sites hosting the connections, such as data centers, to the
traffic and score schemas.
INSIGHTS_DIMENSIONS_USE_PINNED_DEVICES
Set this value to True to enable the use of Session Context data in INSIGHTS_DIMENSIONS_SIGNATURE_DEVICE_NAME
and INSIGHTS_DIMENSIONS_SIGNATURE_DEVICE_CATEGORY. The default value is False.
See also
222
9. Insights Data Storage
3. Check if the system diagnostics values Traffic: Current batch spilled to disk and Score: Current batch spilled to
disk have the value 1. This means that the current batch was written to local disk. An alert will also be displayed.
4. Check the system diagnostics values Traffic: Spilled batches on disk and Score: Spilled batches on disk to see
the number of batches currently stored on local disk.
For a description of System Diagnostics values, see Appendix C, System Diagnostics Values.
See also
You add PRE as a remote system on PIC to collect statistical data from traffic passing through PRE.
You enable/disable local statistics to run/not run the PacketLogic Statistics Daemon (PLSD) locally on PRE.
Follow the procedure, but set the system configuration value INSIGHTS_TRAFFIC_ENABLED to False. Keep the system
configuration value HOST_STATS_ENABLED as True.
You enable Insights data export to send data from PacketLogic to Insights Data Storage.
5. Select the dimensions for data export to Insights Data Storage on PIC
You follow this procedure to specify which dimensions that will be used for data export to Insights Data Storage.
Configure the dimensions that were previously configured on PRE in the same way on PIC. Except for the system
configuration values that are retrieved automatically from PRE, see Section 6.2.5, “PacketLogic Statistics Daemon
(PLSD)”.
Section 9.2.4, “Selecting dimensions for data export to Insights Data Storage”
223
9. Insights Data Storage
Configure any other non-default system configuration values that were previously configured on PRE in the same way
on PIC. Except for the system configuration values that are retrieved automatically from PRE, see Section 6.2.5,
“PacketLogic Statistics Daemon (PLSD)”.
Follow the procedure, but replace the set command with delete to delete a storage node.
You add Insights Data Storage nodes as data collectors to store data from PacketLogic.
See also
• Section 9.2.4, “Selecting dimensions for data export to Insights Data Storage”
224
10. IPFIX
10.1. IPFIX export
10.2. IPFIXObject
10.3. IPFIX export workflow
10.4. IPFIX elements
10.5. Transport protocols
10.6. Flow
10.7. Sampling
This chapter describes IPFIX elements and procedures for configuring export of IPFIX records from PacketLogic systems.
225
10. IPFIX
Note
The PacketLogic must have a license for IPFIX export. This is shown in the CLI as IPFix: yes. For more
information, see PacketLogic CLI Reference Guide.
When the IPFIX export is running, you can monitor the operational status in a system diagnostics zone in PacketLogic Client.
For more information, see Section C.26, “Ipfix Exporter”.
See also
10.2. IPFIXObject
IPFIX records are built according to a template. The template is configured in an IPFIXObject, which also has a list of IPFIX
collectors. The interval with which the templates are sent to the collector is determined by the system configuration value
STATISTICS_CONNECTION_UPDATE_INTERVAL in the Connection Handling folder (5 minutes by default). Statistics rules are
used to match traffic to the IPFIXObjects. Rules that are already in use by a StatisticsObject can be used for IPFIXObjects.
See also
10.2.1. Template
IPFIX records are built according to a template. The template is configured in an IPFIXObject, which also has a list of IPFIX
collectors. The interval with which the templates are sent to the collector is determined by the system configuration value
STATISTICS_CONNECTION_UPDATE_INTERVAL in the Connection Handling folder (5 minutes by default). Statistics rules are
used to match traffic to the IPFIXObjects. Rules that are already in use by a StatisticsObject can be used for IPFIXObjects.
226
10. IPFIX
The templates specify the format in which the data will be built and which values that will be exported in the IPFIX records. You
can export standard IPFIX elements and enterprise-specific elements. For a list of all available elements, see Section 10.4,
“IPFIX elements”.
Some of the enterprise-specific elements require additional specifications to point out the relevant values to be exported.
• Specify the name of a property of the flow for proceraProperty in the Value box. To separate different types of properties,
the data will be exported in the format property_type=property_value. For example, the property Device name with the value
computer will be exported as Device name=computer.
• Specify a GeoLogic database column for proceraRemoteGeoIP in the Value box. To separate different GeoIP columns,
the data will be exported in the format column_name=column_value. For example, the column country with the value USA
will be exported as country=USA.
• Specify Session Context data provisioned by PSM on the format schema_name/column_name in the Value box. For
example, session/subscriberOid.
• Specify the path to a ServiceObject by entering the root, which is the level of the ServiceObject tree where the path should
start, in the Value box, and the depth, which is how deep the path should go from that point, in the Depth list. See the
examples below.
Assume that the IPFIX exporter is exporting an HTTP connection that matches the ServiceObject path Procera Networks
Categorization/Categories/Web Browsing/HTTP.
• If you set the root to Procera Networks Categorization/Categories and the depth to 1, the string "Web Browsing" is exported.
• If you set the root to Procera Networks Categorization/Categories and the depth to 2, the string "Web Browsing/HTTP"
is exported.
Assume that the IPFIX exporter is exporting an HTTP connection. The HTTP connection matches both of the following
ServiceObject paths:
If you set the root to either Procera Networks Categorization/Categories or to Procera Networks Categorization/Protocols, you
specify which part of the ServiceObject tree to include in the IPFIX export.
See also
10.2.2. Collector
You can export records build by an IPFIXObject to one or more IPFIX collectors. This allows flexible collector configurations that
can be set up to be redundant, load balancing, or both. At least one collector must be added in the IPFIXObject, otherwise no
IPFIX records will be exported for the object.
227
10. IPFIX
See also
You configure IPFIXObjects to build IPFIX records for export to an IPFIX collector.
You configure a statistics rule to select which traffic that will be used to build IPFIX records.
You change IPFIX system configuration values to enable or configure IPFIX export.
Specify the flow definition with the system configuration value IPFIX_FLOW_DEFINITION. For more information, see
Section 10.6, “Flow”.
You change IPFIX system configuration values to enable or configure IPFIX export.
Specify the sampling percentage with the system configuration value IPFIX_SAMPLING_PERCENT. For more information,
see Section 10.7, “Sampling”.
You change IPFIX system configuration values to enable or configure IPFIX export.
228
10. IPFIX
See also
To configure an IPFIXObject
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
7. On the Template tab, in the Available Fields list, click a field, and then click the right-pointing arrow to add the field
to the template.
Repeat this step to add all the fields that you want to export.
8. If the field requires additional specification, enter any data in the Value box and/or Depth list. For more information,
see Section 10.2.1, “Template”.
10. In the Dialog, type the IPv4 address and port of a collector, and then click OK.
See also
229
10. IPFIX
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
6. In the workspace, click the plus icon, point to Add Condition, and then click New Condition.
For more information about how to configure conditions, see Section 6.6.2.1, “Use conditions to create rules” in
PacketLogic Real-Time Enforcement product guide.
7. In the navigation pane, expand the new rule and click IPFIXObjects.
8. In the Available list, click an IPFIXObject, and then click the right-pointing arrow to add the object to the rule.
See also
See also
230
10. IPFIX
Subscriber identifying values are obfuscated by default when statistics are exported as IPFIX records. For more information, see
Section 5.6, “Subscriber identity integrity”.
See also
bgpDestinationAsNumber 17
bgpSourceAsNumber 16
destinationIPv4Address 12
destinationIPv6Address 28
destinationTransportPort 11
egressInterface 14
flowEndMilliseconds 153
flowStartMilliseconds 152
flowEndSeconds 151
flowStartSeconds 150
ingressInterface 10
observationPointId 138
octetTotalCount 85
packetTotalCount 86
postNAPTDestinationTransportPort 228
postNAPTSourceTransportPort 227
postNATDestinationIPv4Address 226
postNATSourceIPv4Address 225
protocolIdentifier 4
sourceIPv4Address 8
sourceIPv6Address 27
sourceTransportPort 7
231
10. IPFIX
See also
proceraExternalJitter 68 signed32 The jitter value is the variance of the external RTT
samples. The value -1 represents 'no data'.
232
10. IPFIX
proceraIncomingDot1qPriorityLevel2 60 signed8 Exports the PCP (priority code point) of the VLAN
header on level 2 for incoming traffic. A value of
-1 means that no VLAN priority data is available for
this level.
proceraIncomingDot1qPriorityLevel3 61 signed8 Exports the PCP (priority code point) of the VLAN
header on level 3 for incoming traffic. A value of
-1 means that no VLAN priority data is available for
this level.
proceraIncomingDot1qPriorityLevel4 62 signed8 Exports the PCP (priority code point) of the VLAN
header on level 4 for incoming traffic. A value of
-1 means that no VLAN priority data is available for
this level.
233
10. IPFIX
proceraIncomingDscp 49 unsigned8 Exports the DSCP value for the incoming traffic of
the flow.
proceraInternalJitter 67 signed32 The jitter value is the variance of the internal RTT
samples. The value -1 represents 'no data'.
proceraOutgoingDot1qPriorityLevel2 64 signed8 Exports the PCP (priority code point) of the VLAN
header on level 2 for incoming traffic. A value of
-1 means that no VLAN priority data is available for
this level.
234
10. IPFIX
proceraOutgoingDot1qPriorityLevel3 65 signed8 Exports the PCP (priority code point) of the VLAN
header on level 3 for incoming traffic. A value of
-1 means that no VLAN priority data is available for
this level.
proceraOutgoingDot1qPriorityLevel4 66 signed8 Exports the PCP (priority code point) of the VLAN
header on level 4 for incoming traffic. A value of
-1 means that no VLAN priority data is available for
this level.
proceraOutgoingDscp 50 unsigned8 Exports the DSCP value for the outgoing traffic of
the flow.
235
10. IPFIX
proceraRemoteIPv4Host 44 ipv4Address Exports the IPv4 address of the remote host of the
flow.
proceraRemoteIPv6Host 45 ipv6Address Exports the IPv6 address of the remote host of the
flow.
236
10. IPFIX
See also
The maximum length of the IPFIX message is 1472 bytes by default. If you use UDP to export IPFIX records, the maximum
message length cannot be larger than the maximum transmission unit (MTU) according to RFC7011. You change the protocol
with the system configuration value IPFIX_MESSAGE_MAX_LENGTH.
See also
10.6. Flow
The IPFIX flow definition specifies how often records are exported. With intermediate flow configured, you can export records
for parts of connections (flows) and increase the time resolution of the collected data. The IPFIX_FLOW_DEFINITION system
configuration value can have the value 0 = intermediate flow (default value), or 1 = full flow.
Intermediate flow
Intermediate flow means that one IPFIX record is exported per PacketLogic connection and statistics connection update
interval. The STATISTICS_CONNECTION_UPDATE_INTERVAL system configuration value in the Connection Handling
folder defines this interval.
237
10. IPFIX
If a connection was created and terminated within the same interval, the start time and end time of the IPFIX record are
the same as for the connection. That is, the start time is when the connection was first seen in Engine. The end time is
the time when the connection was terminated and the final connection update was sent from Engine to the PacketLogic
Statistics Daemon (PLSD).
However, if the connection lasts for more than one statistics connection update interval, it is split over multiple IPFIX
records. The first record has the same start time as the connection. The end time corresponds to the time when the last
connection update for the current statistics connection update interval was sent from Engine.
Note
The end time of the statistics connection update interval is the time when the connection update for
the interval was sent from Engine to PLSD. This time can be anytime within the last connection update
interval of the statistics connection update interval. The CONNECTION_UPDATE_INTERVAL system
configuration value in the Connection Handling folder defines the connection update interval.
The next one or more IPFIX records have the start time set to the same value as the end time of the previous record. The
end time of the last record is when the connection was terminated and the final connection update was sent to PLSD.
The figure illustrates the start time and end time of two connections, (1) and (2). The first connection (1) starts and ends
within the same statistics connection update interval (3) and corresponds to one IPFIX record. The start time of the record
is t0 and the end time is t1.
The second connection (2) spans over three statistics connection update intervals and corresponds to three IPFIX records.
The first record has start time t2 and end time t3, the next record has start time t3 and end time t4, and the last record has
start time t4 and end time t5. The end time of the first and second records is anytime within the last connection update
interval (4) of the statistics connection update interval.
The start time for records with intermediate flow is handled differently in cases where PLSD connects (or reconnects) to
the PacketLogic Daemon (PLD). All IPFIX records, which correspond to a connection in the connection table in Engine at
the time when PLSD connects, get the start time set to the start of the current statistics connection update interval.
Full flow
In full flow, one connection in PacketLogic corresponds to one IPFIX record. The start time of the record is the start time
of the connection, which is when the connection was first seen in Engine. The end time is the time when the connection
was terminated and the final connection update was sent from Engine to PLSD.
See also
238
10. IPFIX
10.7. Sampling
You can reduce the number of exported IPFIX records by configuring IPFIX sampling. The sampling is performed on connections,
not on statistics update intervals or IPFIX records. This means that when a connection is selected by the sampling process, all
IPFIX records relating to that connection will be exported.
• In full flow configurations, each connection that is selected by the sampling process will result in one flow and one IPFIX
record.
• In intermediate flow configurations, a connection may result in one or more flows. If the connection is selected by the
sampling process, each flow in that connection will result in an IPFIX record.
You specify the percentage of connections that will be used in the IPFIX record sample with the system configuration value
IPFIX_SAMPLING_PERCENT.
See also
239
240
11. Connection logging
11.1. About connection logging
11.2. Configuring a statistics rule to log connections
11.3. Connection search
241
11. Connection logging
Note
You need a license to use connection logging and connection search. This is shown as Connection search:
yes in the CLI. For more information, see the PacketLogic CLI Reference Guide.
You configure the search functionality with the system configuration value PLS_CONNLOG_SEARCHABLE_CRITERIAS in the
Statistics folder. This system configuration value holds a comma-separated list of criteria available for searches in the connection
log. An empty list means that all criteria will be searchable. Performance and storage space are greatly affected by connection
logging, therefore you should only select relevant searchable criteria. For more information about performance configuration and
considerations, see Section 6.5, “Performance considerations”.
• SERVER
• CLIENT
• CLIENTPORT
• SERVERPORT
• PROTOCOL
• SERVICE
• SERVERHOST
• HOST
• SERVER_IPV6
• CLIENT_IPV6
• HOST_IPV6
• NATCLIENT
• NATSERVER
• NATHOST
• NATCLIENTPORT
• NATSERVERPORT
All connection logging data will be stored regardless of how many searchable criteria are selected, but only the selected criteria,
along with start time and end time of the connection, will be available as search criteria in the Connection Search tool in
PacketLogic Client. The connection logging only stores information about the connections, and not the corresponding packet
242
11. Connection logging
data. To obtain entire packets for debugging purposes, use the Monitor Interface option in a filtering rule to duplicate packets to
the PacketLogic PCAP Writer or to a packet analysis tools. For more information, see Section 7.10.4, “Monitor” in PacketLogic
Real-Time Enforcement product guide.
For every connection, the following information will be stored and available for display in the client when you perform a connection
search:
• Start Time
• End Time
• Client
• Server
• Client Port
• Server Port
• Protocol
• Service
• Server Hostname
• Incoming
• Outgoing
• Flags
• NetObjects
See also
243
11. Connection logging
2. On the Edit menu, point to Objects & Rules, and then click Open Without Stealing Resource.
3. In the navigation pane, expand the Statistics rules folder, and select a statistics rule.
See also
A set of hosts connect to the Internet through a NAT appliance. An abuse case is reported which states that someone
from the host 1.2.3.4 has attacked their web server. The host 1.2.3.4 is the external interface of the NAT appliance and the
PacketLogic is placed behind the NAT, to be able to log the connections made by the private hosts. A search for the host name
"www.webserver.com" returns the results of which private address that has performed the attack.
The connection search takes a set of criteria as input and returns a result set. Searching will query the connection database
for connections that match the criteria. The criteria only support exact positive matches, thus, it is not possible to search for
something which is NOT EQUAL to something. Criteria that are not defined are set to ANY. At least one criterion must be
given to perform a search.
• Client: The IPv4 address, IPv6 address, or port of the client. It can be entered as an exact match or as s range.
• Server: The IPv4 address, IPv6 address, port, or host name of the server. IP addresses and ports can be entered as an
exact match or as a range.
• Host: The IPv4 or IPv6 address of the client or the server. It can be entered as an exact match or as a range.
• Start Time Interval: A time interval during which the connection was initiated.
• End Time Interval: A time interval during which the connection ended.
• Rewrite Client: The IPv4 address or port after NAT rewrite of the client. It can be entered as an exact match or as a range.
• Rewrite Server: The IPv4 address or port after NAT rewrite of the server. It can be entered as an exact match or as a range.
244
11. Connection logging
• Rewrite Host: The IPv4 address of the client or the server after NAT rewrite It can be entered as an exact match or as
a range.
The Start Time Interval and End Time Interval criteria will always be available when performing a connection search. Use End
Time Interval as a search criterion to effectively limit the search result.
To optimize the search, only specify the necessary fields. The more criteria added to the search, the more specific the result will
be, but it will take longer time to produce the results. For example, search only the service "http", instead of the service "http",
the Protocol "TCP", and the Server Port "80". Both "TCP" and "80" are obvious information in this case.
See also
3. In the Connection Search window, click Add Criteria, and click the criteria you want to search by.
4. Enter values for the added criteria, and then click Search.
See also
245
246
Appendix A. Statistics fields
The field references use the following structure:
StatisticsObject field name The field name used in the StatisticsObject field configuration in
Python API field name The field name used in the Python API
Report Studio field name The field name used in Report Studio
SQL interface field name The field name used in the SQL interface
Insights Data Storage column name The column name used in Insights Data Storage
Unit bytes
Outgoing Bytes
Unit bytes
Total Bytes
Unit bytes
247
Appendix A. Statistics fields
Total Bytes
StatisticsObject field name This field is not selectable in the field configuration of a StatisticsObject.
Connections
Unestablished Connections
Incoming Connections
248
Appendix A. Statistics fields
Incoming Connections
Outgoing Connections
The maximum number of concurrent incoming connections during the time interval.
249
Appendix A. Statistics fields
The maximum number of concurrent outgoing connections during the time interval.
Incoming Packets
250
Appendix A. Statistics fields
Incoming Packets
Outgoing Packets
The average time in milliseconds that incoming packets are buffered due to shaping. Depending on how a ShapingObject is
configured, latency is added to packets belonging to connections that match the shaping rules linked to the object.
See the PacketLogic Real-Time Enforcement Product Guide for information about traffic shaping.
Unit ms
The average time in milliseconds that outgoing packets are buffered due to shaping. Depending on how a ShapingObject is
configured, latency is added to packets belonging to connections that match the shaping rules linked to the object.
See the PacketLogic Real-Time Enforcement Product Guide for information about traffic shaping.
Unit ms
Sub-Item Count
Sub-Item Count is used in the Statistics viewer in PacketLogic Client. Separate sub-item count fields are included and
accounted for depending on the object types used in the distribution of the StatisticsObject. See Section A.6, “Sub-item
count statistics” for all types of sub-item counts.
251
Appendix A. Statistics fields
Sub-Item Count
Incoming Quality (Internal) is calculated by dividing the number of incoming packets dropped on the internal side of PRE by
the number of incoming TCP packets (Incoming Quality Packets).
See Section 5.4.1, “Connection quality measurement” for a description of the PacketLogic quality measurement.
Unit %
Outgoing Quality (Internal) is calculated by dividing the number of outgoing packets dropped on the internal side of PRE by
the number of outgoing TCP packets (Outgoing Quality Packets).
See Section 5.4.1, “Connection quality measurement” for a description of the PacketLogic quality measurement.
Unit %
Incoming Quality (External) is calculated by dividing the number of incoming packets dropped on the external side of PRE by
the number of incoming TCP packets (Incoming Quality Packets).
See Section 5.4.1, “Connection quality measurement” for a description of the PacketLogic quality measurement.
Unit %
Outgoing Quality (External) is calculated by dividing the number of outgoing packets dropped on the external side of PRE by
the number of outgoing TCP packets (Outgoing Quality Packets).
252
Appendix A. Statistics fields
Unit %
The average time in milliseconds for the internal handshake RTT (Round Trip Time). Note that the Handshake RTT metric
also contains RTT based on Timestamp option.
See also Section 5.4.2, “Handshake Round-Trip Time (RTT)” and Section 5.4.3, “Timestamp option based Round-
Trip Time (RTT)”.
Unit ms
The average time in milliseconds for the external handshake RTT (Round Trip Time). Note that the Handshake RTT metric
also contains RTT based on Timestamp option.
See also Section 5.4.2, “Handshake Round-Trip Time (RTT)” and Section 5.4.3, “Timestamp option based Round-
Trip Time (RTT)”.
Unit ms
Legacy field.
Unit %
Legacy field.
253
Appendix A. Statistics fields
Unit %
The number of dropped packets in incoming traffic on the external side of PRE. This field is stored automatically when
Incoming Quality (External) is selected in the Fields configuration.
For information about the PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
The number of dropped packets in outgoing traffic on the internal side of PRE. This field is stored automatically when
Outgoing Quality (Internal) is selected in the Fields configuration.
For information about the PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
The number of retransmitted packets in incoming traffic on the internal side of PRE. This field is stored automatically when
Incoming Quality (Internal) is selected in the Fields configuration.
254
Appendix A. Statistics fields
The number of retransmitted packets in outgoing traffic on the internal side of PRE. This field is stored automatically when
Outgoing Quality (External) is selected in the Fields configuration.
For information about the PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
Unit bps
Unit can be selected when using the Python API (bps or bytes).
Outgoing bps
Unit bps
Unit can be selected when using the Python API (bps or bytes).
255
Appendix A. Statistics fields
Outgoing bps
Total bps
The total throughput. Total bps is calculated from Incoming Bytes and Outgoing Bytes.
Unit bps
StatisticsObject field name This field is not selectable in the field configuration of a StatisticsObject.
Unit can be selected when using the Python API (bps or bytes).
CPS
Unit cps
Unestablished CPS
Unit cps
256
Appendix A. Statistics fields
Unestablished CPS
Incoming CPS
Unit cps
Outgoing CPS
Unit cps
Unit cps
Unit cps
257
Appendix A. Statistics fields
The maximum number of concurrent incoming connections during the graph time interval.
The maximum number of concurrent outgoing connections during the graph time interval.
Incoming Packets
258
Appendix A. Statistics fields
Incoming Packets
Outgoing Packets
The average time in milliseconds that incoming packets are buffered due to shaping. Depending on how a ShapingObject is
configured, latency is added to packets belonging to connections that match the shaping rules linked to the object.
See the PacketLogic Product Guide for information about traffic shaping.
Unit ms
The average time in milliseconds that outgoing packets are buffered due to shaping. Depending on how a ShapingObject is
configured, latency is added to packets belonging to connections that match the shaping rules linked to the object.
See the PacketLogic Product Guide for information about traffic shaping.
Unit ms
Sub-Item Count
The number of sub-items. Sub-Item Count is used in the Statistics viewer in PacketLogic client. Separate sub-item count
fields are included and accounted for depending on the object types used in the distribution of the StatisticsObject. See
Section A.6, “Sub-item count statistics” for all types of sub-item counts.
The internal incoming quality index. Incoming Quality (Internal) is calculated by dividing the number of incoming packets
dropped on the internal side of PRE by the number of incoming TCP packets (Incoming Quality Packets).
259
Appendix A. Statistics fields
Unit %
The internal outgoing quality index. Outgoing Quality (Internal) is calculated by dividing the number of outgoing packets
dropped on the internal side of PRE by the number of incoming TCP packets (Outgoing Quality Packets).
See Section 5.4.1, “Connection quality measurement” for a description of the PacketLogic quality measurement.
Unit %
The external incoming quality index. Incoming Quality (External) is calculated by dividing the number of incoming packets
dropped on the external side of PRE by the number of incoming TCP packets (Incoming Quality Packets).
See Section 5.4.1, “Connection quality measurement” for a description of the PacketLogic quality measurement.
Unit %
The external outgoing quality index. Outgoing Quality (External) is calculated by dividing the number of outgoing packets
dropped on the external side of PRE by the number of incoming TCP packets (Outgoing Quality Packets).
See Section 5.4.1, “Connection quality measurement” for a description of the PacketLogic quality measurement.
Unit %
260
Appendix A. Statistics fields
The average time in milliseconds for the internal handshake RTT (Round Trip Time). Note that the Handshake RTT metric
also contains RTT based on Timestamp option.
See also Section 5.4.2, “Handshake Round-Trip Time (RTT)” and Section 5.4.3, “Timestamp option based Round-
Trip Time (RTT)”.
Unit ms
The average time in milliseconds for the external handshake RTT (Round Trip Time). Note that the Handshake RTT metric
also contains RTT based on Timestamp option.
See also Section 5.4.2, “Handshake Round-Trip Time (RTT)” and Section 5.4.3, “Timestamp option based Round-
Trip Time (RTT)”.
Unit ms
Legacy field.
Legacy field.
261
Appendix A. Statistics fields
The number of dropped packets in incoming traffic on the external side of PRE during the time interval. This field is stored
automatically when Incoming Quality (External) is selected in the Fields configuration.
For information about the PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
The number of dropped packets in outgoing traffic on the internal side of PRE during the time interval. This field is stored
automatically when Outgoing Quality (Internal) is selected in the Fields configuration.
For information about the PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
The number of retransmitted packets in incoming traffic on the internal side of PRE during the time interval. This field is
stored automatically when Incoming Quality (Internal) is selected in the Fields configuration.
For information about the PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
The number of retransmitted packets in outgoing traffic on the external side of PRE during the time interval. This field is
stored automatically when Outgoing Quality (External) is selected in the Fields configuration.
For information about the PacketLogic quality measurement, see Section 5.4.1, “Connection quality measurement”.
262
Appendix A. Statistics fields
Unit %
Unit %
Unit bps
Unit bps
TX Packets
263
Appendix A. Statistics fields
TX Packets
RX Bytes
Unit bytes
TX Bytes
Unit bytes
RX Errors
TX Errors
RX Drops
TX Drops
264
Appendix A. Statistics fields
RX Packets
TX Packets
RX Speed
Unit bps
Unit can be selected when using the Python API (bps or bytes).
TX Speed
Unit bps
Unit can be selected when using the Python API (bps or bytes).
RX Errors
TX Errors
RX Drops
265
Appendix A. Statistics fields
RX Drops
TX Drops
266
Appendix A. Statistics fields
267
Appendix A. Statistics fields
Sub-Item Count
Sub-item Count.
NetObject subitem_count_netobject
ServiceObject subitem_count_service_object
Service subitem_count_service
268
Appendix A. Statistics fields
In Vlan ID subitem_count_vlan_in
IP Protocol subitem_count_ipprotocol
Link
In DCSP subitem_count_dscp_in
In Channel subitem_count_channel_in
In MPLS subitem_count_mpls_in
Origin AS subitem_count_origin_as
Property subitem_count_property
subitem_count_content_category
269
270
Appendix B. System Configuration Values
B.1. Introduction
This section describes the system configuration values available in PacketLogic. The system configuration values are viewed
and modified in the System Configuration Editor in the PacketLogic client (see Section 3.22, “System Configuration Editor
window”).
The system configuration values are divided into sections according to the function they relate to. Values that are changed from
the default are marked in bold, and the sections in which changed values exist are also marked in bold.
For each value, the system configuration shows a brief description, default, minimum, and maximum values, and the current
value. A button to reset the value to the default is next to the current setting of the value. Information is shown on when the
value was last changed and by whom. The Requires field lists the components that need to be restarted for a change in
the value to take effect.
A soft limit mode is available for setting system configuration values outside of the recommended values. This makes the system
more flexible. To enable the soft limit mode open the System configuration editor, click on the value to change, and use the
shortcut Ctrl+Alt+i (Windows/Linux) or Cmd+Alt+i (Mac).
Warning
Setting a system configuration value outside of the recommended values increases the risk of damage
to the system. You must consult with your local Sandvine support representative before setting a system
configuration value outside of the recommended values. Fail to consult with Sandvine and all responsibility
will be transferred to you.
After the soft limit mode is enabled ANY positive or negative 64-bit number can be set.
Note
Entering a very large number will of course make no sense in most cases.
To set another value select the next value and use the shortcut again.
To exit the soft limit mode, the value must be set to between minimum and maximum recommended values, and the System
configuration editor must be restarted.
Restart Engine
On PL15000/PL20000 systems, restart the flow processors using the reboot-chassis-components command. On
all other systems, use the reload-core-services command.
271
Appendix B. System Configuration Values
Restart LB
Only applicable on PL15000/PL20000 systems. Restart the load balancers using the reboot-chassis-components
command.
Recompile ruleset
Requires a ruleset recompilation/reload to take effect.
B.2. BGP
BGP_ALLOW_IBGP_WITH_PREPEND
Allow iBGP connection to BGP-peer/server. BGP_MYAS will be prepended to each AS-path."
BGP_COMMUNITY_ENABLED
Enable displaying BGP communities
BGP_ENABLED
Enable the BGP function in PacketLogic
BGP_MAX_COMMUNITIES
Maximum number of communities in an UPDATE.
BGP_MYAS
BGP AS number this system will identify itself as. May not be same as the BGP-peer. Connection must be eBGP. Private
AS range is 64512-65534 inclusive for 16-bit AS numbers, 4200000000-4294967294 inclusive for 32-bit AS numbers.
BGP_PATH_CUTOFF
If non-zero, AS-paths will be limited to this number of hops
BGP_SERVER
Comma-separated list of IP addresses of remote BGP servers
BGP_TCP_MD5_PASSWORD
BGP TCP MD5 password (RFC2385)
CONNECTION_PROT_HOST_MAX
The maximum number of connections for a host to use to calculate the connection rate.
CONNECTION_SEND_SHAPING_SPLITCOPY_INFO
Send shaping object stats to LiveView. Required in order to collect data properly for Shaping Object related filters and
distributions.
272
Appendix B. System Configuration Values
CONNECTION_SEND_UPDATES_FOR_UNESTABLISHED
Determines whether to send connection updates to LiveView and statistics for connections that has never reached an
established state.
CONNECTION_UPDATES_DDOS_FILTER
Determines whether connection updates to LiveView and statistics shall be filtered out for connections that have only
had one single packet transfered in total.
CONNECTION_UPDATE_INTERVAL
Interval in seconds between connection updates from engine
CONNPROT_MODE_DEST_HOST_ACCOUNTED
Enable/disable connection protection on single destination hosts.
CONNPROT_MODE_ESTABLISHED
Only account unestablished connections towards connection protection threshold.
CONNPROT_THRESHHOLD
Number of connections per second before enabling connection protection (0 disables connection protection)
DYNAMIC_NATCFG_CACHE_TIMEOUT
Number of seconds to wait before removing unused dynamic natcfg entries, to avoid subscribers switching IP addresses
between connections.
LLID_FIELDS
Which fields should be included when calculating the link-level hash.
MAX_CONNECTIONS
Maximum number of simultaneously accounted connections
MAX_CONNECTION_HOSTNAMES
Maximum number of connection hostnames
NAT_ALG_FTP
Enable NAT FTP ALG support
NAT_ALG_FTP_MAX_DATA_CONNECTIONS
Maximum number of open data connections per FTP session
NAT_ALG_PPTP
Enable NAT PPTP ALG support
NAT_ALG_PPTP_MAX_CALLS
Maximum number of calls per PPTP session
NAT_ALG_RTSP
Enable NAT RTSP ALG support
NAT_ALG_RTSP_MAX_STREAM_CHANNELS
Maximum number of open stream channels per RTSP session
NAT_DETERMINISTIC_MIN_POOL_SIZE
Least number of consecutive NAT addresses per pool. 0 disables functionality. Can be
{2,4,8,16,32,64,128,256,512,1024,2048,4096}. Needs to be active_fps^2 for even rebalancing, and each NAT exit
pool must contain only one IP range.
NAT_DETERMINISTIC_NAT_IP
Always assign a deterministic NAT IP for a source IP address. If no port blocks are available for that IP, the packet will
be dropped.
273
Appendix B. System Configuration Values
NAT_DYNAMIC_IP_SEARCH_LENGTH
The maximum number of IP address candidates allowed to test when chosing a rewrite IP address. A higher number may
result in slower searches but may give a better result.
NAT_EIF_ENABLED
Enable Endpoint-Independent Filtering (full cone) NAT behaviour.
NAT_EIF_ENTRIES
Number of passback entries to allocate, will never be less than MAX_CONNECTIONS * REDIRECT_HDR_PERCENT /
100.
NAT_EIF_FORWARD_UNKNOWN
Forward packets un-rewitten if destined to external NAT address but no passback was found for the port.
NAT_GENERIC_TTL
TTL in seconds for NATed generic connections
NAT_ICMP_TTL
TTL in seconds for NATed ICMP connections
NAT_NUM_SRC_ADDRS
Number of NAT ipaddresses configurable
NAT_PBA_GRANULARITY_HIGH
Default number of ports in each port block in the high port range (1024 and above) for NAT pools
NAT_PBA_GRANULARITY_LOW
Default number of ports in each port block in the low port range (1023 and below) for NAT pools. Value 0 disables the usage
of low NAT ports (low source ports will be NATed to high ports, if available). If set to 0 NAT_PBA_MAX_BLOCKS_LOW
must be set to 0
NAT_PBA_MAX_BLOCKS_HIGH
Default number of port blocks allowed in the high port range (1024 and above) per subscriber and pool
NAT_PBA_MAX_BLOCKS_LOW
Default number of port blocks allowed in the low port range (1023 and below) per subscriber and pool. If set to 0
NAT_PBA_GRANULARITY_LOW must be set to 0
NAT_PBA_MAX_POOLS
Maximum number of NAT pools configurable
NAT_PBA_NUM_PORTBLOCKS
Number of NAT portblocks
NAT_PBA_REUSE_FIRST
Allocate ports from blocks in ascending block allocation order
NAT_PBA_SYSLOG_TARGET
Where to send syslog events related to port block usage ( udp:<ip>:<port> )
NAT_PBA_SYSLOG_UPDATE_INTERVAL
How often (minutes) to send interim port block usage event log
NAT_SERVICE_TTL_USE_BASE_SERVICE
Use base service for service specific NAT TTL
NAT_TCP_CLOSING_TTL
TTL in seconds for NATed TCP connections in closing phase
NAT_TCP_ESTABLISHED_TTL
TTL in seconds for NATed TCP connections in established phase
274
Appendix B. System Configuration Values
NAT_TCP_PARTIAL_OPEN_TTL
TTL in seconds for NATed TCP connections in partial open phase
NAT_TCP_TIME_WAIT_TTL
TTL in seconds for NATed TCP connections in TIME-WAIT phase
NAT_UDP_INBOUND_REFRESH
Reset the TTL for NATed UDP connection on receiving an inbound packet
NAT_UDP_TTL
TTL in seconds for NATed UDP connections
NAT_UNHANDLED_PROTOCOLS
Rewrite source-ip of protocols that are otherwise not handled. Port block logging is not performed for these protocols.
REDIRECT_HDR_PERCENT
Percent of the total number of connections that are allowed to be rewritten as part of NAT. For example, 50 means 50%,
so half of connections can be rewritten.
REWRITE_LOG
Log connection rewrites
SHUNT_CONNECTION_FAILURES
Enable shunting traffic when a connection cannot be allocated, because the number of connections is too high. Shunted
traffic is not analyzed, accounted or managed, but immediately forwarded.
STATISTICS_CONNECTION_UPDATE_INTERVAL
The interval with which engine sends connection updates to statistics clients. Must be a multiple of and greater than
CONNECTION_UPDATE_INTERVAL.
TCPV4_TTL
TTL in seconds for established TCP connections
TCPV4_TTL_ASYMMETRIC
TTL in seconds for asymmetric TCP connections
TCPV4_TTL_BEING_ANALYZED
TTL in seconds for TCP connections with service Being Analyzed
TCPV4_TTL_UNTRACKED
TTL in seconds for untracked TCP connections
TCP_KEEP_RSTD_FLOWS
Keep TCP connections a short while after RST to handle lost/ignored RST
TCP_OUTOFSYNC_SEGMENTS_LIMIT
Number of TCP segments to buffer before marking a connection as out of sync
TCP_OUTOFWINDOW_SEGMENTS_LIMIT
Number of out of window TCP segments before marking a connection as out of sync
TCP_SEGMENT_TTL
TTL in seconds for segmented connections
TCP_TTL_CLOSED
TTL in seconds for closed TCP connections
TRIGGER_ON_CONNPROT_HOSTS
Send triggers when hosts are hitting connection protection
UDP_KEEP_RSTD_FLOWS
Keep UDP connections a short while after reject to handle lost/ignored icmp packets
275
Appendix B. System Configuration Values
UDP_RESPONSE_RTT_AS_HANDSHAKE_RTT
Use time-from-first-request-packet-to-first-response-packet as 'Handshake RTT' for UDP connections
UDP_TTL
TTL in seconds for UDP connections
B.4. Connsync
CONNSYNC_ENABLED
Enable flow (connection) synchronization
NATSYNC_ENABLED
Enables the NATsync protocol which is used to synchronize private to public IP address mappings and port block
allocations in asymmetric traffic environment. The NATsync protocol uses FlowSync interfaces to communicate with peers.
NATSYNC_ID
Unique number to identify each PRE participating in NATsync. Must be non-zero when NATsync is used. Values
must be contiguous within a cluster and start with 1. The highest NATSYNC_ID used in a cluster should be equal to
NATSYNC_NUM_SYSTEMS.
NATSYNC_NUM_SYSTEMS
The number of systems forming the NATsync cluster. This value cannot be 0 when NATsync is enabled. This should be
equal to the highest NATSYNC_ID in a cluster.
NATSYNC_PASSBACK_EXPIRATION_TIME
The time in seconds a NAT mapping created by NATsync will exist without matching traffic seen on the local system.
NATSYNC_PERIODIC_SYNC_INTERVAL
Interval (seconds) with which periodic broadcast NATsync messages are sent. If this interval is shorter than
CONNECTION_UPDATE_INTERVAL, this interval is overridden by CONNECTION_UPDATE_INTERVAL.
B.5. ContentLogic
CONTENTLOGIC_ENABLED
Enable ContentLogic
CONTENTLOGIC_TABLE_SIZE
Maximum number of entries, in the lookup table. This number is generally larger than the number of URLs.
B.6. DRDL
CONNECTION_PROP_BUFFERS
Maximum number of DRDL temporary buffers
DRDL_ASYMMETRIC_ENABLED
Enable asymmetric signatures
DRDL_BINCODE_ENABLED
Enable execution of bincode within DRDL
DRDL_ENABLED
Enable DRDL content recognition
276
Appendix B. System Configuration Values
DRDL_MAX_VS_ARM_SIZE
Maximum size for compiled Virtual Services files
DRDL_QUEUE_MODE
Determines if packets taking too long (more than 2 ms for a batch of packets) to analyze in DRDL are enqueued until the
CPU has idle cycles for analysis. Enqueues as follows: 0 = never, 1 = non-TCP packets in the batch, 2 = all packets
in the batch.
DRDL_QUEUE_SIZE
The number of packets that is allowed to be queued for later processing
DRDL_SLICE_STATE_STRUCTURES
Maximum number of DRDL slice_state structures. Set to 0 for same as MAX_CONNECTIONS.
DRDL_TAINT_STORE_SIZE
Size of store used for DRDL connection tainting. This value will be rounded up to the closest larger power of 2.
DRDL_UCAP_MAXFILES
UCAP: Maximum number of files to save with packet captures of unknown connections
DRDL_UCAP_PKTQUEUES
UCAP: Maximum number of current connections to track for connections marked as unknown by DRDL. Set to 0 to
turn feature off
SERVICE_CHILD_POOLSIZE
Maximum number of waiting childconnections
SERVICE_DNS_POOLSIZE
Maximum number of DNS records
SERVICE_KVSTORE_POOLSIZE
Maximum number of DRDL Key-Value store entries
SERVICE_PROP_POOLSIZE_128
Maximum number of service property strings of size 128
SERVICE_PROP_POOLSIZE_2048
Maximum number of service property strings of size 2048
SERVICE_PROP_POOLSIZE_256
Maximum number of service property strings of size 256
SERVICE_PROP_POOLSIZE_32
Maximum number of service property strings of size 32
B.7. Debugging
OUTPUT_CONNPROT_HOSTS
Output hosts that are hitting connection protection
B.8. Divert
DIVERT_ARP_ENABLED
Disable transmitting ARP packets on divert channels.
277
Appendix B. System Configuration Values
DIVERT_HB_MAX_LOST
Maximum number of lost heartbeat packets before disabling the divert channel
DIVERT_HB_MS
Number of milliseconds between heartbeat packets to the divert channel
DIVERT_HB_RECOVERY
Minimum number of successful heartbeat packets in sequence before enabling the divert channel
DIVERT_HOST_USE_EXTERNAL
When enabled: use both internal and external ipaddresses when creating divert hosts. When disabled: only use internal
ipaddress when creating divert hosts.
DIVERT_INJECT_FAIL_ACTION
Action that shall be taken when there is a failure in inject data of divert rule. 0 - divert with truncated property/no inject,
1 - drop and 2 - no divert.
DIVERT_IPV6_ENABLED
Enable diverting IPv6 packets. Third party devices might not support IPv6 and may thus not forward them.
DIVERT_L3_TTL_INC
Amount that IPv4 TTL should be increased by when divert is operating in L3 mode
DIVERT_MAX_PROXY_CONNECTIONS
Maximum number of simultaneously proxied connections
DIVERT_NUM_HOSTS
Number of local host/remote host pairs to store L2 data for
DIVERT_PROXY_TIMEOUT
Timeout in milliseconds for divert proxy TCP 3-way handshake
DIVERT_TTL_TERMINATED
Time (seconds) that connections are remembered after being terminated, needed to ensure that packets still in flight on
a divert channel are handled correctly when received back
B.9. Filtering
FW_MAX_LOG
Maximum number of log entries in the firewall log view
FW_SYSLOG
Enable Firewall logging to syslog
B.10. General
COMM_SERVER_AUTH_TIMEOUT
Timeout for PLCOMM server authentication session
COMM_SERVER_MAX_AUTH_ATTEMPTS
Max authentication attempts in PLCOMMD server authenitcation session.
PLRC_LIVEVIEW_RX_SIZE
Size of the buffer used to send data from PLD to PLRCD
278
Appendix B. System Configuration Values
PLRC_LIVEVIEW_TX_SIZE
Size of the buffer used to send data from PLRCD to PLD
SYSDIAG_PROXY_UPDATE_LOCAL
Update local sysdiag values even though the sysdiag resource is proxied.
SYSDIAG_SNMP_LOCAL_ONLY
Only export local system sysdiag values to SNMP.
SYSDIAG_SNMP_MAX_DEPTH
Maximum level of subvalues exported by snmp. (0 means no subvalues at all)
SYSTEM_NAME
The name of the system as it appears in the System Overview.
B.11. GeoLogic
GEOLOGIC_ENABLED
Enable the GeoLogic function in PacketLogic
GEOLOGIC_FIELDS
Specify GeoLogic interesting FIELDS from database.
GEOLOGIC_PREALLOCED_TABLE_ROWS
Number of rows to preallocate for data
HOST_STATS_MAX_HOSTS
Maximum number of hosts to store host statistics for.
HOST_STATS_SAMPLING_PERCENT
Percent of all IP addresses to include when gathering host statistics.
HOST_STATS_VOLUME_THRESHOLD
Defines the threshold for sending host stats records to Insights Data Storage. The threshold is the number of total bytes
measured over one high frequency interval (256 ms).
B.13. IPFIX
IPFIX_ENABLED
Enables IPFIX export.
IPFIX_FLOW_DEFINITION
Definition of an IPFIX flow. 0: Intermediate flow, 1: Full flow
IPFIX_MAX_COLLECTORS
Maximum number of IPFIX collectors allowed on the system.
279
Appendix B. System Configuration Values
IPFIX_MESSAGE_MAX_LENGTH
Maximum length (bytes) of a single IPFIX message.
IPFIX_SAMPLING_PERCENT
Connection sampling percent for IPFIX export. Connections matching a statistics rule with an associated IPFIXObject will
be sampled by this percent. When a connection is included in the IPFIX export, all of its data will be exported regardless
of IPFIX_FLOW_DEFINITION.
IPFIX_TRANSPORT_PROTOCOL
Transport protocol used for exporting IPFIX messages. Supported protocols: UDP, SCTP
B.14. Insights
INSIGHTS_CONNECTION_SSL_ENABLED
Enable SSL for connections to the Insights storage cluster
INSIGHTS_DATATRANSFER_GZIP_ENABLED
Enable gzip compression of data sent to Insights storage
INSIGHTS_DATA_COLLECTION_SCORE_SERVICE
Collect service dimensions for Insights score data.
INSIGHTS_DATA_COLLECTION_TRAFFIC_BGP
Collect BGP dimensions for Insights traffic data.
INSIGHTS_DATA_COLLECTION_TRAFFIC_CONNECTION
Collect metrics about connections (concurrent, unestablished) for Insights traffic data.
INSIGHTS_DATA_COLLECTION_TRAFFIC_CONTENTLOGIC
Collect Contentlogic dimensions for Insights traffic data.
INSIGHTS_DATA_COLLECTION_TRAFFIC_LS_DEVICE_COUNT
Collect metrics for Linesharing (device count) for Insights traffic data.
INSIGHTS_DATA_COLLECTION_TRAFFIC_LS_DEVICE_ID
Collect Line sharing device dimensions for Insights traffic data.
INSIGHTS_DATA_COLLECTION_TRAFFIC_POLICY
Collect metrics about policy (packet drops, latency) for Insights traffic data.
INSIGHTS_DATA_COLLECTION_TRAFFIC_QUALITY
Collect metrics about quality (RTT, packets, lost packets) for Insights traffic data.
INSIGHTS_DIMENSIONS_ACCESS_NODE
-- Session context column / NetObject path to access node dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "cmts" -- NetObject example: "/PSM/Mobile/By CMTS"
INSIGHTS_DIMENSIONS_ACCESS_TECHNOLOGY
-- Session context column / NetObject path to access technology dimension information. -- Leaving this empty will cause
the dimension to be unprovisioned. -- Session context example: "access_technology" -- NetObject example: "/PSM/
Mobile/By Technology"
INSIGHTS_DIMENSIONS_APN
-- Session context column / NetObject path to apn dimension information. -- Leaving this empty will cause the dimension
to be unprovisioned. -- Session context example: "apn" -- NetObject example: "/PSM/Mobile/By APN"
INSIGHTS_DIMENSIONS_BGP_EXT_N_HOP
Sets 'N' for external BGP N hop data. The N'th AS on the external AS path will be stored in Insights traffic.
280
Appendix B. System Configuration Values
INSIGHTS_DIMENSIONS_CHANNELS_DS
-- Session context column / NetObject path to channels_ds dimension information. -- Leaving this empty will cause
the dimension to be unprovisioned. -- Session context example: "channels_ds" -- NetObject example: "/PSM/Mobile/
By Channel Ds"
INSIGHTS_DIMENSIONS_CHANNELS_US
-- Session context column / NetObject path to channels_us dimension information. -- Leaving this empty will cause
the dimension to be unprovisioned. -- Session context example: "channels_us" -- NetObject example: "/PSM/Mobile/
By Channel Us"
INSIGHTS_DIMENSIONS_CUSTOM_1
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_10
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_2
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_3
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_4
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_5
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_6
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_7
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_8
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
INSIGHTS_DIMENSIONS_CUSTOM_9
-- Session context column / NetObject path to a custom dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "customer_class" -- NetObject example: "/PSM/Mobile/
Class"
281
Appendix B. System Configuration Values
INSIGHTS_DIMENSIONS_DEVICE
-- Session context column / NetObject path to device dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "device" -- NetObject example: "/PSM/Mobile/By Device"
INSIGHTS_DIMENSIONS_GATEWAY
-- Session context column / NetObject path to gateway dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "gateway" -- NetObject example: "/PSM/Mobile/By Gateway"
INSIGHTS_DIMENSIONS_GEOLOGIC_CITY
-- Geologic database column to city dimension information. -- Leaving this empty will cause the dimension to be
unprovisioned.
INSIGHTS_DIMENSIONS_GEOLOGIC_COUNTRY
-- Geologic database column to country dimension information. -- Leaving this empty will cause the dimension to be
unprovisioned.
INSIGHTS_DIMENSIONS_GEOLOGIC_REGION
-- Geologic database column to region dimension information. -- Leaving this empty will cause the dimension to be
unprovisioned.
INSIGHTS_DIMENSIONS_INTERFACE
-- Session context column / NetObject path to interface dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "interface" -- NetObject example: "/PSM/Mobile/By Interface"
INSIGHTS_DIMENSIONS_LOCATION
-- Session context column / NetObject path to location dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "cgi" -- NetObject example: "/PSM/Mobile/By CGI"
INSIGHTS_DIMENSIONS_NETWORK
-- Session context column / NetObject path to network dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "network" -- NetObject example: "/PSM/Mobile/By Network"
INSIGHTS_DIMENSIONS_SERVICE_PLAN
-- Session context column / NetObject path to service plan dimension information. -- Leaving this empty will cause the
dimension to be unprovisioned. -- Session context example: "service_plan" -- NetObject example: "/PSM/Mobile/By
Service Plan"
INSIGHTS_DIMENSIONS_SIGNATURE_DEVICE_CATEGORY
-- Property name for Device Category -- or, NetObject path for Device Category, example: "/PSM/Pinned Device Name"
-- or, Session Context column, with Device Category, example: "Pinned Device Name" -- Empty to leave this traffic
dimension unassigned
INSIGHTS_DIMENSIONS_SIGNATURE_DEVICE_NAME
-- Property name for Device Name -- or, NetObject path for Device Name, example: "/PSM/Pinned Device Name" -- or,
Session Context column, with Device Name, example: "Pinned Device Name" -- Empty to leave this traffic dimension
unassigned
INSIGHTS_DIMENSIONS_SIGNATURE_SERVICE_CATEGORY
Service Object path to Service Category -- Optional |<depth> suffix to use a level below the specified path, e.g. "/Procera
Networks Categorization/Categories|3" -- Empty to leave this traffic dimension unassigned
INSIGHTS_DIMENSIONS_SITE
-- Session context column / NetObject path to site dimension information. -- Leaving this empty will cause the dimension
to be unprovisioned. -- Session context example: "site" -- NetObject example: "/PSM/Mobile/By Site"
INSIGHTS_DIMENSIONS_SUBSCRIBER
-- Session context column / NetObject path to subscriber dimension information. -- Leaving this empty will cause
the dimension to be unprovisioned. -- Session context example: "subscriber" -- NetObject example: "/PSM/Mobile/All
Subscribers"
282
Appendix B. System Configuration Values
INSIGHTS_DIMENSIONS_USE_PINNED_DEVICES
Use NetObjects/Session Context data to populate Signature Device Name and Category.
INSIGHTS_OBFUSCATE_SUBSCRIBERS
Obfuscate data populating 'Subscriber' column.
INSIGHTS_SCORE_BUFFER_SIZE_MB
Bulk size (MB) used for Insights Score data loading.
INSIGHTS_SCORE_DUMP_INTERVAL
The dump interval for Insights score data in seconds. The value must be a divisor of a full hour. Score data is sent to
Insights Storage at the dump interval and when the score data buffer is full (INSIGHTS_SCORE_BUFFER_SIZE_MB).
Caution: A low dump interval might cause resource problems in Insights Storage.
INSIGHTS_SESSION_CONTEXT_SCHEMAS
-- Session context schema names of the schemas that represents subscribers. -- Use comma (,) to delimit multiple
schema names. Do not use any spaces between the names. -- Example: "fixed,mobile"
INSIGHTS_TRAFFIC_ENABLED
Enable Insights traffic statistics collection facility
INSIGHTS_TRAFFIC_SCHEMA
Database schema containing the Traffic Perspectives data
INSIGHTS_TRAFFIC_TABLE
Database table containing the base Traffic Perspectives data
INSIGHTS_USE_SESSION_CONTEXT
Use session context data to populate tables.
B.15. Linesharing
LS_DEVICE_PORT_ENABLE
TCP port based detection
LS_DEVICE_PORT_SIZE
Number of detectable port devices per host
LS_DEVICE_TS_ENABLE
TCP timestamp based detection
LS_DEVICE_TS_SIZE
Number of detectable timestamp devices per host
LS_ENABLE
Enable line sharing detection
LS_HOST_POOL_SIZE
The number of host entries in the memory pool for tracking line sharing devices
B.16. LiveView
HOST_NUM_HOSTS
Maximum number of simulatenously accounted hosts
283
Appendix B. System Configuration Values
HOST_NUM_NETOBJECTS
Number of netobjects an IP can be viewed in. This only applies to the Local Hosts view.
LIVEVIEW_MAX_VIEWS
Maximum number of concurrent connection views
LIVEVIEW_WEB_SERVER_PORT
Web liveview server port
MAX_VISIBLE_NETOBJECTS
Maximum number of visible NetObjects allowed
PLD_CLIENT_SEND_RINGBUF_HEADROOM
Headroom of PLD_CLIENT_SEND_RINGBUF_MEGS in percentage before liveview updates are dropped.
PLD_CLIENT_SEND_RINGBUF_MEGS
Size in MB of the ringbuffer in PLD and PLRCD used to transmit data to one non-PLSD client. There is one for each
connected and authenticated client.
PLD_CONN_UPDATE_THREADS
Number of connection update threads per reaper. Value must be a power of two.
PLD_REAPER_RINGBUF_MEGS
Size in MB of each ringbuffer in PLD used to receive data from a reaper. There is one for each reaper (flow processor).
PLD_REAPER_SEND_RINGBUF_MEGS
Size in MB of each ringbuffer in PLD used to transmit data to a reaper. There is one for each reaper (flow processor).
PLNATD_REAPER_RINGBUF_MEGS
Size in MB of each ringbuffer in PLNATD used to receive data from a reaper. There is one for each reaper (flow processor).
PLRC_REAPER_RINGBUF_MEGS
Size in MB of each ringbuffer in PLRCD used to receive data from a reaper. There is one for each reaper (flow processor).
SHUNT_MONITOR_IFACE
Interface name to use as shunt monitor interface. Empty value means use physical monitor port.
ALWAYS_FORWARD
Allow forwarding of packets before ruleset is loaded
BYPASS_TIMEOUT
Bypass timeout in milliseconds for Advantech and Silicom bypass NMCs.
284
Appendix B. System Configuration Values
CONNECTION_HOPLIMIT_FIRSTPACKET
Only look at the hop limit (that is, max TTL) of the initial packet in a connection. Disable to refresh hop limit on every
packet, possibly with a negative performance impact.
E10K_RX_ERROR_TIMEOUT
Time duration in milliseconds after TX laser enabling before we treat RX symbol errors as an error (e10k interfaces)
E10K_RX_QUEUE_LENGTH
Hardware receive queue length. Needs to be a power of two! (Hardwired to 1024 for LB blade ports.)
E10K_TX_QUEUE_LENGTH
Hardware transmit queue length. Needs to be a power of two! (Hardwired to 1024 for LB blade ports.)
E1K_BYPASS_ENABLED
Enable bypass for Intel pci-express adapters
E1K_LOL_ENABLED
Enable Loss of Link (Light) propagation for Intel e1k/e10k-based fiber optic adapters. For 100GE interfaces (PL15000
and PL20000), use LOL_ENABLED.
E1K_RX_ERROR_TIMEOUT
Time duration in milliseconds after TX laser enabling before we treat RX symbol errors as an error (e1k interfaces)
ECN_FULL_SHAPING
Enable ECN for all shaping objects
ECN_SUPPORT
Enable ECN support (RFC3168) for shaping objects that are split by local host, split by subscriber and split by connection
FORWARDING_DISABLED
If set no received packets are transmitted. Flowsync, divert and monitor packets are still transmitted.
FP_AUTOMATIC_REBOOT
Enable FP automatic reboot in case of emergency problem
I40E_RX_ERROR_TIMEOUT
Time duration in milliseconds after TX laser enabling before we treat RX symbol errors as an error (i40e interfaces)
IPV4_EXPOSE_FRAGMENT_VIOLATIONS
Enable logging when a connection has more fragments for a packet header than
IPV4_MAX_FRAGMENTS_PER_HEADER.
IPV4_FRAGMENT_REASS_PPS
Limit IPv4 fragment reassemblies (pps/thread), 0 to disable. When this limit is reached, subsequent fragmented packets
are dropped. Drops are accounted by the system diagnostics value IPv4/Reassembly refused (Rate Limit).
IPV4_MAX_FRAGMENTS_PER_HEADER
Maximum number of fragments per IPv4 packet
IPV4_TUNNELING
Enable generic IPv4 tunneling support
IPV6_ICMPV6_GENERATION
Enable IPv6 ICMPv6 packet generation
IPV6_ICMPV6_GENERATION_PPS
IPv6 ICMPv6 packet generation rate (pps/thread)
IPV6_TEREDO
Enable Teredo support (RFC4380)
285
Appendix B. System Configuration Values
IPV6_TUNNELING
Enable generic IPv6 tunneling support (RFC2473)
IP_FRAGMENTS
Number of simultaneously defragmented IP packets
LB_ACTIVE_FP
Number of Flow Processors used to process traffic
LB_BLACKLIST_ENABLED
Enable finegrained (1024 buckets) blacklisting triggered on RX drops in the FP. Default action is Shunt. See also
LB_DROP_BLACKLISTED.
LB_BLACKLIST_TIMEOUT
Number of seconds that a bucket remains blacklisted. See also LB_BLACKLIST_ENABLED.
LB_CPU_PACKET_BUFFER_SIZE
Size of the packet buffer in load balancer's CPU memory.
LB_DROP_BLACKLISTED
Drop incoming packets for blacklisted buckets instead of shunting them
LB_FABRICS_ALLOW
Bitmask of switch fabrics that are allowed to be used for heartbeats and traffic towards Flow Processors. Fabric 1 is bit
0 (value 1) Fabric 2 is bit 1 (value 2)
LB_HB_BYPASS_DROP_THRESHOLD
Number of sequential heartbeat packets required to be dropped by a flow processor before it is disabled
LB_HB_GRACE
Number of sequential heartbeat checks (two packets, one per direction) required to pass through a flow processor before
it is enabled
LB_HB_RATE
Number of heartbeat checks (two packets, one per direction) sent to a flow processor per second
LB_NUM_FP
Total number of Flow Processors
LB_REBALANCE_INERTIA
Maximum load differential, as percent of PPS, is allowed between the highest- and lowest-load threads before traffic is
rebalanced
LB_REBALANCE_IPV4_FAILED_FP
Rebalance ipv4 packets balanced to a failed fp, instead of shunting. If no other fp is available, the packet will be dropped.
Both switch fabrics must be allowed to be used for heartbeats.
LB_USE_FP_TABLE
Use fp lookup table to balance traffic instead of normal balancing algo. Balancing will be done without jhash to support
deterministic cgnat. This feature should only be used with cgnat.
LLHDR_CACHE_ENTRIES
Maximum number of stored link-level headers
LLHDR_CACHE_HEADER_SIZE
Maximum size of each stored link-level header
LOL_DEADLOCK_TIMEOUT
Interval (seconds) with which ports are probed to detect and mitigate deadlock in Loss of Link state. 0 (zero) disables
probing.
286
Appendix B. System Configuration Values
LOL_ENABLED
Enable Loss of Link (Light) propagation for 100G platforms (PL15000/PL20000). For corresponding configuration on
1GE/10GE non-SFP fiber, use E1K_LOL_ENABLED.
LOL_RX_ERROR_REACT
Allow Loss of Link (Light) propagation to treat RX symbol errors like loss of signal
LOL_RX_ERROR_TIMEOUT
Time duration in milliseconds after linkup before we treat remote fault as an error
MAX_REAPERS
Maximum number of packetlogicd reapers
MONITOR_INTERNAL_HEADER
If set to true and using rewriting, monitor the internal packet header, otherwise monitor the external packet header.
MONITOR_SIMPLIFY_HEADER
Remove all data, in the monitored packet, between end of ethernet header and start of currently inspected IP-header.
This might be Dot1q, MPLS, PPPoE etc data, or the outer IP-header/UDP-header if matching on the inner IP-header of
a tunneled packet.
MPLS_CONTROL_WORD_PRESENT
Defines if MPLS traffic contains a four byte control word. If enabled, all MPLS traffic is assumed to contain the control
word which is skipped when reading the enclosed packet.
MPLS_GUESS_PREFER_ETH
Assume Ethernet MPLS-encapsulated frames over IP (when indeterminate)
PACKET_ACCOUNTING_IGNORE_MPLS
Ignore size of MPLS header when accounting packet length.
PACKET_ACCOUNTING_MODE_L3
Ignore size of L2 header when accounting packet length in layer 3+.
PACKET_INSPECT_MTU
Maximum ethernet frame size (bytes) including CRC to inspect
PACKET_POOL_SIZE
Number of packets in the packet pool
PACKET_RESERVE
Reserved packets
PLOS_BALANCER_ALLOW_CPU0
Allow CPU0 to perform NIC polling and load balancing
PLOS_BALANCER_ALLOW_LB_ON_FP
Allow FP CPUs to perform NIC polling and load balancing
PLOS_BALANCER_LB_CPUS
Number of dedicated NIC polling/load balancing CPUs, excluding CPU0
PLOS_BALANCER_LOCAL_NODE
Load balance to FP CPUs on the same node as the LB CPU (and NIC)
PLOS_BALANCER_QUEUE_LENGTH
Maximum number of packets that each CPU can have enqueued for processing from load balancing (only valid on
appliances)
PLOS_BALANCER_USE_5TUPLE
Enable load balancing based on a hash of the connection 5-tuple (best for inspected tunnels) instead of the internal IP
address (best for split by subscriber provisioning)
287
Appendix B. System Configuration Values
PLOS_CLOCK_HZ
PLOS Clock Frequency 0 = 1Khz, 1 = 10Khz
PLOS_OLPROT_BACKOFF_ENABLED
Enable overload protection backoff. If enabled, PLOS will try to reenable packet processing after a minimum of
PLOS_OLPROT_CHECK_INTERVAL seconds has passed.
PLOS_OLPROT_CHECK_INTERVAL
How often (in seconds) PLOS should check for overload. Setting this to 0 will disable overload protection.
PLOS_OLPROT_THRESHOLD
The number of packets (per 1000) that may be dropped (linklevel RX drops) before triggering overload protection on PLOS
PORT_QUIRKS
Specify quirks for hardware ports. Specified as name1:value1 or name2:mask2:value2
(pl15k_tx_diff:0,pl20k_rx_sec:0x41:31). On Pl20k systems restart of lbumd (or reboot of IO card) is need in order for the
changes to apply.
TCPV4_SEGMENT_FACTOR
Number of TCP segment headers allocated, multiplied by MAX_CONNECTIONS.
TUNNELING_ACCOUNTING_LEVEL_MAX
Defines the highest tunnel level to account traffic for. Use this to customize how Session Context counters are updated
in tunneled configurations.
TUNNELING_ACCOUNTING_LEVEL_MIN
Defines the lowest tunnel level to account traffic for. Use this to customize how Session Context counters are updated
in tunneled configurations.
TUNNELING_ACCOUNT_HEADERS
Include header size of lower level tunnels when accounting packet length inside tunnels
TUNNELING_CAPWAP_DATA_PORT
Port used for transport of CAPWAP data
TUNNELING_CAPWAP_SUPPORT
Enable CAPWAP tunneling support
TUNNELING_DSLITE_SUPPORT
Enable DS-Lite tunneling support (requires IPV4_TUNNELING)
TUNNELING_ETHERIP_SUPPORT
Enable EtherIP tunneling support
TUNNELING_GRE_SUPPORT
Enable GRE tunneling support
TUNNELING_GTP_C_PORT
Destination port for GTP-C traffic
TUNNELING_GTP_SUPPORT
Enable GTP tunneling support
TUNNELING_GTP_U_PORT
Destination port for GTP-U traffic
TUNNELING_L2TP_CONTROL_MONITOR_IFACE
Interface name to use for L2TP control packet mirroring. Empty value means no mirroring.
TUNNELING_L2TP_MAP_ENABLE
Enable L2TP map support
288
Appendix B. System Configuration Values
TUNNELING_L2TP_MAP_MAX
Max entries in L2TP map
TUNNELING_L2TP_PORT
L2TP port
TUNNELING_L2TP_SUPPORT
Enable L2TP tunneling support
TUNNELING_MAX_LEVEL
Maximum number of tunnel levels to go through
TUNNELING_SUB_LEVEL
The tunnel level subscribers are expected at
TUNNEL_CTXS
Number of simultaneous tunnel contexts
EXT_QUEUESYNC_IFACE
Interface name to use for External Queue Sync
EXT_QUEUESYNC_REMOVE_TIME
Remove timeout time, in ms, before QSync peer is removed from peer table and sysdiag values. Default is two weeks."
EXT_QUEUESYNC_SEND_BUFFER_MEGS
Size (MB) of send buffer for external qsync
EXT_QUEUESYNC_STATUS_INTERVAL
Status packet send interval in ms
EXT_QUEUESYNC_TIMEOUT_TIME
Timeout time, in ms, before QSync peer is marked as timed out
EXT_QUEUESYNC_USE_NAME
Use object names instead of object ids in External Queue Sync
EXT_QUEUESYNC_WHITELIST
Commaseparated list of prefixes which peers must match to be allowed to queuesync.
QUEUESYNC_AIMD_THRESHOLD
If non-zero, this controls the inertia for increasing available bandwidth in queue sync. Larger number means quicker
increase in synced available bandwidth.
B.20. Ruleset
BGP_USE_EXTERNAL_PATH_ONLY
When matching BGP rules, only consider external ASpath/communities
DYNAMIC_NETOBJECT_ENRICH_ENABLE
Enable dynamic enrich for dynamic netobject items.
289
Appendix B. System Configuration Values
DYNAMIC_NETOBJECT_ENRICH_MAX
Maximum number of dynamic enrich configs added for dynamic netobject that an enrichobject uses in the ruleset. Enable
DYNAMIC_NETOBJECT_ENRICH_ENABLE for this.
DYNAMIC_NETOBJECT_PREFIXES_MAX
Maximum number of unique IP-prefixes (IPv4 and IPv6) added as dynamic netobject items.
DYNAMIC_NETOBJECT_SAVE_ENABLE
Save the dynamic netobject items to disk. This is normally not needed as a PSM or other client provisions the dynitems.
This will affect performance very bad when the number of dynamic items increases.
DYNAMIC_NETOBJECT_SAVE_INTERVAL
How often, in seconds, to save dynamic netobjects to disk if DYNAMIC_NETOBJECT_SAVE_ENABLE is TRUE
DYNAMIC_NETOBJECT_SUBSCRIBER_MAX
Maximum number of unique subscriber names added as dynamic netobject items under a netobject being used by any
rule.
MAX_DYNAMIC_NATCFG_ENGINE
Maximum number of NAT instances in engine
MPLS_ILEVEL
MPLS label nesting effective for ruleset
NETOBJECT_PREFIXES_MAX_BITMASKS
Maximum number of prefix matching combinations all prefixes has. If two prefixes matches the same rules, only one
bitmask is used.
NETOBJECT_PREFIXES_MAX_IPV4
Maximum number of unique IPv4 prefix, used in ruleset via a netobject. This is the sum of static and dynamic netobject
items in netobjects used by rules.
NETOBJECT_PREFIXES_MAX_IPV6
Maximum number of unique IPv6 prefix, used in ruleset via a netobject. This is the sum of static and dynamic netobject
items in netobjects used by rules.
QINQ_ILEVEL
Number of nested VLAN IDs traversed to set the VLAN ID for a connection (0 means no traversal, i.e. look at the outermost
ID)
RESET_PPPOE_CONNECTIONS
Reset PPPoE connections
RULESET_COMPILATION_COMPILE_OBJECTS
Compile each object before using them in a rule. Will save complation time when many rules are using the same object,
but it might be harder to read the compilation dump of any rule or ruleset.
RULESET_COMPILATION_DUMP_TOLOG
Enable dumping of ruleset compilation to plrcd.log. Warning, this will create a lot of logs. Use this only with a small number
of active rules during ruleset debugging.
RULESET_COMPILATION_MAX_RULES
Maximum number of rules in ruleset firewall+shaping+statistics rules combined"
RULESET_COMPILATION_PROPERTYOBJECT_MAX_COMPLEXITY
Max complexity allowed in propertyobjects. Refers to max number of compile states in the pattern matcher. Using * in the
patterns will use many states. If you get too complex propertyobjects, split it into two objects and use OR between them.
RULESET_DIVERT_ON_FIRST_ONLY
Prevent starting to divert packets after the first packet in a connection. Ruleset reloads may still cause divert changes
mid-connection.
290
Appendix B. System Configuration Values
RULESET_DYNIP_ALWAYS_REHASH
Enable rehashing the ruleset on dynamic IP updates
RULESET_ENRICH_BEFORE_DIVERT
Do enrichment before divert
RULESET_ENRICH_LOG_ACTIONS
Log each enrichment action
RULESET_FILTER_COMBINE_RULES
Allow accumulating settings from filtering rules with actions REWRITE and ACCEPT when multiple rules match a
connection.
RULESET_MAX_ENRICH_CONNECTIONS
Maximum number of connections that can undergo header enrichment simultaneously.
RULESET_REWRITE_ON_FIRST_ONLY
Prevent starting to rewrite packets after the first packet in a connection. Ruleset reloads may still cause rewrite changes
mid-connection.
B.21. Shaping
PRIO_EMPTY_ACK
Prioritize ACK packets without payload
PRIO_RETRANSMISSION
Prioritize TCP retransmissions
SHAPING_BLUE_HOLD_TIME
Blue hold time in ms
SHAPING_COUNTERS_GRANULARITY_SHIFT
Minimum change in shaping counters reported (as a shift, default 18 means 1 << 18 = 256k)
SHAPING_COUNTERS_MAX
Maximum number of active shaping counters
SHAPING_COUNTERS_SUBSCRIBER_SEND_ALL
Send all counters for a subscriber when one of its counters crosses granulaity boundary.
SHAPING_DSCP_MAP
DSCP values used for marking. Example: 10,12 will mark packets sent without borrowing with 10, packets that borrow
from the second object will be marked 12. DSCP values are between 0 and 63, 255 means keep existing DSCP
SHAPING_DSCP_MARKING
DSCP marking support
SHAPING_HOSTFAIRNESS_IPV6_PREFIX_LEN
Prefix length used for IPv6 host fairness
SHAPING_MAX_RULES_PER_CONNECTION
Maximum number of shaping rules that can match one connection
SHAPING_MAX_SPLITTED_OBJECTS
Maximum total number of objects created by using Split By in ShapingObjects. Higher value results in increased load
on CPU0.
291
Appendix B. System Configuration Values
SHAPING_OBJECTS_PER_CONN
Maximum number of ShapingObjects any one connection may exist in
SHAPING_OR_BORROWING
Enable accounting packets on all ShapingObjects in a Shaping rule, rather than only the one that dequeues it first
SHAPING_PRIO0_FASTLANE
Never drop packets with priority 0, allowing them to exceed configured bandwidth limits (Probably do not want to use
together with PRIO_EMPTY_ACK)
SHAPING_QUEUE_FACTOR
The maximum size of the queue is multiplied by QUEUE_FACTOR. The original size is calculated from the shaping object
bandwidth.
SHAPING_QUEUE_GOAL
The shaping algorithm will try to regulate the queue usage such that the queue length is around QUEUE_GOAL in
milliseconds.
B.22. Statistics
PLDB_STATISTICSFS_MAX_SUBS
Maximum number of subscribers stored in statistics
PLDB_STATISTICSFS_MAX_VALUES
Size of the Global Index table for statisticsfs. Change takes effect only when a Global Index table is created.
PLDB_STATISTICSFS_MAX_VALUES_DATASET
Maximum total number of values in all datasets stored
PLDB_STATWRITER_GRACE_PERIOD
Time in seconds Statwriter waits after a dataset is received before it starts writing
PLS_CHANNELSTATS_ENABLED
Enable collecting channel statistics
PLS_CONNLOG_ENABLED
Enable Collection of Connlog records.
PLS_CONNLOG_REINDEXING_ENABLED
Enable reindexing for connection logging data. Disk usage for connlog data will decrease if reindexing is disabled.
PLS_CONNLOG_SEARCHABLE_CRITERIAS
Comma-separated list of searchable criteria in connlog: SERVER CLIENT CLIENTPORT SERVERPORT PROTOCOL
SERVICE SERVERHOST HOST VNO SERVER_IPV6 CLIENT_IPV6 HOST_IPV6 NATCLIENT NATSERVER NATHOST
NATCLIENTPORT NATSERVERPORT (empty list equals all criterias)
PLS_CONN_THRESHOLD_IN
Account only for flows that send more than this many bytes downstream.
PLS_CONN_THRESHOLD_OUT
Account only for flows that send more than this many bytes upstream.
PLS_DATASET_BANDWIDTH_LIMIT
Maximum Bandwidth(in Kbps) to use to transfer Dataset to Statwriter/StatBackup Resource
PLS_DISK_CACHE_INTERVAL
Interval with which PLSD caches datasets to disk. PLS_DISK_CACHE_INTERVAL must be a multiple of
PLS_GRAPH_FREQUENCY and PLS_DUMP_INTERVAL must be a multiple of PLS_DISK_CACHE_INTERVAL
292
Appendix B. System Configuration Values
PLS_DUMP_INTERVAL
Interval with which PLSD dumps datasets to statwiter. This value must be a multiple of PLS_GRAPH_FREQUENCY and
a divisor of a full day.
PLS_GRAPH_FREQUENCY
Sampling frequency for line graph in Statistics
PLS_MAX_VALUES
Maximum number of values in a dataset for one PLSD
PLS_MAX_VALUE_DEPTH
Maximum depth allowed for a statistics value
PLS_NATSTATS_ENABLED
Enable collecting NAT statistics
PLS_OBFUSCATE_SUBSCRIBERS
Obfuscate 'Subscriber' distributions in Statistics.
PLS_PRIORITY_THRESHOLD
If value usage exceeds this percentage, only High Priority values will be created.
PLS_RINGBUF_MEGS
Size in MB of the ringbuffer in PLSD to receive data from PLD. There is one for each PLSD.
PLS_SCHEMA_COLUMN_SUBSCRIBER
The Session Context column(s) that are counted as subscriber(s) in the statistics file system. These values are obfuscated
by default in statistics. A single value is entered in the format “schema name/column name”, for example, subscriber/
msisdn. Multiple values are entered as a comma-separated list, for example, subscriber/msisdn,session/imsi.
PLS_SESSION_CONTEXT_MAX_COLUMNS
Maximum number of Columns per Session Context Schema in PLSD.
PLS_SESSION_CONTEXT_MAX_ROWS
Maximum number of Session Context Rows in PLSD.
PLS_SHAPINGOBJECTSTATS_ENABLED
Enable collection of ShapingObject Statistics.
PLS_STATBACKUP_ENABLED
Enable statistics backup resource
PLS_STATBACKUP_WRITE_VERSION
Firmware version of the STATBACKUP resource in format: major.minor.drop
PLS_STATISTICS_ENABLED
Enable collecting statistics
PLS_STATWRITER_WRITE_VERSION
Firmware version of the STATWRITER resource in format: major.minor.drop
SNMP_LOG_REWRITES
Enable logging rewritten connection data to SNMP agent
STATISTICS_MAX_RULES_PER_CONNECTION
Maximum number of statistics rules any one connection is allowed to match
293
294
Appendix C. System Diagnostics Values
C.1. Introduction
This section describes the values shown in the System Diagnostics view in LiveView in the PacketLogic client.
System diagnostics shows values for various parts and subsystems in PacketLogic. The values are divided into so-called zones,
each representing a specific part or subsystem.
For each value, there are three columns: Rate, Current/Total, and Peak. Rate shows the rate at which the value is increasing.
Rate is not applicable for all values. Current/Total shows the current value or the accumulated total, depending on the nature of
the value. Peak shows the highest registered value or rate sample, depending on the nature of the value.
Note: Values denoted as bytes have rate values in bits per second (bps).
Some zones are only available if the associated functionality is active (for example, the BGP zone is only visible if BGP is
configured and used), whereas others are always present.
For some zones, the values are expandable. This applies when there are more than one component in the system performing
the associated function. For example, the Connection zone has expandable zones in case there are multiple components
handling connections. Expanding the value will then display values for the individual components, even down to each thread
running on a multithreaded processor.
C.2. BGP
Connection uptime
This is the time this system has maintained its current connection with a peer BGP server.
OID: 1.3.6.1.4.1.15397.2.1.122.4
OID: 1.3.6.1.4.1.15397.2.1.122.49
OID: 1.3.6.1.4.1.15397.2.1.122.23
OID: 1.3.6.1.4.1.15397.2.1.122.25
OID: 1.3.6.1.4.1.15397.2.1.122.22
OID: 1.3.6.1.4.1.15397.2.1.122.31
OID: 1.3.6.1.4.1.15397.2.1.122.41
295
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.122.24
OID: 1.3.6.1.4.1.15397.2.1.122.12
OID: 1.3.6.1.4.1.15397.2.1.122.48
Number of prefixes/routes
OID: 1.3.6.1.4.1.15397.2.1.122.2
OID: 1.3.6.1.4.1.15397.2.1.122.3
OID: 1.3.6.1.4.1.15397.2.1.122.35
OID: 1.3.6.1.4.1.15397.2.1.122.45
OID: 1.3.6.1.4.1.15397.2.1.122.36
OID: 1.3.6.1.4.1.15397.2.1.122.46
OID: 1.3.6.1.4.1.15397.2.1.122.37
OID: 1.3.6.1.4.1.15397.2.1.122.47
OID: 1.3.6.1.4.1.15397.2.1.122.32
Total count of IPv4 announces without withdraw, replacing an already existing prefix/route
OID: 1.3.6.1.4.1.15397.2.1.122.34
OID: 1.3.6.1.4.1.15397.2.1.122.33
OID: 1.3.6.1.4.1.15397.2.1.122.42
296
Appendix C. System Diagnostics Values
Total count of IPv6 announces without withdraw, replacing an already existing prefix/route
OID: 1.3.6.1.4.1.15397.2.1.122.44
OID: 1.3.6.1.4.1.15397.2.1.122.43
OID: 1.3.6.1.4.1.15397.2.1.122.9
OID: 1.3.6.1.4.1.15397.2.1.122.7
OID: 1.3.6.1.4.1.15397.2.1.122.8
OID: 1.3.6.1.4.1.15397.2.1.122.10
Updates received
This is the total number of updates received from any of the BGP servers.
OID: 1.3.6.1.4.1.15397.2.1.122.1
C.3. CAPWAP
Non-CAPWAP packets seen on the CAPWAP port
Number of packets on the configured CAPWAP tunnel port that failed CAPWAP protocol validation.
OID: 1.3.6.1.4.1.15397.2.1.154.8
OID: 1.3.6.1.4.1.15397.2.1.154.1
OID: 1.3.6.1.4.1.15397.2.1.154.7
OID: 1.3.6.1.4.1.15397.2.1.154.6
OID: 1.3.6.1.4.1.15397.2.1.154.2
297
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.154.3
C.4. Comm
CLIENT: Authentication failures
This system has failed authenticating towards another PacketLogic when connecting using plcommd.
OID: 1.3.6.1.4.1.15397.2.1.148.6
OID: 1.3.6.1.4.1.15397.2.1.148.8
OID: 1.3.6.1.4.1.15397.2.1.148.5
OID: 1.3.6.1.4.1.15397.2.1.148.7
OID: 1.3.6.1.4.1.15397.2.1.148.4
OID: 1.3.6.1.4.1.15397.2.1.148.2
OID: 1.3.6.1.4.1.15397.2.1.148.3
OID: 1.3.6.1.4.1.15397.2.1.148.1
C.5. Connection
Attempts refused (already existed)
This is the number of connection create attempts that failed because an identical connection already existed. This is a
typical sign of a worm, but could also be a natural occurrence.
OID: 1.3.6.1.4.1.15397.2.1.56.18
OID: 1.3.6.1.4.1.15397.2.1.56.5
OID: 1.3.6.1.4.1.15397.2.1.56.6
298
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.56.43
OID: 1.3.6.1.4.1.15397.2.1.56.19
OID: 1.3.6.1.4.1.15397.2.1.56.42
OID: 1.3.6.1.4.1.15397.2.1.56.9
OID: 1.3.6.1.4.1.15397.2.1.56.49
OID: 1.3.6.1.4.1.15397.2.1.56.48
OID: 1.3.6.1.4.1.15397.2.1.56.3
OID: 1.3.6.1.4.1.15397.2.1.56.4
Created inbound
This is the number of inbound connections created.
OID: 1.3.6.1.4.1.15397.2.1.56.7
Created outbound
This is the number of outbound connections created.
OID: 1.3.6.1.4.1.15397.2.1.56.8
Current count
This is the current number of connections, both established and unestablished.
OID: 1.3.6.1.4.1.15397.2.1.56.1
OID: 1.3.6.1.4.1.15397.2.1.56.2
Protection enabled
This is the number of times the connection protection has been enabled. This happens when the connection creation
rate is above CONNPROT_THRESSHOLD.
299
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.56.14
OID: 1.3.6.1.4.1.15397.2.1.56.41
OID: 1.3.6.1.4.1.15397.2.1.56.40
C.6. Connsync
Clocks out of sync between peers
OID: 1.3.6.1.4.1.15397.2.1.60.64
OID: 1.3.6.1.4.1.15397.2.1.60.8
Double seen
This is the number of times a SEEN message is received when flow synchronization is already set up.
OID: 1.3.6.1.4.1.15397.2.1.60.9
OID: 1.3.6.1.4.1.15397.2.1.60.4
OID: 1.3.6.1.4.1.15397.2.1.60.47
OID: 1.3.6.1.4.1.15397.2.1.60.48
Hello received
This is the number of Hello packets received from flow syncing peers.
OID: 1.3.6.1.4.1.15397.2.1.60.10
OID: 1.3.6.1.4.1.15397.2.1.60.32
Ohai received
OID: 1.3.6.1.4.1.15397.2.1.60.60
Out of syncs
This is the number of connections set as out of sync due to UPDATE messages arriving after ordinary packets for a
connection. This can be caused by too high latency on the flowsync connection.
300
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.60.7
OID: 1.3.6.1.4.1.15397.2.1.60.61
OID: 1.3.6.1.4.1.15397.2.1.60.62
OID: 1.3.6.1.4.1.15397.2.1.60.59
OID: 1.3.6.1.4.1.15397.2.1.60.58
OID: 1.3.6.1.4.1.15397.2.1.60.57
OID: 1.3.6.1.4.1.15397.2.1.60.53
OID: 1.3.6.1.4.1.15397.2.1.60.52
OID: 1.3.6.1.4.1.15397.2.1.60.50
OID: 1.3.6.1.4.1.15397.2.1.60.49
OID: 1.3.6.1.4.1.15397.2.1.60.17
OID: 1.3.6.1.4.1.15397.2.1.60.18
OID: 1.3.6.1.4.1.15397.2.1.60.19
Seen received
This is the number of SEEN messages received (that is, the number of times requests to synchronize connections have
been received).
OID: 1.3.6.1.4.1.15397.2.1.60.2
Seen sent
This is the number of SEEN messages sent (that is, the number of times requests to synchronize connections have
been sent).
301
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.60.1
OID: 1.3.6.1.4.1.15397.2.1.60.68
OID: 1.3.6.1.4.1.15397.2.1.60.67
OID: 1.3.6.1.4.1.15397.2.1.60.65
OID: 1.3.6.1.4.1.15397.2.1.60.66
UDP received
This is the number of flow sync packets receiver for UDP connections.
OID: 1.3.6.1.4.1.15397.2.1.60.21
UDP sent
This is the number of flow sync packets sent for UDP connections.
OID: 1.3.6.1.4.1.15397.2.1.60.20
Updates Sent
This is the number of connection synchronization update messages sent.
OID: 1.3.6.1.4.1.15397.2.1.60.3
OID: 1.3.6.1.4.1.15397.2.1.60.13
OID: 1.3.6.1.4.1.15397.2.1.60.6
Updates received
This is the number of connection synchronization update messages received (for connections being synchronized).
OID: 1.3.6.1.4.1.15397.2.1.60.5
C.7. ContentLogic
Current categories load ratio
OID: 1.3.6.1.4.1.15397.2.1.140.6
302
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.140.10
OID: 1.3.6.1.4.1.15397.2.1.140.2
OID: 1.3.6.1.4.1.15397.2.1.140.9
Number of lookups
OID: 1.3.6.1.4.1.15397.2.1.140.11
OID: 1.3.6.1.4.1.15397.2.1.140.12
C.8. Divert
Bypassed packets
This is the number of packets that match a Divert rule where the system to divert to is considered down. These packets
are bypassed, but still processed by the rest of the ruleset.
OID: 1.3.6.1.4.1.15397.2.1.125.17
Connections
This is the number of connections being diverted.
OID: 1.3.6.1.4.1.15397.2.1.125.11
Dropped packets
This is the number of packets dropped because the divert mechanism could not determine what to do with it.
OID: 1.3.6.1.4.1.15397.2.1.125.18
Egress bytes
This is the number of bytes sent to divert system(s).
OID: 1.3.6.1.4.1.15397.2.1.125.5
Egress packets
This is the number of packets sent to divert system(s).
OID: 1.3.6.1.4.1.15397.2.1.125.4
OID: 1.3.6.1.4.1.15397.2.1.125.15
OID: 1.3.6.1.4.1.15397.2.1.125.14
303
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.125.13
OID: 1.3.6.1.4.1.15397.2.1.125.12
Heartbeats lost
This is the number of heart beats lost.
OID: 1.3.6.1.4.1.15397.2.1.125.16
Hosts
This is the number of hosts stored for divert channels.
OID: 1.3.6.1.4.1.15397.2.1.125.10
Ingress bytes
This is the number of bytes received from divert system(s).
OID: 1.3.6.1.4.1.15397.2.1.125.7
Ingress packets
This is the number of packets received from divert system(s).
OID: 1.3.6.1.4.1.15397.2.1.125.6
OID: 1.3.6.1.4.1.15397.2.1.125.9
OID: 1.3.6.1.4.1.15397.2.1.125.27
OID: 1.3.6.1.4.1.15397.2.1.125.8
OID: 1.3.6.1.4.1.15397.2.1.125.25
Out of hosts
This is the number of attempts to create a new data structure for a host with diverted connections when there are no
more to allocate. This means the system configuration value DIVERT_NUM_HOSTS must be raised or the number of
hosts diverted must be lowered.
OID: 1.3.6.1.4.1.15397.2.1.125.2
304
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.125.41
OID: 1.3.6.1.4.1.15397.2.1.125.35
OID: 1.3.6.1.4.1.15397.2.1.125.34
OID: 1.3.6.1.4.1.15397.2.1.125.40
OID: 1.3.6.1.4.1.15397.2.1.125.49
OID: 1.3.6.1.4.1.15397.2.1.125.46
OID: 1.3.6.1.4.1.15397.2.1.125.48
OID: 1.3.6.1.4.1.15397.2.1.125.42
OID: 1.3.6.1.4.1.15397.2.1.125.44
OID: 1.3.6.1.4.1.15397.2.1.125.45
OID: 1.3.6.1.4.1.15397.2.1.125.28
305
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.125.30
OID: 1.3.6.1.4.1.15397.2.1.125.29
OID: 1.3.6.1.4.1.15397.2.1.125.57
Proxy connections
This is the number of connections in mid-session divert.
OID: 1.3.6.1.4.1.15397.2.1.125.19
OID: 1.3.6.1.4.1.15397.2.1.125.20
OID: 1.3.6.1.4.1.15397.2.1.125.71
OID: 1.3.6.1.4.1.15397.2.1.125.3
C.9. Drdl
Analyzer actions called
This is the number of actions called by DRDL when analyzing traffic.
OID: 1.3.6.1.4.1.15397.2.1.24.14
OID: 1.3.6.1.4.1.15397.2.1.24.29
OID: 1.3.6.1.4.1.15397.2.1.24.15
OID: 1.3.6.1.4.1.15397.2.1.24.30
306
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.24.54
OID: 1.3.6.1.4.1.15397.2.1.24.73
New childconnections
This is the number of expected child connections hooks that are installed.
OID: 1.3.6.1.4.1.15397.2.1.24.2
OID: 1.3.6.1.4.1.15397.2.1.24.23
OID: 1.3.6.1.4.1.15397.2.1.24.22
OID: 1.3.6.1.4.1.15397.2.1.24.28
OID: 1.3.6.1.4.1.15397.2.1.24.75
OID: 1.3.6.1.4.1.15397.2.1.24.56
OID: 1.3.6.1.4.1.15397.2.1.24.10
OID: 1.3.6.1.4.1.15397.2.1.24.8
OID: 1.3.6.1.4.1.15397.2.1.24.72
Waiting childconnections
This is the number of child connections hooks pending.
OID: 1.3.6.1.4.1.15397.2.1.24.1
307
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.25.1
OID: 1.3.6.1.4.1.15397.2.1.25.2
OID: 1.3.6.1.4.1.15397.2.1.25.12
OID: 1.3.6.1.4.1.15397.2.1.25.3
OID: 1.3.6.1.4.1.15397.2.1.25.4
OID: 1.3.6.1.4.1.15397.2.1.25.5
OID: 1.3.6.1.4.1.15397.2.1.25.11
C.11. EtherIP
EtherIP Packets with invalid reserved bits
OID: 1.3.6.1.4.1.15397.2.1.157.4
OID: 1.3.6.1.4.1.15397.2.1.157.5
OID: 1.3.6.1.4.1.15397.2.1.157.3
OID: 1.3.6.1.4.1.15397.2.1.157.1
OID: 1.3.6.1.4.1.15397.2.1.157.2
C.12. Ethernet
802.1q encapsulated packets
This is the number of 802.1q encapsulated frames received. These frames have a VLAN ID, and a priority field, and are
also called 'trunked' or 'vlan trunked' packets.
OID: 1.3.6.1.4.1.15397.2.1.28.4
308
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.28.40
OID: 1.3.6.1.4.1.15397.2.1.28.39
Broadcast packets
This is the number of ethernet broadcast packets. Broadcast packets have 0xFF in the first byte of the ethernet destination
address.
OID: 1.3.6.1.4.1.15397.2.1.28.2
Divert packets
This is the number of packets received on divert channels.
OID: 1.3.6.1.4.1.15397.2.1.28.8
OID: 1.3.6.1.4.1.15397.2.1.28.30
OID: 1.3.6.1.4.1.15397.2.1.28.35
OID: 1.3.6.1.4.1.15397.2.1.28.6
OID: 1.3.6.1.4.1.15397.2.1.28.34
OID: 1.3.6.1.4.1.15397.2.1.28.5
Multicast packets
This is the number of ethernet multicast packets received. These packets have the first bit in the ethernet destination set,
but the first byte is not 0xFF (in which case it is a broadcast packet).
OID: 1.3.6.1.4.1.15397.2.1.28.3
OID: 1.3.6.1.4.1.15397.2.1.28.36
Non IP packets
This is the number of packets received that do not contain an IPv4 header. These are silently forwarded.
OID: 1.3.6.1.4.1.15397.2.1.28.7
309
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.28.33
OID: 1.3.6.1.4.1.15397.2.1.28.32
OID: 1.3.6.1.4.1.15397.2.1.28.31
OID: 1.3.6.1.4.1.15397.2.1.28.38
OID: 1.3.6.1.4.1.15397.2.1.28.29
OID: 1.3.6.1.4.1.15397.2.1.28.27
OID: 1.3.6.1.4.1.15397.2.1.28.25
OID: 1.3.6.1.4.1.15397.2.1.28.23
OID: 1.3.6.1.4.1.15397.2.1.28.37
OID: 1.3.6.1.4.1.15397.2.1.28.28
OID: 1.3.6.1.4.1.15397.2.1.28.26
OID: 1.3.6.1.4.1.15397.2.1.28.24
310
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.28.22
Unicast packets
This is the number of unicasted ethernet packets. These are all ethernet frames except multicast and broadcast packets.
OID: 1.3.6.1.4.1.15397.2.1.28.1
C.13. Filtering
Failed monitored packets
This is the number of monitored packets that failed to be duplicated to user space.
OID: 1.3.6.1.4.1.15397.2.1.80.9
OID: 1.3.6.1.4.1.15397.2.1.80.12
OID: 1.3.6.1.4.1.15397.2.1.80.11
Log entries
This is the number of log entries made.
OID: 1.3.6.1.4.1.15397.2.1.80.7
Monitored packets
This is the number of packets monitored.
OID: 1.3.6.1.4.1.15397.2.1.80.8
OID: 1.3.6.1.4.1.15397.2.1.80.13
OID: 1.3.6.1.4.1.15397.2.1.80.1
OID: 1.3.6.1.4.1.15397.2.1.80.5
OID: 1.3.6.1.4.1.15397.2.1.80.3
311
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.80.14
OID: 1.3.6.1.4.1.15397.2.1.80.10
OID: 1.3.6.1.4.1.15397.2.1.80.2
OID: 1.3.6.1.4.1.15397.2.1.80.4
C.14. GRE
RX data
Number of bytes of payload in GRE packets seen.
OID: 1.3.6.1.4.1.15397.2.1.131.3
RX packets
Number of GRE packets seen.
OID: 1.3.6.1.4.1.15397.2.1.131.2
C.15. GTP
RX data
Number of bytes of payload in GTP packets seen.
OID: 1.3.6.1.4.1.15397.2.1.129.3
RX packets
Number of GTP packets seen.
OID: 1.3.6.1.4.1.15397.2.1.129.2
312
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.155.7
OID: 1.3.6.1.4.1.15397.2.1.155.3
OID: 1.3.6.1.4.1.15397.2.1.155.2
OID: 1.3.6.1.4.1.15397.2.1.155.1
OID: 1.3.6.1.4.1.15397.2.1.155.5
OID: 1.3.6.1.4.1.15397.2.1.155.6
Version
OID: 1.3.6.1.4.1.15397.2.1.155.4
OID: 1.3.6.1.4.1.15397.2.1.156.1
OID: 1.3.6.1.4.1.15397.2.1.156.2
OID: 1.3.6.1.4.1.15397.2.1.156.3
OID: 1.3.6.1.4.1.15397.2.1.156.5
OID: 1.3.6.1.4.1.15397.2.1.156.4
OID: 1.3.6.1.4.1.15397.2.1.156.8
OID: 1.3.6.1.4.1.15397.2.1.156.7
Version in PLRCD
OID: 1.3.6.1.4.1.15397.2.1.156.6
313
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.143.3
OID: 1.3.6.1.4.1.15397.2.1.143.2
OID: 1.3.6.1.4.1.15397.2.1.143.14
OID: 1.3.6.1.4.1.15397.2.1.143.6
OID: 1.3.6.1.4.1.15397.2.1.143.7
OID: 1.3.6.1.4.1.15397.2.1.143.12
OID: 1.3.6.1.4.1.15397.2.1.143.13
OID: 1.3.6.1.4.1.15397.2.1.143.4
OID: 1.3.6.1.4.1.15397.2.1.143.5
OID: 1.3.6.1.4.1.15397.2.1.143.1
OID: 1.3.6.1.4.1.15397.2.1.143.9
OID: 1.3.6.1.4.1.15397.2.1.143.10
OID: 1.3.6.1.4.1.15397.2.1.143.11
OID: 1.3.6.1.4.1.15397.2.1.143.8
314
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.143.15
OID: 1.3.6.1.4.1.15397.2.1.146.3
OID: 1.3.6.1.4.1.15397.2.1.146.7
OID: 1.3.6.1.4.1.15397.2.1.146.6
OID: 1.3.6.1.4.1.15397.2.1.146.1
OID: 1.3.6.1.4.1.15397.2.1.146.5
Messages sent
OID: 1.3.6.1.4.1.15397.2.1.146.12
Missed send-deadlines
OID: 1.3.6.1.4.1.15397.2.1.146.4
Number of hosts
OID: 1.3.6.1.4.1.15397.2.1.146.2
OID: 1.3.6.1.4.1.15397.2.1.146.8
OID: 1.3.6.1.4.1.15397.2.1.146.9
C.20. ICMPv4
RX bytes
OID: 1.3.6.1.4.1.15397.2.1.49.2
RX packets
OID: 1.3.6.1.4.1.15397.2.1.49.1
Refused (ruleset)
315
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.49.3
Refused (short)
OID: 1.3.6.1.4.1.15397.2.1.49.4
C.21. ICMPv6
RX bytes
OID: 1.3.6.1.4.1.15397.2.1.50.2
RX packets
OID: 1.3.6.1.4.1.15397.2.1.50.1
Refused (ruleset)
OID: 1.3.6.1.4.1.15397.2.1.50.3
Refused (short)
OID: 1.3.6.1.4.1.15397.2.1.50.4
C.22. IPv4
Dropped fragments (timeout/LRU)
This is the number of times fragments have been dropped because the packet was not reassembled before the timeout,
or due to LRU allocation of newer fragments.
OID: 1.3.6.1.4.1.15397.2.1.32.21
OID: 1.3.6.1.4.1.15397.2.1.32.39
OID: 1.3.6.1.4.1.15397.2.1.32.40
OID: 1.3.6.1.4.1.15397.2.1.32.41
OID: 1.3.6.1.4.1.15397.2.1.32.15
316
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.32.16
Fragments in queue
This is the number of fragments buffered waiting for reassembly.
OID: 1.3.6.1.4.1.15397.2.1.32.11
OID: 1.3.6.1.4.1.15397.2.1.32.19
OID: 1.3.6.1.4.1.15397.2.1.32.17
RX data
This is the number of bytes received as IPv4 packets.
OID: 1.3.6.1.4.1.15397.2.1.32.2
RX packets
This is the number of packets received as IPv4 packets.
OID: 1.3.6.1.4.1.15397.2.1.32.1
Reassembled packets
This is the number of packets reassembled from fragments.
OID: 1.3.6.1.4.1.15397.2.1.32.20
OID: 1.3.6.1.4.1.15397.2.1.32.42
OID: 1.3.6.1.4.1.15397.2.1.32.4
OID: 1.3.6.1.4.1.15397.2.1.32.3
OID: 1.3.6.1.4.1.15397.2.1.32.44
OID: 1.3.6.1.4.1.15397.2.1.32.36
317
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.32.38
OID: 1.3.6.1.4.1.15397.2.1.32.43
OID: 1.3.6.1.4.1.15397.2.1.32.35
OID: 1.3.6.1.4.1.15397.2.1.32.37
C.23. IPv6
Destination Ext. Headers
This is the number of destination extension headers seen.
OID: 1.3.6.1.4.1.15397.2.1.126.22
OID: 1.3.6.1.4.1.15397.2.1.126.27
OID: 1.3.6.1.4.1.15397.2.1.126.33
OID: 1.3.6.1.4.1.15397.2.1.126.34
OID: 1.3.6.1.4.1.15397.2.1.126.35
OID: 1.3.6.1.4.1.15397.2.1.126.15
OID: 1.3.6.1.4.1.15397.2.1.126.16
Fragments in queue
This is the number of fragments buffered waiting for reassembly.
OID: 1.3.6.1.4.1.15397.2.1.126.11
318
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.126.23
OID: 1.3.6.1.4.1.15397.2.1.126.25
Overlapping Fragments
This is the number of overlapping fragments seen. These are not allowed and will be dropped.
OID: 1.3.6.1.4.1.15397.2.1.126.21
OID: 1.3.6.1.4.1.15397.2.1.126.19
RX data
This is the number of bytes received as IPv6 packets.
OID: 1.3.6.1.4.1.15397.2.1.126.2
RX packets
This is the number of packets received as IPv6 packets.
OID: 1.3.6.1.4.1.15397.2.1.126.1
Reassembled packets
This is the number of packets reassembled from fragments.
OID: 1.3.6.1.4.1.15397.2.1.126.20
Reassembly Timeout
This is the number of times fragmented packets have been discarded because it took too long to receive all fragments.
OID: 1.3.6.1.4.1.15397.2.1.126.26
OID: 1.3.6.1.4.1.15397.2.1.126.4
OID: 1.3.6.1.4.1.15397.2.1.126.3
OID: 1.3.6.1.4.1.15397.2.1.126.5
OID: 1.3.6.1.4.1.15397.2.1.126.24
319
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.126.37
OID: 1.3.6.1.4.1.15397.2.1.126.29
OID: 1.3.6.1.4.1.15397.2.1.126.31
OID: 1.3.6.1.4.1.15397.2.1.126.36
OID: 1.3.6.1.4.1.15397.2.1.126.28
OID: 1.3.6.1.4.1.15397.2.1.126.30
C.24. Insights
Datacore: Bytes sent
OID: 1.3.6.1.4.1.15397.2.1.145.5
OID: 1.3.6.1.4.1.15397.2.1.145.53
OID: 1.3.6.1.4.1.15397.2.1.145.4
OID: 1.3.6.1.4.1.15397.2.1.145.62
OID: 1.3.6.1.4.1.15397.2.1.145.61
OID: 1.3.6.1.4.1.15397.2.1.145.43
OID: 1.3.6.1.4.1.15397.2.1.145.83
320
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.145.84
OID: 1.3.6.1.4.1.15397.2.1.145.71
OID: 1.3.6.1.4.1.15397.2.1.145.67
OID: 1.3.6.1.4.1.15397.2.1.145.66
OID: 1.3.6.1.4.1.15397.2.1.145.24
OID: 1.3.6.1.4.1.15397.2.1.145.92
OID: 1.3.6.1.4.1.15397.2.1.145.91
OID: 1.3.6.1.4.1.15397.2.1.145.45
OID: 1.3.6.1.4.1.15397.2.1.145.58
OID: 1.3.6.1.4.1.15397.2.1.145.42
OID: 1.3.6.1.4.1.15397.2.1.145.76
OID: 1.3.6.1.4.1.15397.2.1.145.90
OID: 1.3.6.1.4.1.15397.2.1.145.89
OID: 1.3.6.1.4.1.15397.2.1.145.65
321
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.145.59
OID: 1.3.6.1.4.1.15397.2.1.145.19
OID: 1.3.6.1.4.1.15397.2.1.145.70
OID: 1.3.6.1.4.1.15397.2.1.145.54
OID: 1.3.6.1.4.1.15397.2.1.145.8
OID: 1.3.6.1.4.1.15397.2.1.145.55
OID: 1.3.6.1.4.1.15397.2.1.145.56
OID: 1.3.6.1.4.1.15397.2.1.145.18
OID: 1.3.6.1.4.1.15397.2.1.145.75
OID: 1.3.6.1.4.1.15397.2.1.145.63
C.25. Interface
Flow updates missed
OID: 1.3.6.1.4.1.15397.2.1.120.11
OID: 1.3.6.1.4.1.15397.2.1.120.13
Hostname allocations
OID: 1.3.6.1.4.1.15397.2.1.120.15
New flows
OID: 1.3.6.1.4.1.15397.2.1.120.12
322
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.120.10
OID: 1.3.6.1.4.1.15397.2.1.120.9
OID: 1.3.6.1.4.1.15397.2.1.120.14
Sent to engine
OID: 1.3.6.1.4.1.15397.2.1.120.8
OID: 1.3.6.1.4.1.15397.2.1.139.21
OID: 1.3.6.1.4.1.15397.2.1.139.1
Connection updates
The number of connection updates per second received by the IPFIX exporter. If the system configuration value
IPFIX_FLOW_DEFINITION is set to intermediate flow, each connection update that matches a statistics rule with an
associated IPFIXObject will generate one record per IPFIXObject that it matches. In case of full flow IPFIX configuration,
only the final connection update will generate IPFIX records.
OID: 1.3.6.1.4.1.15397.2.1.139.2
Connects
The number of times the current running IPFIX exporter has connected to packetlogicd. If the value is increased
unexpectedly, the IPFIX exporter has been disconnected.
OID: 1.3.6.1.4.1.15397.2.1.139.12
OID: 1.3.6.1.4.1.15397.2.1.139.18
OID: 1.3.6.1.4.1.15397.2.1.139.19
OID: 1.3.6.1.4.1.15397.2.1.139.20
Dropped records
The number of records that have been dropped. An IPFIX record will be dropped if the size of the record exceeds the
maximum message size (set by the system configuration value IPFIX_MESSAGE_MAX_LENGTH). To avoid drops due to
size, large IPFIX templates may be split into smaller templates. This will result in more but smaller IPFIX records.
323
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.139.8
OID: 1.3.6.1.4.1.15397.2.1.139.9
OID: 1.3.6.1.4.1.15397.2.1.139.7
Exported Records
The number of IPFIX data records that has been exported.
OID: 1.3.6.1.4.1.15397.2.1.139.10
OID: 1.3.6.1.4.1.15397.2.1.139.11
C.27. L2TP
Control RX data
The number of payload bytes in L2TP control packets seen.
OID: 1.3.6.1.4.1.15397.2.1.132.27
Control RX packets
The number of L2TP control packets seen.
OID: 1.3.6.1.4.1.15397.2.1.132.26
OID: 1.3.6.1.4.1.15397.2.1.132.20
OID: 1.3.6.1.4.1.15397.2.1.132.22
OID: 1.3.6.1.4.1.15397.2.1.132.24
OID: 1.3.6.1.4.1.15397.2.1.132.23
OID: 1.3.6.1.4.1.15397.2.1.132.25
OID: 1.3.6.1.4.1.15397.2.1.132.21
324
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.132.9
OID: 1.3.6.1.4.1.15397.2.1.132.7
OID: 1.3.6.1.4.1.15397.2.1.132.8
OID: 1.3.6.1.4.1.15397.2.1.132.4
OID: 1.3.6.1.4.1.15397.2.1.132.5
OID: 1.3.6.1.4.1.15397.2.1.132.6
RX data
The number of payload bytes in L2TP packets seen.
OID: 1.3.6.1.4.1.15397.2.1.132.3
RX packets
The number of L2TP packets seen.
OID: 1.3.6.1.4.1.15397.2.1.132.2
OID: 1.3.6.1.4.1.15397.2.1.153.14
Hosts Created
OID: 1.3.6.1.4.1.15397.2.1.153.2
Hosts Deleted
OID: 1.3.6.1.4.1.15397.2.1.153.3
Number of Hosts
OID: 1.3.6.1.4.1.15397.2.1.153.1
Port Devices
325
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.153.9
OID: 1.3.6.1.4.1.15397.2.1.153.10
OID: 1.3.6.1.4.1.15397.2.1.153.11
OID: 1.3.6.1.4.1.15397.2.1.153.13
Timestamp Devices
OID: 1.3.6.1.4.1.15397.2.1.153.4
OID: 1.3.6.1.4.1.15397.2.1.153.5
OID: 1.3.6.1.4.1.15397.2.1.153.6
OID: 1.3.6.1.4.1.15397.2.1.153.8
C.29. Liveview
Active hosts
This is the number of hosts seen in the traffic belonging to the network(s) connected to an internal channel interface.
OID: 1.3.6.1.4.1.15397.2.1.134.4
OID: 1.3.6.1.4.1.15397.2.1.134.47
OID: 1.3.6.1.4.1.15397.2.1.134.53
OID: 1.3.6.1.4.1.15397.2.1.134.3
Connected clients
This is the total number of clients connected to PLD.
OID: 1.3.6.1.4.1.15397.2.1.134.2
DRDL revision
This is the revision number on the DRDL Application Recognition Module (ARM) currently installed.
326
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.134.7
OID: 1.3.6.1.4.1.15397.2.1.134.20
OID: 1.3.6.1.4.1.15397.2.1.134.14
OID: 1.3.6.1.4.1.15397.2.1.134.48
OID: 1.3.6.1.4.1.15397.2.1.134.51
OID: 1.3.6.1.4.1.15397.2.1.134.52
OID: 1.3.6.1.4.1.15397.2.1.134.23
OID: 1.3.6.1.4.1.15397.2.1.134.29
Properties stored
OID: 1.3.6.1.4.1.15397.2.1.134.17
OID: 1.3.6.1.4.1.15397.2.1.134.16
OID: 1.3.6.1.4.1.15397.2.1.134.15
OID: 1.3.6.1.4.1.15397.2.1.134.21
OID: 1.3.6.1.4.1.15397.2.1.134.22
OID: 1.3.6.1.4.1.15397.2.1.134.39
OID: 1.3.6.1.4.1.15397.2.1.134.40
327
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.134.50
OID: 1.3.6.1.4.1.15397.2.1.134.10
OID: 1.3.6.1.4.1.15397.2.1.134.18
Uptime
OID: 1.3.6.1.4.1.15397.2.1.134.1
Visible NetObjects
This is the number of visible NetObjects in the rule set.
OID: 1.3.6.1.4.1.15397.2.1.134.5
OID: 1.3.6.1.4.1.15397.2.1.134.8
OID: 1.3.6.1.4.1.15397.2.1.135.51
Blacklisted packets
This is the number of packets shunted or dropped due to blacklisting in the load balancer.
OID: 1.3.6.1.4.1.15397.2.1.135.52
CPU load
CPU load on the load balancer CPU.
OID: 1.3.6.1.4.1.15397.2.1.135.40
OID: 1.3.6.1.4.1.15397.2.1.135.83
CPU uptime
Uptime of the load balancer.
OID: 1.3.6.1.4.1.15397.2.1.135.39
OID: 1.3.6.1.4.1.15397.2.1.135.82
328
Appendix C. System Diagnostics Values
Fabrics allowed
This is a bitmask representation of the switch fabrics allowed to use for communication with flow processors (as defined
by system configuration value LB_FABRICS_ALLOW.
OID: 1.3.6.1.4.1.15397.2.1.135.62
OID: 1.3.6.1.4.1.15397.2.1.135.49
OID: 1.3.6.1.4.1.15397.2.1.135.14
OID: 1.3.6.1.4.1.15397.2.1.135.96
Logical ID
This is the logical ID of the load balancer CPU.
OID: 1.3.6.1.4.1.15397.2.1.135.45
OID: 1.3.6.1.4.1.15397.2.1.135.2
Moved buckets
This is the number of buckets that have been moved to a different flow processor by the load balancer.
OID: 1.3.6.1.4.1.15397.2.1.135.50
OID: 1.3.6.1.4.1.15397.2.1.135.1
OID: 1.3.6.1.4.1.15397.2.1.135.3
RX bytes external
This is the number of bytes of data received by the load balancer from the external channel interface(s).
OID: 1.3.6.1.4.1.15397.2.1.135.7
RX bytes internal
This is the number of bytes of data received by the load balancer from the internal channel interface(s).
OID: 1.3.6.1.4.1.15397.2.1.135.6
RX drops external
OID: 1.3.6.1.4.1.15397.2.1.135.54
RX drops internal
OID: 1.3.6.1.4.1.15397.2.1.135.53
329
Appendix C. System Diagnostics Values
RX errors external
This is the number of errors in packet reception from the external channel interface(s).
OID: 1.3.6.1.4.1.15397.2.1.135.9
RX errors internal
This is the number of errors in packet reception from the internal channel interface(s).
OID: 1.3.6.1.4.1.15397.2.1.135.8
RX packets external
This is the number of packets of data received by the load balancer from the external channel interface(s).
OID: 1.3.6.1.4.1.15397.2.1.135.5
RX packets internal
This is the number of packets of data received by the load balancer from the internal channel interface(s).
OID: 1.3.6.1.4.1.15397.2.1.135.4
OID: 1.3.6.1.4.1.15397.2.1.135.100
OID: 1.3.6.1.4.1.15397.2.1.135.38
OID: 1.3.6.1.4.1.15397.2.1.135.89
OID: 1.3.6.1.4.1.15397.2.1.135.18
OID: 1.3.6.1.4.1.15397.2.1.135.22
OID: 1.3.6.1.4.1.15397.2.1.135.93
OID: 1.3.6.1.4.1.15397.2.1.135.44
OID: 1.3.6.1.4.1.15397.2.1.135.34
OID: 1.3.6.1.4.1.15397.2.1.135.30
OID: 1.3.6.1.4.1.15397.2.1.135.26
330
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.135.99
OID: 1.3.6.1.4.1.15397.2.1.135.37
OID: 1.3.6.1.4.1.15397.2.1.135.88
OID: 1.3.6.1.4.1.15397.2.1.135.17
OID: 1.3.6.1.4.1.15397.2.1.135.21
OID: 1.3.6.1.4.1.15397.2.1.135.92
OID: 1.3.6.1.4.1.15397.2.1.135.43
OID: 1.3.6.1.4.1.15397.2.1.135.33
OID: 1.3.6.1.4.1.15397.2.1.135.29
OID: 1.3.6.1.4.1.15397.2.1.135.25
OID: 1.3.6.1.4.1.15397.2.1.135.98
OID: 1.3.6.1.4.1.15397.2.1.135.36
OID: 1.3.6.1.4.1.15397.2.1.135.87
OID: 1.3.6.1.4.1.15397.2.1.135.16
331
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.135.20
OID: 1.3.6.1.4.1.15397.2.1.135.91
OID: 1.3.6.1.4.1.15397.2.1.135.42
OID: 1.3.6.1.4.1.15397.2.1.135.32
OID: 1.3.6.1.4.1.15397.2.1.135.28
OID: 1.3.6.1.4.1.15397.2.1.135.24
OID: 1.3.6.1.4.1.15397.2.1.135.97
OID: 1.3.6.1.4.1.15397.2.1.135.35
OID: 1.3.6.1.4.1.15397.2.1.135.86
OID: 1.3.6.1.4.1.15397.2.1.135.15
OID: 1.3.6.1.4.1.15397.2.1.135.19
OID: 1.3.6.1.4.1.15397.2.1.135.90
OID: 1.3.6.1.4.1.15397.2.1.135.41
OID: 1.3.6.1.4.1.15397.2.1.135.31
OID: 1.3.6.1.4.1.15397.2.1.135.27
OID: 1.3.6.1.4.1.15397.2.1.135.23
332
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.135.75
OID: 1.3.6.1.4.1.15397.2.1.135.74
OID: 1.3.6.1.4.1.15397.2.1.135.81
OID: 1.3.6.1.4.1.15397.2.1.135.80
OID: 1.3.6.1.4.1.15397.2.1.135.69
OID: 1.3.6.1.4.1.15397.2.1.135.68
TX direct external
This is the number of packets forwarded directly to the external channel interface(s) without being processed by a flow
processor.
OID: 1.3.6.1.4.1.15397.2.1.135.11
TX direct internal
This is the number of packets forwarded directly to the internal channel interface(s) without being processed by a flow
processor.
OID: 1.3.6.1.4.1.15397.2.1.135.10
OID: 1.3.6.1.4.1.15397.2.1.135.71
OID: 1.3.6.1.4.1.15397.2.1.135.70
OID: 1.3.6.1.4.1.15397.2.1.135.77
OID: 1.3.6.1.4.1.15397.2.1.135.76
OID: 1.3.6.1.4.1.15397.2.1.135.67
OID: 1.3.6.1.4.1.15397.2.1.135.66
TX drops external
This is the number of packets dropped in transmission on the external channel interface(s).
333
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.135.13
TX drops internal
This is the number of packets dropped in transmission on the internal channel interface(s).
OID: 1.3.6.1.4.1.15397.2.1.135.12
TX packets FP external
OID: 1.3.6.1.4.1.15397.2.1.135.48
TX packets FP flowsync
OID: 1.3.6.1.4.1.15397.2.1.135.46
TX packets FP internal
OID: 1.3.6.1.4.1.15397.2.1.135.47
OID: 1.3.6.1.4.1.15397.2.1.135.73
OID: 1.3.6.1.4.1.15397.2.1.135.72
OID: 1.3.6.1.4.1.15397.2.1.135.79
OID: 1.3.6.1.4.1.15397.2.1.135.78
OID: 1.3.6.1.4.1.15397.2.1.135.56
OID: 1.3.6.1.4.1.15397.2.1.135.55
C.31. NAT
Faulty pool configuration of low port blocks
OID: 1.3.6.1.4.1.15397.2.1.142.9
OID: 1.3.6.1.4.1.15397.2.1.142.6
Number of pools
The number of pools of NAT IP addresses.
OID: 1.3.6.1.4.1.15397.2.1.142.5
334
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.142.3
OID: 1.3.6.1.4.1.15397.2.1.142.1
OID: 1.3.6.1.4.1.15397.2.1.142.11
OID: 1.3.6.1.4.1.15397.2.1.142.10
C.32. Natsync
Checksum mismatch in received sync
OID: 1.3.6.1.4.1.15397.2.1.61.9
OID: 1.3.6.1.4.1.15397.2.1.61.3
OID: 1.3.6.1.4.1.15397.2.1.61.2
C.33. PPPoE
Control packets
This is the number of PPPoE control packets received.
OID: 1.3.6.1.4.1.15397.2.1.96.3
IPv4 packets
This is the number of IPv4 packets received in PPPoE frames.
OID: 1.3.6.1.4.1.15397.2.1.96.6
IPv6 packets
This is the number of IPv6 packets received in PPPoE frames.
OID: 1.3.6.1.4.1.15397.2.1.96.8
Non IP packets
This is the number of non-IP packets received in PPPoE frames.
335
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.96.7
OID: 1.3.6.1.4.1.15397.2.1.96.2
Padded packets
This is the number of padded PPPoE frames received.
OID: 1.3.6.1.4.1.15397.2.1.96.5
OID: 1.3.6.1.4.1.15397.2.1.96.1
OID: 1.3.6.1.4.1.15397.2.1.96.4
OID: 1.3.6.1.4.1.15397.2.1.8.15
CPU uptime
This is the time a packet processor CPU has been running.
OID: 1.3.6.1.4.1.15397.2.1.8.17
Free memory
This is the amount of free memory available to a packet processor CPU.
OID: 1.3.6.1.4.1.15397.2.1.8.16
Overload mode
An integer representing the current overload mode state. 0 means normal operation, 1 means DRDL disabled, and 2
means blind forwarding.
OID: 1.3.6.1.4.1.15397.2.1.8.27
OID: 1.3.6.1.4.1.15397.2.1.8.10
RX drops
This is the number of packets dropped on reception by each flow processor and thread.
OID: 1.3.6.1.4.1.15397.2.1.8.2
RX packets
This is the number of packets received by each flow processor and thread.
336
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.8.1
OID: 1.3.6.1.4.1.15397.2.1.8.35
OID: 1.3.6.1.4.1.15397.2.1.8.36
OID: 1.3.6.1.4.1.15397.2.1.8.38
TX drops
This is the number of packets dropped on transmission by each flow processor and thread.
OID: 1.3.6.1.4.1.15397.2.1.8.7
TX packets
This is the number of packets transmitted by each flow processor and thread.
OID: 1.3.6.1.4.1.15397.2.1.8.6
OID: 1.3.6.1.4.1.15397.2.1.123.13
OID: 1.3.6.1.4.1.15397.2.1.123.14
OID: 1.3.6.1.4.1.15397.2.1.123.17
OID: 1.3.6.1.4.1.15397.2.1.123.18
OID: 1.3.6.1.4.1.15397.2.1.123.30
OID: 1.3.6.1.4.1.15397.2.1.123.32
OID: 1.3.6.1.4.1.15397.2.1.123.31
337
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.123.28
OID: 1.3.6.1.4.1.15397.2.1.123.27
OID: 1.3.6.1.4.1.15397.2.1.123.29
OID: 1.3.6.1.4.1.15397.2.1.123.34
OID: 1.3.6.1.4.1.15397.2.1.123.33
OID: 1.3.6.1.4.1.15397.2.1.123.25
OID: 1.3.6.1.4.1.15397.2.1.123.26
OID: 1.3.6.1.4.1.15397.2.1.123.24
OID: 1.3.6.1.4.1.15397.2.1.123.23
OID: 1.3.6.1.4.1.15397.2.1.123.21
OID: 1.3.6.1.4.1.15397.2.1.123.9
OID: 1.3.6.1.4.1.15397.2.1.123.22
OID: 1.3.6.1.4.1.15397.2.1.123.12
OID: 1.3.6.1.4.1.15397.2.1.123.8
338
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.123.16
OID: 1.3.6.1.4.1.15397.2.1.123.5
OID: 1.3.6.1.4.1.15397.2.1.123.7
OID: 1.3.6.1.4.1.15397.2.1.123.4
OID: 1.3.6.1.4.1.15397.2.1.123.6
OID: 1.3.6.1.4.1.15397.2.1.123.3
OID: 1.3.6.1.4.1.15397.2.1.123.1
OID: 1.3.6.1.4.1.15397.2.1.123.2
C.36. Rewrite
Fragmented header ignored (GRE)
OID: 1.3.6.1.4.1.15397.2.1.141.181
OID: 1.3.6.1.4.1.15397.2.1.141.182
OID: 1.3.6.1.4.1.15397.2.1.141.20
OID: 1.3.6.1.4.1.15397.2.1.141.19
339
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.15
OID: 1.3.6.1.4.1.15397.2.1.141.14
OID: 1.3.6.1.4.1.15397.2.1.141.24
OID: 1.3.6.1.4.1.15397.2.1.141.18
OID: 1.3.6.1.4.1.15397.2.1.141.26
OID: 1.3.6.1.4.1.15397.2.1.141.27
OID: 1.3.6.1.4.1.15397.2.1.141.29
OID: 1.3.6.1.4.1.15397.2.1.141.28
OID: 1.3.6.1.4.1.15397.2.1.141.30
OID: 1.3.6.1.4.1.15397.2.1.141.25
OID: 1.3.6.1.4.1.15397.2.1.141.16
OID: 1.3.6.1.4.1.15397.2.1.141.17
Mappings count
Current number of mappings. This is the sum of the individual values for ICMP, TCP, and UDP.
OID: 1.3.6.1.4.1.15397.2.1.141.10
340
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.23
OID: 1.3.6.1.4.1.15397.2.1.141.13
OID: 1.3.6.1.4.1.15397.2.1.141.11
OID: 1.3.6.1.4.1.15397.2.1.141.12
Mappings created
Number of mappings created since last start. This is the sum of the individual values for ICMP, TCP, and UDP.
OID: 1.3.6.1.4.1.15397.2.1.141.1
OID: 1.3.6.1.4.1.15397.2.1.141.21
OID: 1.3.6.1.4.1.15397.2.1.141.4
OID: 1.3.6.1.4.1.15397.2.1.141.2
OID: 1.3.6.1.4.1.15397.2.1.141.3
Mappings deleted
Number of mappings deleted since last start.
OID: 1.3.6.1.4.1.15397.2.1.141.9
Mappings reused
Number of mappings that have been reused. This is the sum of the individual values for ICMP, TCP, and UDP.
OID: 1.3.6.1.4.1.15397.2.1.141.5
OID: 1.3.6.1.4.1.15397.2.1.141.22
OID: 1.3.6.1.4.1.15397.2.1.141.8
341
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.6
OID: 1.3.6.1.4.1.15397.2.1.141.7
OID: 1.3.6.1.4.1.15397.2.1.141.140
OID: 1.3.6.1.4.1.15397.2.1.141.139
OID: 1.3.6.1.4.1.15397.2.1.141.138
OID: 1.3.6.1.4.1.15397.2.1.141.137
OID: 1.3.6.1.4.1.15397.2.1.141.208
OID: 1.3.6.1.4.1.15397.2.1.141.205
OID: 1.3.6.1.4.1.15397.2.1.141.204
OID: 1.3.6.1.4.1.15397.2.1.141.206
OID: 1.3.6.1.4.1.15397.2.1.141.152
OID: 1.3.6.1.4.1.15397.2.1.141.173
OID: 1.3.6.1.4.1.15397.2.1.141.168
OID: 1.3.6.1.4.1.15397.2.1.141.172
342
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.159
OID: 1.3.6.1.4.1.15397.2.1.141.161
OID: 1.3.6.1.4.1.15397.2.1.141.160
OID: 1.3.6.1.4.1.15397.2.1.141.169
OID: 1.3.6.1.4.1.15397.2.1.141.171
OID: 1.3.6.1.4.1.15397.2.1.141.170
OID: 1.3.6.1.4.1.15397.2.1.141.162
OID: 1.3.6.1.4.1.15397.2.1.141.164
OID: 1.3.6.1.4.1.15397.2.1.141.163
OID: 1.3.6.1.4.1.15397.2.1.141.167
OID: 1.3.6.1.4.1.15397.2.1.141.166
Pools
Number of pools available from which IP addresses can be allocated.
OID: 1.3.6.1.4.1.15397.2.1.141.151
343
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.126
OID: 1.3.6.1.4.1.15397.2.1.141.128
OID: 1.3.6.1.4.1.15397.2.1.141.127
OID: 1.3.6.1.4.1.15397.2.1.141.132
OID: 1.3.6.1.4.1.15397.2.1.141.134
OID: 1.3.6.1.4.1.15397.2.1.141.133
Port block assignment failures - low (cache empty, retry with high)
Number of times a port block in the low port range (1023 and below) could not be assigned because the cache in the
engine was empty. When a port block assignment in the low port range fails, engine will try to assign in the high port range.
OID: 1.3.6.1.4.1.15397.2.1.141.131
OID: 1.3.6.1.4.1.15397.2.1.141.129
Port block assignment failures - low (subscriber limit reached, retry with high)
Number of times a port block assignment in the low port range (1023 and below) failed because the per-subscriber
low port block limit is reached. When a port block assignment in the low port range fails, engine will try to assign in the
high port range.
OID: 1.3.6.1.4.1.15397.2.1.141.130
OID: 1.3.6.1.4.1.15397.2.1.141.136
OID: 1.3.6.1.4.1.15397.2.1.141.135
344
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.125
OID: 1.3.6.1.4.1.15397.2.1.141.121
OID: 1.3.6.1.4.1.15397.2.1.141.124
OID: 1.3.6.1.4.1.15397.2.1.141.122
OID: 1.3.6.1.4.1.15397.2.1.141.123
OID: 1.3.6.1.4.1.15397.2.1.141.200
OID: 1.3.6.1.4.1.15397.2.1.141.201
OID: 1.3.6.1.4.1.15397.2.1.141.202
OID: 1.3.6.1.4.1.15397.2.1.141.80
OID: 1.3.6.1.4.1.15397.2.1.141.84
OID: 1.3.6.1.4.1.15397.2.1.141.83
OID: 1.3.6.1.4.1.15397.2.1.141.81
OID: 1.3.6.1.4.1.15397.2.1.141.82
OID: 1.3.6.1.4.1.15397.2.1.141.85
345
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.89
OID: 1.3.6.1.4.1.15397.2.1.141.88
OID: 1.3.6.1.4.1.15397.2.1.141.86
OID: 1.3.6.1.4.1.15397.2.1.141.87
OID: 1.3.6.1.4.1.15397.2.1.141.203
OID: 1.3.6.1.4.1.15397.2.1.141.207
OID: 1.3.6.1.4.1.15397.2.1.141.77
OID: 1.3.6.1.4.1.15397.2.1.141.107
OID: 1.3.6.1.4.1.15397.2.1.141.47
OID: 1.3.6.1.4.1.15397.2.1.141.76
OID: 1.3.6.1.4.1.15397.2.1.141.106
OID: 1.3.6.1.4.1.15397.2.1.141.46
346
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.79
OID: 1.3.6.1.4.1.15397.2.1.141.109
OID: 1.3.6.1.4.1.15397.2.1.141.49
OID: 1.3.6.1.4.1.15397.2.1.141.78
OID: 1.3.6.1.4.1.15397.2.1.141.108
OID: 1.3.6.1.4.1.15397.2.1.141.48
OID: 1.3.6.1.4.1.15397.2.1.141.104
OID: 1.3.6.1.4.1.15397.2.1.141.44
OID: 1.3.6.1.4.1.15397.2.1.141.73
OID: 1.3.6.1.4.1.15397.2.1.141.50
OID: 1.3.6.1.4.1.15397.2.1.141.72
347
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.103
OID: 1.3.6.1.4.1.15397.2.1.141.43
OID: 1.3.6.1.4.1.15397.2.1.141.71
OID: 1.3.6.1.4.1.15397.2.1.141.102
OID: 1.3.6.1.4.1.15397.2.1.141.42
OID: 1.3.6.1.4.1.15397.2.1.141.69
OID: 1.3.6.1.4.1.15397.2.1.141.100
OID: 1.3.6.1.4.1.15397.2.1.141.40
OID: 1.3.6.1.4.1.15397.2.1.141.74
OID: 1.3.6.1.4.1.15397.2.1.141.70
OID: 1.3.6.1.4.1.15397.2.1.141.101
348
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.41
OID: 1.3.6.1.4.1.15397.2.1.141.183
OID: 1.3.6.1.4.1.15397.2.1.141.184
OID: 1.3.6.1.4.1.15397.2.1.141.185
OID: 1.3.6.1.4.1.15397.2.1.141.110
OID: 1.3.6.1.4.1.15397.2.1.141.65
OID: 1.3.6.1.4.1.15397.2.1.141.96
OID: 1.3.6.1.4.1.15397.2.1.141.36
OID: 1.3.6.1.4.1.15397.2.1.141.68
OID: 1.3.6.1.4.1.15397.2.1.141.99
OID: 1.3.6.1.4.1.15397.2.1.141.39
OID: 1.3.6.1.4.1.15397.2.1.141.66
OID: 1.3.6.1.4.1.15397.2.1.141.97
349
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.37
OID: 1.3.6.1.4.1.15397.2.1.141.67
OID: 1.3.6.1.4.1.15397.2.1.141.98
OID: 1.3.6.1.4.1.15397.2.1.141.38
OID: 1.3.6.1.4.1.15397.2.1.141.60
OID: 1.3.6.1.4.1.15397.2.1.141.91
OID: 1.3.6.1.4.1.15397.2.1.141.31
OID: 1.3.6.1.4.1.15397.2.1.141.63
OID: 1.3.6.1.4.1.15397.2.1.141.94
OID: 1.3.6.1.4.1.15397.2.1.141.34
OID: 1.3.6.1.4.1.15397.2.1.141.61
OID: 1.3.6.1.4.1.15397.2.1.141.92
350
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.141.32
OID: 1.3.6.1.4.1.15397.2.1.141.62
OID: 1.3.6.1.4.1.15397.2.1.141.93
OID: 1.3.6.1.4.1.15397.2.1.141.33
OID: 1.3.6.1.4.1.15397.2.1.141.64
OID: 1.3.6.1.4.1.15397.2.1.141.95
OID: 1.3.6.1.4.1.15397.2.1.141.35
OID: 1.3.6.1.4.1.15397.2.1.147.31
OID: 1.3.6.1.4.1.15397.2.1.147.11
OID: 1.3.6.1.4.1.15397.2.1.147.83
OID: 1.3.6.1.4.1.15397.2.1.147.84
OID: 1.3.6.1.4.1.15397.2.1.147.82
OID: 1.3.6.1.4.1.15397.2.1.147.81
351
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.147.4
OID: 1.3.6.1.4.1.15397.2.1.147.5
OID: 1.3.6.1.4.1.15397.2.1.147.2
OID: 1.3.6.1.4.1.15397.2.1.147.1
OID: 1.3.6.1.4.1.15397.2.1.147.3
OID: 1.3.6.1.4.1.15397.2.1.147.71
OID: 1.3.6.1.4.1.15397.2.1.147.91
Ruleset prefixes error: Number of bitmask that was too large for max bitmask size
OID: 1.3.6.1.4.1.15397.2.1.147.69
OID: 1.3.6.1.4.1.15397.2.1.147.63
OID: 1.3.6.1.4.1.15397.2.1.147.65
Ruleset prefixes error: Storage for compiled bitmask used by compiled prefixes is full
OID: 1.3.6.1.4.1.15397.2.1.147.68
OID: 1.3.6.1.4.1.15397.2.1.147.61
OID: 1.3.6.1.4.1.15397.2.1.147.66
OID: 1.3.6.1.4.1.15397.2.1.147.62
OID: 1.3.6.1.4.1.15397.2.1.147.64
OID: 1.3.6.1.4.1.15397.2.1.147.41
352
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.138.3
OID: 1.3.6.1.4.1.15397.2.1.138.1
OID: 1.3.6.1.4.1.15397.2.1.138.2
OID: 1.3.6.1.4.1.15397.2.1.121.6
OID: 1.3.6.1.4.1.15397.2.1.121.63
OID: 1.3.6.1.4.1.15397.2.1.121.52
OID: 1.3.6.1.4.1.15397.2.1.121.1
OID: 1.3.6.1.4.1.15397.2.1.121.5
OID: 1.3.6.1.4.1.15397.2.1.121.11
OID: 1.3.6.1.4.1.15397.2.1.121.9
OID: 1.3.6.1.4.1.15397.2.1.121.15
OID: 1.3.6.1.4.1.15397.2.1.121.44
353
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.121.12
OID: 1.3.6.1.4.1.15397.2.1.121.4
OID: 1.3.6.1.4.1.15397.2.1.121.40
OID: 1.3.6.1.4.1.15397.2.1.121.42
OID: 1.3.6.1.4.1.15397.2.1.121.30
OID: 1.3.6.1.4.1.15397.2.1.121.32
OID: 1.3.6.1.4.1.15397.2.1.121.33
OID: 1.3.6.1.4.1.15397.2.1.121.35
OID: 1.3.6.1.4.1.15397.2.1.121.36
OID: 1.3.6.1.4.1.15397.2.1.121.38
OID: 1.3.6.1.4.1.15397.2.1.121.60
OID: 1.3.6.1.4.1.15397.2.1.121.61
OID: 1.3.6.1.4.1.15397.2.1.121.18
OID: 1.3.6.1.4.1.15397.2.1.121.19
354
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.64.66
OID: 1.3.6.1.4.1.15397.2.1.64.10
OID: 1.3.6.1.4.1.15397.2.1.64.53
OID: 1.3.6.1.4.1.15397.2.1.64.9
OID: 1.3.6.1.4.1.15397.2.1.64.65
OID: 1.3.6.1.4.1.15397.2.1.64.67
OID: 1.3.6.1.4.1.15397.2.1.64.54
OID: 1.3.6.1.4.1.15397.2.1.64.57
OID: 1.3.6.1.4.1.15397.2.1.64.60
OID: 1.3.6.1.4.1.15397.2.1.64.56
OID: 1.3.6.1.4.1.15397.2.1.64.55
OID: 1.3.6.1.4.1.15397.2.1.64.47
OID: 1.3.6.1.4.1.15397.2.1.64.46
OID: 1.3.6.1.4.1.15397.2.1.64.23
OID: 1.3.6.1.4.1.15397.2.1.64.61
355
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.64.62
OID: 1.3.6.1.4.1.15397.2.1.64.64
OID: 1.3.6.1.4.1.15397.2.1.64.63
OID: 1.3.6.1.4.1.15397.2.1.64.26
OID: 1.3.6.1.4.1.15397.2.1.64.22
OID: 1.3.6.1.4.1.15397.2.1.64.37
OID: 1.3.6.1.4.1.15397.2.1.64.59
OID: 1.3.6.1.4.1.15397.2.1.64.58
OID: 1.3.6.1.4.1.15397.2.1.64.44
OID: 1.3.6.1.4.1.15397.2.1.64.43
OID: 1.3.6.1.4.1.15397.2.1.64.40
OID: 1.3.6.1.4.1.15397.2.1.152.12
OID: 1.3.6.1.4.1.15397.2.1.152.13
356
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.152.16
OID: 1.3.6.1.4.1.15397.2.1.152.4
Connected clients
Number of connected provisioning clients (e.g PSM).
OID: 1.3.6.1.4.1.15397.2.1.152.3
Counters Dropped
Number of counters dropped due to serialization error.
OID: 1.3.6.1.4.1.15397.2.1.152.15
Counters in flight
Number of accounting messages sent but not yet acknowledged by the provisioning client (e.g PSM).
OID: 1.3.6.1.4.1.15397.2.1.152.9
Counters sent
Number of accounting messages sent to provisioning clients (e.g PSM). One accounting message includes all counters
(as defined in the schema) for a single session context row. Messages are sent when a row is either deprovisioned or
when at least one of the counters reached its configured threshold.
OID: 1.3.6.1.4.1.15397.2.1.152.8
OID: 1.3.6.1.4.1.15397.2.1.152.5
OID: 1.3.6.1.4.1.15397.2.1.152.10
OID: 1.3.6.1.4.1.15397.2.1.152.7
OID: 1.3.6.1.4.1.15397.2.1.152.6
Overlapping provisioning
Accumulated number of session context rows covered by other rows and subsequently ignored.
OID: 1.3.6.1.4.1.15397.2.1.152.11
Registered schema
Number of registered session context schemas.
357
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.152.1
OID: 1.3.6.1.4.1.15397.2.1.152.2
OID: 1.3.6.1.4.1.15397.2.1.152.14
OID: 1.3.6.1.4.1.15397.2.1.150.1
OID: 1.3.6.1.4.1.15397.2.1.150.5
OID: 1.3.6.1.4.1.15397.2.1.150.7
OID: 1.3.6.1.4.1.15397.2.1.150.6
OID: 1.3.6.1.4.1.15397.2.1.150.9
Lookups
OID: 1.3.6.1.4.1.15397.2.1.150.8
OID: 1.3.6.1.4.1.15397.2.1.150.3
OID: 1.3.6.1.4.1.15397.2.1.150.2
OID: 1.3.6.1.4.1.15397.2.1.150.4
Unmatched bytes
This is the amount of bandwidth not being provisioned through session context.
OID: 1.3.6.1.4.1.15397.2.1.150.11
358
Appendix C. System Diagnostics Values
Unmatched connections
This is the number of connections not being provisioned through session context.
OID: 1.3.6.1.4.1.15397.2.1.150.10
C.43. Shaping
AQM packet drops
OID: 1.3.6.1.4.1.15397.2.1.88.74
OID: 1.3.6.1.4.1.15397.2.1.88.8
OID: 1.3.6.1.4.1.15397.2.1.88.48
OID: 1.3.6.1.4.1.15397.2.1.88.64
Dequeued bytes
This is the number of bytes dequeued from the shaping queues.
OID: 1.3.6.1.4.1.15397.2.1.88.12
Dequeued packets
This is the number of packets dequeued from the shaping queues.
OID: 1.3.6.1.4.1.15397.2.1.88.2
OID: 1.3.6.1.4.1.15397.2.1.88.45
OID: 1.3.6.1.4.1.15397.2.1.88.44
OID: 1.3.6.1.4.1.15397.2.1.88.73
Enqueued bytes
This is the number of bytes enqueued to the shaping queues.
OID: 1.3.6.1.4.1.15397.2.1.88.11
359
Appendix C. System Diagnostics Values
Enqueued packets
This is the number of packets enqueued to the shaping queues.
OID: 1.3.6.1.4.1.15397.2.1.88.1
OID: 1.3.6.1.4.1.15397.2.1.88.79
OID: 1.3.6.1.4.1.15397.2.1.88.78
Failures to set speed from session context value - too low speed
OID: 1.3.6.1.4.1.15397.2.1.88.80
OID: 1.3.6.1.4.1.15397.2.1.88.65
OID: 1.3.6.1.4.1.15397.2.1.88.66
Object copies
This is the number of ShapingObject copies.
OID: 1.3.6.1.4.1.15397.2.1.88.13
OID: 1.3.6.1.4.1.15397.2.1.88.72
OID: 1.3.6.1.4.1.15397.2.1.88.49
OID: 1.3.6.1.4.1.15397.2.1.88.15
Packets received
This is the number of packets received by the shaping engine.
OID: 1.3.6.1.4.1.15397.2.1.88.16
Queue size
OID: 1.3.6.1.4.1.15397.2.1.88.9
360
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.88.37
OID: 1.3.6.1.4.1.15397.2.1.88.25
OID: 1.3.6.1.4.1.15397.2.1.88.32
OID: 1.3.6.1.4.1.15397.2.1.88.31
Unshaped bytes
This is the number of bytes received by the shaping engine that did not match any shaping rules.
OID: 1.3.6.1.4.1.15397.2.1.88.40
Unshaped packets
This is the number of packets received by the shaping engine that did not match any shaping rules.
OID: 1.3.6.1.4.1.15397.2.1.88.39
OID: 1.3.6.1.4.1.15397.2.1.124.3
Active counters
This is the number of counters existing.
OID: 1.3.6.1.4.1.15397.2.1.124.2
OID: 1.3.6.1.4.1.15397.2.1.124.7
Recycles
This is the number of times an existing counter has been reset to be used by another object, because the number of
counters exceeds the system configuration value SHAPING_COUNTERS_MAX.
OID: 1.3.6.1.4.1.15397.2.1.124.4
361
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.124.5
Updates received
This is the total number of updates received from shaping counters.
OID: 1.3.6.1.4.1.15397.2.1.124.1
C.45. Statistics
Bandwidth used (Dataset Transfer)
This is the bandwidth used between PLSD and PLDBD. The system configuration value
PLS_DATASET_BANDWIDTH_LIMIT can be used to limit the dataset transfer rate between PLSD and PLDBD, to ensure
that not all available bandwidth is used by the dataset transfer.
OID: 1.3.6.1.4.1.15397.2.1.136.86
OID: 1.3.6.1.4.1.15397.2.1.136.31
Cached datasets
OID: 1.3.6.1.4.1.15397.2.1.136.71
OID: 1.3.6.1.4.1.15397.2.1.136.41
OID: 1.3.6.1.4.1.15397.2.1.136.42
OID: 1.3.6.1.4.1.15397.2.1.136.15
Connection updates
This is the number of connection updates that the statistics daemon has received from PLD.
OID: 1.3.6.1.4.1.15397.2.1.136.17
OID: 1.3.6.1.4.1.15397.2.1.136.18
362
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.136.19
OID: 1.3.6.1.4.1.15397.2.1.136.20
OID: 1.3.6.1.4.1.15397.2.1.136.21
Connects
This is a counter that is incremented each time the statistics daemon tries to connect to the PLD. If this keeps increasing
then something is wrong in the interface between the daemons.
OID: 1.3.6.1.4.1.15397.2.1.136.33
OID: 1.3.6.1.4.1.15397.2.1.136.23
OID: 1.3.6.1.4.1.15397.2.1.136.25
OID: 1.3.6.1.4.1.15397.2.1.136.22
Connlog dumptime
This is the time it took to write the previous chunk of connlog connections to disk.
OID: 1.3.6.1.4.1.15397.2.1.136.26
OID: 1.3.6.1.4.1.15397.2.1.136.30
OID: 1.3.6.1.4.1.15397.2.1.136.36
OID: 1.3.6.1.4.1.15397.2.1.136.24
Dataset, size
This is the size in bytes of the dataset sent from PLSD to PLDBD after filtering. This value is updated each time the dataset
is sent. It can be used to estimate the time it would take to transfer the dataset over the a certain bandwidth.
363
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.136.47
Dump time
This is the time it took to write the previous hour of statistics data to disk. If this grows close to an hour, then the disk is
not keeping up with the amount of data it needs to store. If so, you need to upgrade your statistics hardware, or turn off
connection logging, or cut down on the number of statistics rules you have in your ruleset.
OID: 1.3.6.1.4.1.15397.2.1.136.1
Dynamic IP count
OID: 1.3.6.1.4.1.15397.2.1.136.55
OID: 1.3.6.1.4.1.15397.2.1.136.84
OID: 1.3.6.1.4.1.15397.2.1.136.85
OID: 1.3.6.1.4.1.15397.2.1.136.106
GeoLogic: Lookups
OID: 1.3.6.1.4.1.15397.2.1.136.105
Links in dataset
This is the number of links in the dataset. Links are configured in the distribution of a StatisticsObject and are used to
reduce the amount of data stored in Statsfs by removing redundant data.
OID: 1.3.6.1.4.1.15397.2.1.136.4
NetObject Count
OID: 1.3.6.1.4.1.15397.2.1.136.59
OID: 1.3.6.1.4.1.15397.2.1.136.65
OID: 1.3.6.1.4.1.15397.2.1.136.28
OID: 1.3.6.1.4.1.15397.2.1.136.101
OID: 1.3.6.1.4.1.15397.2.1.136.83
364
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.136.93
OID: 1.3.6.1.4.1.15397.2.1.136.94
OID: 1.3.6.1.4.1.15397.2.1.136.91
OID: 1.3.6.1.4.1.15397.2.1.136.92
OID: 1.3.6.1.4.1.15397.2.1.136.82
OID: 1.3.6.1.4.1.15397.2.1.136.100
OID: 1.3.6.1.4.1.15397.2.1.136.81
Time connected
This is the length of time that the statistics daemon has been connected to PLD. The time counter will reset to zero in
case of a reconnect between the statistics daemon and PLD.
OID: 1.3.6.1.4.1.15397.2.1.136.32
OID: 1.3.6.1.4.1.15397.2.1.136.27
OID: 1.3.6.1.4.1.15397.2.1.136.48
Value Hashes
OID: 1.3.6.1.4.1.15397.2.1.136.104
Value lookups
This is the number of lookups made by the statistics daemon to see whether a built value is already stored.
OID: 1.3.6.1.4.1.15397.2.1.136.10
Value updates(Bytes)
This is the number of times values have been updated with byte counter information (for example bytes transferred or
bit rate).
OID: 1.3.6.1.4.1.15397.2.1.136.11
Value updates(Conns)
This is the number of times values have been updated with connection counter information (for example connection count
in/out or connection rate).
365
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.136.13
OID: 1.3.6.1.4.1.15397.2.1.136.12
OID: 1.3.6.1.4.1.15397.2.1.136.14
Values filtered
This is the number of values filtered due to the threshold settings in StatisticsObjects.
OID: 1.3.6.1.4.1.15397.2.1.136.8
Values in dataset
This is the number of values existing in the dataset.
OID: 1.3.6.1.4.1.15397.2.1.136.2
OID: 1.3.6.1.4.1.15397.2.1.136.3
Values in dataset(Aggregation)
This is the number of values in the dataset that are aggregated values. Aggregation is configured in the StatisticsObjects.
OID: 1.3.6.1.4.1.15397.2.1.136.5
OID: 1.3.6.1.4.1.15397.2.1.136.80
OID: 1.3.6.1.4.1.15397.2.1.136.6
OID: 1.3.6.1.4.1.15397.2.1.136.7
OID: 1.3.6.1.4.1.15397.2.1.136.9
366
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.137.42
OID: 1.3.6.1.4.1.15397.2.1.137.41
Dataset Values
This is the number of values in the last dataset written to the statistics file system.
OID: 1.3.6.1.4.1.15397.2.1.137.4
OID: 1.3.6.1.4.1.15397.2.1.137.7
OID: 1.3.6.1.4.1.15397.2.1.137.8
OID: 1.3.6.1.4.1.15397.2.1.137.5
OID: 1.3.6.1.4.1.15397.2.1.137.6
OID: 1.3.6.1.4.1.15397.2.1.137.11
OID: 1.3.6.1.4.1.15397.2.1.137.9
367
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.137.13
OID: 1.3.6.1.4.1.15397.2.1.137.12
Dataset, Begin
This is the starting time of the last dataset written to the statistics file system.
OID: 1.3.6.1.4.1.15397.2.1.137.1
Dataset, End
This is the end time of the last dataset written to the statistics file system.
OID: 1.3.6.1.4.1.15397.2.1.137.2
Dataset, Sessions
This is the number of PLSDs that connected to the statistics writer to supply the last dataset.
OID: 1.3.6.1.4.1.15397.2.1.137.3
Dataset, Size
This is the compressed size of the datasets received from all statistics daemons.
OID: 1.3.6.1.4.1.15397.2.1.137.32
OID: 1.3.6.1.4.1.15397.2.1.137.14
OID: 1.3.6.1.4.1.15397.2.1.137.38
OID: 1.3.6.1.4.1.15397.2.1.137.37
OID: 1.3.6.1.4.1.15397.2.1.137.40
OID: 1.3.6.1.4.1.15397.2.1.137.39
OID: 1.3.6.1.4.1.15397.2.1.137.23
368
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.137.25
OID: 1.3.6.1.4.1.15397.2.1.137.24
OID: 1.3.6.1.4.1.15397.2.1.137.34
OID: 1.3.6.1.4.1.15397.2.1.137.33
OID: 1.3.6.1.4.1.15397.2.1.137.21
OID: 1.3.6.1.4.1.15397.2.1.137.19
OID: 1.3.6.1.4.1.15397.2.1.137.27
OID: 1.3.6.1.4.1.15397.2.1.137.26
C.47. System
CPU load
OID: 1.3.6.1.4.1.15397.2.1.133.1
Free RAM
OID: 1.3.6.1.4.1.15397.2.1.133.3
Free swap
OID: 1.3.6.1.4.1.15397.2.1.133.5
OID: 1.3.6.1.4.1.15397.2.1.133.9
369
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.133.10
OID: 1.3.6.1.4.1.15397.2.1.133.8
OID: 1.3.6.1.4.1.15397.2.1.133.7
Total RAM
OID: 1.3.6.1.4.1.15397.2.1.133.2
Total swap
OID: 1.3.6.1.4.1.15397.2.1.133.4
Uptime
OID: 1.3.6.1.4.1.15397.2.1.133.6
C.48. TCPv4
Connection create attempts
This is the number of TCPv4 connection attempts. Some of these might get refused by filtering rules or connection
protection.
OID: 1.3.6.1.4.1.15397.2.1.48.4
Connections created
This is the number of TCPv4 connections actually created.
OID: 1.3.6.1.4.1.15397.2.1.48.5
Connections reopened
OID: 1.3.6.1.4.1.15397.2.1.48.44
OID: 1.3.6.1.4.1.15397.2.1.48.47
Goodput bytes
This is the number of application (L4 payload) bytes received.
OID: 1.3.6.1.4.1.15397.2.1.48.15
Goodput packets
This is the number of application (L4 payload) packets received.
OID: 1.3.6.1.4.1.15397.2.1.48.14
370
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.48.19
OID: 1.3.6.1.4.1.15397.2.1.48.29
OID: 1.3.6.1.4.1.15397.2.1.48.45
OID: 1.3.6.1.4.1.15397.2.1.48.25
RX bytes
This is the number of TCPv4 bytes received.
OID: 1.3.6.1.4.1.15397.2.1.48.2
RX packets
This is the number of TCPv4 packets received.
OID: 1.3.6.1.4.1.15397.2.1.48.1
Refused (broadcast)
This is the number of broadcasted TCPv4 packets that are dropped.
OID: 1.3.6.1.4.1.15397.2.1.48.8
Refused (offset)
This is the number of packets where the payload indicated is larger than the packet size are dropped.
OID: 1.3.6.1.4.1.15397.2.1.48.9
Refused (ruleset)
This is the number of packets refused by the ruleset.
OID: 1.3.6.1.4.1.15397.2.1.48.6
Refused (short)
This is the number of packets refused because they are invalidly short.
OID: 1.3.6.1.4.1.15397.2.1.48.7
Rejected packets
This is the number of packets rejected by reject actions in filtering.
OID: 1.3.6.1.4.1.15397.2.1.48.10
OID: 1.3.6.1.4.1.15397.2.1.48.32
OID: 1.3.6.1.4.1.15397.2.1.48.33
371
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.48.46
Untracked bytes
OID: 1.3.6.1.4.1.15397.2.1.48.24
OID: 1.3.6.1.4.1.15397.2.1.48.23
Untracked packets
OID: 1.3.6.1.4.1.15397.2.1.48.13
C.49. TCPv6
Connection create attempts
OID: 1.3.6.1.4.1.15397.2.1.127.4
Connections created
OID: 1.3.6.1.4.1.15397.2.1.127.5
Connections reopened
OID: 1.3.6.1.4.1.15397.2.1.127.44
OID: 1.3.6.1.4.1.15397.2.1.127.47
Goodput bytes
OID: 1.3.6.1.4.1.15397.2.1.127.15
Goodput packets
OID: 1.3.6.1.4.1.15397.2.1.127.14
OID: 1.3.6.1.4.1.15397.2.1.127.19
OID: 1.3.6.1.4.1.15397.2.1.127.29
OID: 1.3.6.1.4.1.15397.2.1.127.45
OID: 1.3.6.1.4.1.15397.2.1.127.25
RX bytes
OID: 1.3.6.1.4.1.15397.2.1.127.2
372
Appendix C. System Diagnostics Values
RX packets
OID: 1.3.6.1.4.1.15397.2.1.127.1
Refused (broadcast)
OID: 1.3.6.1.4.1.15397.2.1.127.8
Refused (offset)
OID: 1.3.6.1.4.1.15397.2.1.127.9
Refused (ruleset)
OID: 1.3.6.1.4.1.15397.2.1.127.6
Refused (short)
OID: 1.3.6.1.4.1.15397.2.1.127.7
Rejected packets
OID: 1.3.6.1.4.1.15397.2.1.127.10
OID: 1.3.6.1.4.1.15397.2.1.127.32
OID: 1.3.6.1.4.1.15397.2.1.127.33
OID: 1.3.6.1.4.1.15397.2.1.127.46
Untracked bytes
OID: 1.3.6.1.4.1.15397.2.1.127.24
OID: 1.3.6.1.4.1.15397.2.1.127.23
Untracked packets
OID: 1.3.6.1.4.1.15397.2.1.127.13
C.50. Teredo
RX data
OID: 1.3.6.1.4.1.15397.2.1.128.3
RX packets
OID: 1.3.6.1.4.1.15397.2.1.128.2
373
Appendix C. System Diagnostics Values
C.51. Tunnel
Context allocation failures
OID: 1.3.6.1.4.1.15397.2.1.130.12
Contexts used
OID: 1.3.6.1.4.1.15397.2.1.130.11
C.52. UDPv4
RX bytes
OID: 1.3.6.1.4.1.15397.2.1.51.2
RX packets
OID: 1.3.6.1.4.1.15397.2.1.51.1
Refused (ruleset)
OID: 1.3.6.1.4.1.15397.2.1.51.3
Refused (short)
OID: 1.3.6.1.4.1.15397.2.1.51.4
C.53. UDPv6
RX bytes
OID: 1.3.6.1.4.1.15397.2.1.52.2
RX packets
OID: 1.3.6.1.4.1.15397.2.1.52.1
Refused (ruleset)
OID: 1.3.6.1.4.1.15397.2.1.52.3
Refused (short)
OID: 1.3.6.1.4.1.15397.2.1.52.4
374
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.144.2
OID: 1.3.6.1.4.1.15397.2.1.144.7
OID: 1.3.6.1.4.1.15397.2.1.144.8
OID: 1.3.6.1.4.1.15397.2.1.144.6
OID: 1.3.6.1.4.1.15397.2.1.144.5
Number of views
OID: 1.3.6.1.4.1.15397.2.1.144.4
OID: 1.3.6.1.4.1.15397.2.1.144.3
OID: 1.3.6.1.4.1.15397.2.1.144.9
Uptime
OID: 1.3.6.1.4.1.15397.2.1.144.1
OID: 1.3.6.1.4.1.15397.2.1.154.4
OID: 1.3.6.1.4.1.15397.2.1.154.5
OID: 1.3.6.1.4.1.15397.2.1.56.45
OID: 1.3.6.1.4.1.15397.2.1.56.46
OID: 1.3.6.1.4.1.15397.2.1.56.27
Destroyed established
OID: 1.3.6.1.4.1.15397.2.1.56.25
375
Appendix C. System Diagnostics Values
Failed lookups
OID: 1.3.6.1.4.1.15397.2.1.56.15
OID: 1.3.6.1.4.1.15397.2.1.56.47
Lookups
OID: 1.3.6.1.4.1.15397.2.1.56.10
Made established
OID: 1.3.6.1.4.1.15397.2.1.56.11
Made unestablished
OID: 1.3.6.1.4.1.15397.2.1.56.24
TTL timeouts
OID: 1.3.6.1.4.1.15397.2.1.56.13
Updates sent
OID: 1.3.6.1.4.1.15397.2.1.56.12
OID: 1.3.6.1.4.1.15397.2.1.56.44
OID: 1.3.6.1.4.1.15397.2.1.56.26
OID: 1.3.6.1.4.1.15397.2.1.60.16
OID: 1.3.6.1.4.1.15397.2.1.60.15
OID: 1.3.6.1.4.1.15397.2.1.60.12
OID: 1.3.6.1.4.1.15397.2.1.60.11
OID: 1.3.6.1.4.1.15397.2.1.60.63
OID: 1.3.6.1.4.1.15397.2.1.60.56
376
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.60.55
OID: 1.3.6.1.4.1.15397.2.1.60.54
OID: 1.3.6.1.4.1.15397.2.1.60.51
OID: 1.3.6.1.4.1.15397.2.1.60.46
OID: 1.3.6.1.4.1.15397.2.1.60.14
OID: 1.3.6.1.4.1.15397.2.1.125.65
OID: 1.3.6.1.4.1.15397.2.1.125.67
OID: 1.3.6.1.4.1.15397.2.1.125.64
OID: 1.3.6.1.4.1.15397.2.1.125.66
OID: 1.3.6.1.4.1.15397.2.1.125.68
OID: 1.3.6.1.4.1.15397.2.1.125.38
Proxy asym local egress error packet (divert channel not operational)
OID: 1.3.6.1.4.1.15397.2.1.125.37
Proxy asym local egress error packet (no matching divert rule)
OID: 1.3.6.1.4.1.15397.2.1.125.36
OID: 1.3.6.1.4.1.15397.2.1.125.39
OID: 1.3.6.1.4.1.15397.2.1.125.51
OID: 1.3.6.1.4.1.15397.2.1.125.52
377
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.125.69
OID: 1.3.6.1.4.1.15397.2.1.125.50
OID: 1.3.6.1.4.1.15397.2.1.125.47
OID: 1.3.6.1.4.1.15397.2.1.125.43
OID: 1.3.6.1.4.1.15397.2.1.125.32
OID: 1.3.6.1.4.1.15397.2.1.125.59
OID: 1.3.6.1.4.1.15397.2.1.125.31
OID: 1.3.6.1.4.1.15397.2.1.125.33
OID: 1.3.6.1.4.1.15397.2.1.125.58
OID: 1.3.6.1.4.1.15397.2.1.125.53
OID: 1.3.6.1.4.1.15397.2.1.125.24
OID: 1.3.6.1.4.1.15397.2.1.125.22
OID: 1.3.6.1.4.1.15397.2.1.125.70
OID: 1.3.6.1.4.1.15397.2.1.125.23
OID: 1.3.6.1.4.1.15397.2.1.125.56
OID: 1.3.6.1.4.1.15397.2.1.125.21
378
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.125.54
OID: 1.3.6.1.4.1.15397.2.1.125.55
OID: 1.3.6.1.4.1.15397.2.1.125.60
OID: 1.3.6.1.4.1.15397.2.1.125.61
OID: 1.3.6.1.4.1.15397.2.1.125.62
Proxy connections failed (unexpected packet received, own final ACK expected)
OID: 1.3.6.1.4.1.15397.2.1.125.63
OID: 1.3.6.1.4.1.15397.2.1.125.72
OID: 1.3.6.1.4.1.15397.2.1.125.26
Analyzed bytes
OID: 1.3.6.1.4.1.15397.2.1.24.12
OID: 1.3.6.1.4.1.15397.2.1.24.11
OID: 1.3.6.1.4.1.15397.2.1.24.49
OID: 1.3.6.1.4.1.15397.2.1.24.70
OID: 1.3.6.1.4.1.15397.2.1.24.4
OID: 1.3.6.1.4.1.15397.2.1.24.64
OID: 1.3.6.1.4.1.15397.2.1.24.62
OID: 1.3.6.1.4.1.15397.2.1.24.63
379
Appendix C. System Diagnostics Values
Dequeued packets
OID: 1.3.6.1.4.1.15397.2.1.24.66
Dynamic reoptimizations.
OID: 1.3.6.1.4.1.15397.2.1.24.60
OID: 1.3.6.1.4.1.15397.2.1.24.57
OID: 1.3.6.1.4.1.15397.2.1.24.76
OID: 1.3.6.1.4.1.15397.2.1.24.58
OID: 1.3.6.1.4.1.15397.2.1.24.59
OID: 1.3.6.1.4.1.15397.2.1.24.3
OID: 1.3.6.1.4.1.15397.2.1.24.21
OID: 1.3.6.1.4.1.15397.2.1.24.71
OID: 1.3.6.1.4.1.15397.2.1.24.24
OID: 1.3.6.1.4.1.15397.2.1.24.27
Orphaned childconnections
OID: 1.3.6.1.4.1.15397.2.1.24.18
OID: 1.3.6.1.4.1.15397.2.1.24.67
OID: 1.3.6.1.4.1.15397.2.1.24.74
OID: 1.3.6.1.4.1.15397.2.1.24.55
OID: 1.3.6.1.4.1.15397.2.1.24.7
380
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.24.5
OID: 1.3.6.1.4.1.15397.2.1.24.69
OID: 1.3.6.1.4.1.15397.2.1.24.68
OID: 1.3.6.1.4.1.15397.2.1.24.65
Skipped bytes
OID: 1.3.6.1.4.1.15397.2.1.24.13
OID: 1.3.6.1.4.1.15397.2.1.24.61
OID: 1.3.6.1.4.1.15397.2.1.24.50
OID: 1.3.6.1.4.1.15397.2.1.24.52
OID: 1.3.6.1.4.1.15397.2.1.24.53
OID: 1.3.6.1.4.1.15397.2.1.24.51
OID: 1.3.6.1.4.1.15397.2.1.24.46
OID: 1.3.6.1.4.1.15397.2.1.24.45
OID: 1.3.6.1.4.1.15397.2.1.24.48
OID: 1.3.6.1.4.1.15397.2.1.24.47
OID: 1.3.6.1.4.1.15397.2.1.25.8
OID: 1.3.6.1.4.1.15397.2.1.25.9
381
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.25.10
OID: 1.3.6.1.4.1.15397.2.1.25.6
OID: 1.3.6.1.4.1.15397.2.1.25.7
OID: 1.3.6.1.4.1.15397.2.1.25.16
OID: 1.3.6.1.4.1.15397.2.1.25.15
Key-Value store entries that were passed to the sync handler from bincode.
OID: 1.3.6.1.4.1.15397.2.1.25.17
OID: 1.3.6.1.4.1.15397.2.1.25.14
OID: 1.3.6.1.4.1.15397.2.1.25.13
Ruleset evaluations
OID: 1.3.6.1.4.1.15397.2.1.80.6
OID: 1.3.6.1.4.1.15397.2.1.131.10
OID: 1.3.6.1.4.1.15397.2.1.131.14
OID: 1.3.6.1.4.1.15397.2.1.131.15
OID: 1.3.6.1.4.1.15397.2.1.131.4
OID: 1.3.6.1.4.1.15397.2.1.131.7
OID: 1.3.6.1.4.1.15397.2.1.131.6
OID: 1.3.6.1.4.1.15397.2.1.131.8
382
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.131.9
OID: 1.3.6.1.4.1.15397.2.1.131.12
OID: 1.3.6.1.4.1.15397.2.1.131.13
PPTP Packets
OID: 1.3.6.1.4.1.15397.2.1.131.11
OID: 1.3.6.1.4.1.15397.2.1.131.5
OID: 1.3.6.1.4.1.15397.2.1.129.5
OID: 1.3.6.1.4.1.15397.2.1.129.6
OID: 1.3.6.1.4.1.15397.2.1.129.7
OID: 1.3.6.1.4.1.15397.2.1.129.8
OID: 1.3.6.1.4.1.15397.2.1.129.13
OID: 1.3.6.1.4.1.15397.2.1.129.14
Error Indication
OID: 1.3.6.1.4.1.15397.2.1.129.9
G-PDU Packets
OID: 1.3.6.1.4.1.15397.2.1.129.4
OID: 1.3.6.1.4.1.15397.2.1.129.15
OID: 1.3.6.1.4.1.15397.2.1.129.16
OID: 1.3.6.1.4.1.15397.2.1.129.10
383
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.129.11
OID: 1.3.6.1.4.1.15397.2.1.129.12
OID: 1.3.6.1.4.1.15397.2.1.146.13
Volume filtered
OID: 1.3.6.1.4.1.15397.2.1.146.11
Volume sent
OID: 1.3.6.1.4.1.15397.2.1.146.10
Fragment ids
OID: 1.3.6.1.4.1.15397.2.1.32.10
Packet fragments
This is the number of received fragments.
OID: 1.3.6.1.4.1.15397.2.1.32.7
Fragment ids
OID: 1.3.6.1.4.1.15397.2.1.126.10
Fragments in Fragments
OID: 1.3.6.1.4.1.15397.2.1.126.32
Packet fragments
OID: 1.3.6.1.4.1.15397.2.1.126.7
OID: 1.3.6.1.4.1.15397.2.1.145.51
Dimension lookups
OID: 1.3.6.1.4.1.15397.2.1.145.50
OID: 1.3.6.1.4.1.15397.2.1.145.77
OID: 1.3.6.1.4.1.15397.2.1.145.79
OID: 1.3.6.1.4.1.15397.2.1.145.78
384
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.145.80
OID: 1.3.6.1.4.1.15397.2.1.145.82
OID: 1.3.6.1.4.1.15397.2.1.145.81
OID: 1.3.6.1.4.1.15397.2.1.145.87
OID: 1.3.6.1.4.1.15397.2.1.145.86
OID: 1.3.6.1.4.1.15397.2.1.145.69
OID: 1.3.6.1.4.1.15397.2.1.145.52
OID: 1.3.6.1.4.1.15397.2.1.145.9
OID: 1.3.6.1.4.1.15397.2.1.145.11
OID: 1.3.6.1.4.1.15397.2.1.145.10
OID: 1.3.6.1.4.1.15397.2.1.145.72
OID: 1.3.6.1.4.1.15397.2.1.145.74
OID: 1.3.6.1.4.1.15397.2.1.145.73
OID: 1.3.6.1.4.1.15397.2.1.145.88
OID: 1.3.6.1.4.1.15397.2.1.145.85
OID: 1.3.6.1.4.1.15397.2.1.145.68
385
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.153.12
OID: 1.3.6.1.4.1.15397.2.1.153.7
OID: 1.3.6.1.4.1.15397.2.1.134.38
Dynamic IP lookups
OID: 1.3.6.1.4.1.15397.2.1.134.26
OID: 1.3.6.1.4.1.15397.2.1.134.28
OID: 1.3.6.1.4.1.15397.2.1.134.27
OID: 1.3.6.1.4.1.15397.2.1.134.31
OID: 1.3.6.1.4.1.15397.2.1.134.42
OID: 1.3.6.1.4.1.15397.2.1.134.43
OID: 1.3.6.1.4.1.15397.2.1.134.33
Hostname allocations
The number of hostnames allocated.
OID: 1.3.6.1.4.1.15397.2.1.134.19
OID: 1.3.6.1.4.1.15397.2.1.134.24
OID: 1.3.6.1.4.1.15397.2.1.134.49
OID: 1.3.6.1.4.1.15397.2.1.134.25
OID: 1.3.6.1.4.1.15397.2.1.134.32
386
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.134.30
OID: 1.3.6.1.4.1.15397.2.1.135.57
OID: 1.3.6.1.4.1.15397.2.1.135.95
OID: 1.3.6.1.4.1.15397.2.1.135.94
OID: 1.3.6.1.4.1.15397.2.1.135.85
OID: 1.3.6.1.4.1.15397.2.1.135.84
OID: 1.3.6.1.4.1.15397.2.1.135.60
OID: 1.3.6.1.4.1.15397.2.1.135.61
OID: 1.3.6.1.4.1.15397.2.1.135.148
OID: 1.3.6.1.4.1.15397.2.1.135.147
OID: 1.3.6.1.4.1.15397.2.1.135.107
OID: 1.3.6.1.4.1.15397.2.1.135.106
OID: 1.3.6.1.4.1.15397.2.1.135.108
OID: 1.3.6.1.4.1.15397.2.1.135.105
387
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.135.103
OID: 1.3.6.1.4.1.15397.2.1.135.102
OID: 1.3.6.1.4.1.15397.2.1.135.104
OID: 1.3.6.1.4.1.15397.2.1.135.101
OID: 1.3.6.1.4.1.15397.2.1.135.65
OID: 1.3.6.1.4.1.15397.2.1.135.58
OID: 1.3.6.1.4.1.15397.2.1.135.59
OID: 1.3.6.1.4.1.15397.2.1.135.64
OID: 1.3.6.1.4.1.15397.2.1.135.63
OID: 1.3.6.1.4.1.15397.2.1.135.146
OID: 1.3.6.1.4.1.15397.2.1.135.145
OID: 1.3.6.1.4.1.15397.2.1.61.1
OID: 1.3.6.1.4.1.15397.2.1.61.4
OID: 1.3.6.1.4.1.15397.2.1.61.8
388
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.61.6
OID: 1.3.6.1.4.1.15397.2.1.61.7
OID: 1.3.6.1.4.1.15397.2.1.61.5
CPU Wakeups
OID: 1.3.6.1.4.1.15397.2.1.8.29
CPU irqs
OID: 1.3.6.1.4.1.15397.2.1.8.28
OID: 1.3.6.1.4.1.15397.2.1.8.25
OID: 1.3.6.1.4.1.15397.2.1.8.32
Context allocations
OID: 1.3.6.1.4.1.15397.2.1.8.31
Context switches
OID: 1.3.6.1.4.1.15397.2.1.8.33
Contexts in use
OID: 1.3.6.1.4.1.15397.2.1.8.30
DMA-allocated packets
OID: 1.3.6.1.4.1.15397.2.1.8.13
OID: 1.3.6.1.4.1.15397.2.1.8.22
OID: 1.3.6.1.4.1.15397.2.1.8.24
OID: 1.3.6.1.4.1.15397.2.1.8.34
NIC RX drops
OID: 1.3.6.1.4.1.15397.2.1.8.23
389
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.8.37
OID: 1.3.6.1.4.1.15397.2.1.8.26
OID: 1.3.6.1.4.1.15397.2.1.123.35
OID: 1.3.6.1.4.1.15397.2.1.123.19
OID: 1.3.6.1.4.1.15397.2.1.123.20
OID: 1.3.6.1.4.1.15397.2.1.147.32
OID: 1.3.6.1.4.1.15397.2.1.147.33
OID: 1.3.6.1.4.1.15397.2.1.147.34
OID: 1.3.6.1.4.1.15397.2.1.147.12
OID: 1.3.6.1.4.1.15397.2.1.147.13
OID: 1.3.6.1.4.1.15397.2.1.147.14
Ruleset calcjob: Largest number of calc jobs. Gets reset on each ruleset recompile
OID: 1.3.6.1.4.1.15397.2.1.147.54
OID: 1.3.6.1.4.1.15397.2.1.147.53
Ruleset calcjob: Sum of static and dynamic IPv4 prefixes to consider for compile
OID: 1.3.6.1.4.1.15397.2.1.147.51
Ruleset calcjob: Sum of static and dynamic IPv6 prefixes to consider for compile
OID: 1.3.6.1.4.1.15397.2.1.147.52
OID: 1.3.6.1.4.1.15397.2.1.147.67
390
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.147.22
OID: 1.3.6.1.4.1.15397.2.1.147.21
OID: 1.3.6.1.4.1.15397.2.1.121.43
OID: 1.3.6.1.4.1.15397.2.1.121.27
OID: 1.3.6.1.4.1.15397.2.1.121.28
OID: 1.3.6.1.4.1.15397.2.1.121.64
OID: 1.3.6.1.4.1.15397.2.1.121.29
Oper SET_END: Dynamic netobject items REMOVED during set_end operations due to being touched
in previous set operations
OID: 1.3.6.1.4.1.15397.2.1.121.65
OID: 1.3.6.1.4.1.15397.2.1.64.12
OID: 1.3.6.1.4.1.15397.2.1.64.52
OID: 1.3.6.1.4.1.15397.2.1.64.34
OID: 1.3.6.1.4.1.15397.2.1.64.35
OID: 1.3.6.1.4.1.15397.2.1.64.33
OID: 1.3.6.1.4.1.15397.2.1.64.32
391
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.64.27
OID: 1.3.6.1.4.1.15397.2.1.64.68
OID: 1.3.6.1.4.1.15397.2.1.64.31
OID: 1.3.6.1.4.1.15397.2.1.64.30
OID: 1.3.6.1.4.1.15397.2.1.64.69
OID: 1.3.6.1.4.1.15397.2.1.64.39
OID: 1.3.6.1.4.1.15397.2.1.64.28
OID: 1.3.6.1.4.1.15397.2.1.64.29
OID: 1.3.6.1.4.1.15397.2.1.64.48
OID: 1.3.6.1.4.1.15397.2.1.64.49
OID: 1.3.6.1.4.1.15397.2.1.64.45
OID: 1.3.6.1.4.1.15397.2.1.64.5
OID: 1.3.6.1.4.1.15397.2.1.64.6
OID: 1.3.6.1.4.1.15397.2.1.64.24
Rows on freelist
OID: 1.3.6.1.4.1.15397.2.1.150.12
Delayed Polls
OID: 1.3.6.1.4.1.15397.2.1.88.75
392
Appendix C. System Diagnostics Values
Dequeue calls
OID: 1.3.6.1.4.1.15397.2.1.88.41
OID: 1.3.6.1.4.1.15397.2.1.88.69
Enqueue Failures
OID: 1.3.6.1.4.1.15397.2.1.88.77
OID: 1.3.6.1.4.1.15397.2.1.88.82
Object checks
OID: 1.3.6.1.4.1.15397.2.1.88.17
OID: 1.3.6.1.4.1.15397.2.1.88.81
OID: 1.3.6.1.4.1.15397.2.1.88.63
OID: 1.3.6.1.4.1.15397.2.1.88.54
OID: 1.3.6.1.4.1.15397.2.1.88.55
OID: 1.3.6.1.4.1.15397.2.1.88.56
OID: 1.3.6.1.4.1.15397.2.1.88.57
OID: 1.3.6.1.4.1.15397.2.1.88.58
OID: 1.3.6.1.4.1.15397.2.1.88.59
OID: 1.3.6.1.4.1.15397.2.1.88.60
OID: 1.3.6.1.4.1.15397.2.1.88.61
OID: 1.3.6.1.4.1.15397.2.1.88.62
393
Appendix C. System Diagnostics Values
Rule sets
OID: 1.3.6.1.4.1.15397.2.1.88.10
OID: 1.3.6.1.4.1.15397.2.1.88.71
OID: 1.3.6.1.4.1.15397.2.1.88.76
OID: 1.3.6.1.4.1.15397.2.1.124.6
OID: 1.3.6.1.4.1.15397.2.1.136.39
OID: 1.3.6.1.4.1.15397.2.1.136.40
OID: 1.3.6.1.4.1.15397.2.1.136.95
OID: 1.3.6.1.4.1.15397.2.1.136.68
OID: 1.3.6.1.4.1.15397.2.1.136.96
OID: 1.3.6.1.4.1.15397.2.1.136.69
OID: 1.3.6.1.4.1.15397.2.1.136.37
OID: 1.3.6.1.4.1.15397.2.1.136.70
OID: 1.3.6.1.4.1.15397.2.1.136.60
394
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.136.61
OID: 1.3.6.1.4.1.15397.2.1.136.62
OID: 1.3.6.1.4.1.15397.2.1.136.63
OID: 1.3.6.1.4.1.15397.2.1.136.64
OID: 1.3.6.1.4.1.15397.2.1.136.97
OID: 1.3.6.1.4.1.15397.2.1.136.43
Dataset, Subscribers
OID: 1.3.6.1.4.1.15397.2.1.136.44
OID: 1.3.6.1.4.1.15397.2.1.136.46
OID: 1.3.6.1.4.1.15397.2.1.136.45
OID: 1.3.6.1.4.1.15397.2.1.136.88
OID: 1.3.6.1.4.1.15397.2.1.136.87
Dynamic IP lookups
OID: 1.3.6.1.4.1.15397.2.1.136.58
OID: 1.3.6.1.4.1.15397.2.1.136.56
OID: 1.3.6.1.4.1.15397.2.1.136.57
Hosts
This is the number of hosts in the hosts table of the statistics daemon.
OID: 1.3.6.1.4.1.15397.2.1.136.16
395
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.136.35
OID: 1.3.6.1.4.1.15397.2.1.136.34
Messages
OID: 1.3.6.1.4.1.15397.2.1.136.49
Messages, Connections
OID: 1.3.6.1.4.1.15397.2.1.136.50
Messages, Hosts
OID: 1.3.6.1.4.1.15397.2.1.136.52
Messages, Netobjects
OID: 1.3.6.1.4.1.15397.2.1.136.51
OID: 1.3.6.1.4.1.15397.2.1.136.89
OID: 1.3.6.1.4.1.15397.2.1.136.90
OID: 1.3.6.1.4.1.15397.2.1.136.102
OID: 1.3.6.1.4.1.15397.2.1.136.103
OID: 1.3.6.1.4.1.15397.2.1.136.53
OID: 1.3.6.1.4.1.15397.2.1.136.54
OID: 1.3.6.1.4.1.15397.2.1.136.66
OID: 1.3.6.1.4.1.15397.2.1.136.67
OID: 1.3.6.1.4.1.15397.2.1.137.31
396
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.137.10
OID: 1.3.6.1.4.1.15397.2.1.137.47
OID: 1.3.6.1.4.1.15397.2.1.137.35
OID: 1.3.6.1.4.1.15397.2.1.137.30
OID: 1.3.6.1.4.1.15397.2.1.137.16
OID: 1.3.6.1.4.1.15397.2.1.137.15
OID: 1.3.6.1.4.1.15397.2.1.137.18
OID: 1.3.6.1.4.1.15397.2.1.137.17
OID: 1.3.6.1.4.1.15397.2.1.137.49
OID: 1.3.6.1.4.1.15397.2.1.137.48
OID: 1.3.6.1.4.1.15397.2.1.137.36
OID: 1.3.6.1.4.1.15397.2.1.137.22
OID: 1.3.6.1.4.1.15397.2.1.137.44
OID: 1.3.6.1.4.1.15397.2.1.137.46
OID: 1.3.6.1.4.1.15397.2.1.137.43
397
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.137.45
OID: 1.3.6.1.4.1.15397.2.1.137.20
OID: 1.3.6.1.4.1.15397.2.1.137.29
Context switches
OID: 1.3.6.1.4.1.15397.2.1.133.14
OID: 1.3.6.1.4.1.15397.2.1.133.11
OID: 1.3.6.1.4.1.15397.2.1.133.12
Interrupts
OID: 1.3.6.1.4.1.15397.2.1.133.13
UDP Drops
OID: 1.3.6.1.4.1.15397.2.1.133.17
UDP Rx Queue
OID: 1.3.6.1.4.1.15397.2.1.133.16
UDP Tx Queue
OID: 1.3.6.1.4.1.15397.2.1.133.15
OID: 1.3.6.1.4.1.15397.2.1.48.41
OID: 1.3.6.1.4.1.15397.2.1.48.27
Dequeued segments
OID: 1.3.6.1.4.1.15397.2.1.48.35
Discarded segments
OID: 1.3.6.1.4.1.15397.2.1.48.36
Enqueued segments
OID: 1.3.6.1.4.1.15397.2.1.48.34
398
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.48.42
Ignored segments
OID: 1.3.6.1.4.1.15397.2.1.48.18
OID: 1.3.6.1.4.1.15397.2.1.48.28
Out-of-sync bytes
OID: 1.3.6.1.4.1.15397.2.1.48.39
Out-of-sync connections
OID: 1.3.6.1.4.1.15397.2.1.48.12
Out-of-sync packets
OID: 1.3.6.1.4.1.15397.2.1.48.38
OID: 1.3.6.1.4.1.15397.2.1.48.37
Retransmitted packets
OID: 1.3.6.1.4.1.15397.2.1.48.40
Saved segments
OID: 1.3.6.1.4.1.15397.2.1.48.16
OID: 1.3.6.1.4.1.15397.2.1.48.17
OID: 1.3.6.1.4.1.15397.2.1.48.50
Segments that failed to dequeue due to DRDL skip state becoming out of sync
OID: 1.3.6.1.4.1.15397.2.1.48.49
OID: 1.3.6.1.4.1.15397.2.1.48.48
Simultaneous Open
OID: 1.3.6.1.4.1.15397.2.1.48.43
OID: 1.3.6.1.4.1.15397.2.1.127.41
OID: 1.3.6.1.4.1.15397.2.1.127.27
Dequeued segments
399
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.127.35
Discarded segments
OID: 1.3.6.1.4.1.15397.2.1.127.36
Enqueued segments
OID: 1.3.6.1.4.1.15397.2.1.127.34
OID: 1.3.6.1.4.1.15397.2.1.127.42
Ignored segments
OID: 1.3.6.1.4.1.15397.2.1.127.18
OID: 1.3.6.1.4.1.15397.2.1.127.28
Out-of-sync bytes
OID: 1.3.6.1.4.1.15397.2.1.127.39
Out-of-sync connections
OID: 1.3.6.1.4.1.15397.2.1.127.12
Out-of-sync packets
OID: 1.3.6.1.4.1.15397.2.1.127.38
OID: 1.3.6.1.4.1.15397.2.1.127.26
OID: 1.3.6.1.4.1.15397.2.1.127.37
Retransmitted packets
OID: 1.3.6.1.4.1.15397.2.1.127.40
Saved segments
OID: 1.3.6.1.4.1.15397.2.1.127.16
OID: 1.3.6.1.4.1.15397.2.1.127.17
OID: 1.3.6.1.4.1.15397.2.1.127.50
Segments that failed to dequeue due to DRDL skip state becoming out of sync
OID: 1.3.6.1.4.1.15397.2.1.127.49
400
Appendix C. System Diagnostics Values
OID: 1.3.6.1.4.1.15397.2.1.127.48
Simultaneous Open
OID: 1.3.6.1.4.1.15397.2.1.127.43
Authentication headers
OID: 1.3.6.1.4.1.15397.2.1.128.5
OID: 1.3.6.1.4.1.15397.2.1.128.4
OID: 1.3.6.1.4.1.15397.2.1.128.6
OID: 1.3.6.1.4.1.15397.2.1.130.14
OID: 1.3.6.1.4.1.15397.2.1.130.15
OID: 1.3.6.1.4.1.15397.2.1.130.5
OID: 1.3.6.1.4.1.15397.2.1.130.2
OID: 1.3.6.1.4.1.15397.2.1.130.8
OID: 1.3.6.1.4.1.15397.2.1.130.10
OID: 1.3.6.1.4.1.15397.2.1.130.13
OID: 1.3.6.1.4.1.15397.2.1.130.9
OID: 1.3.6.1.4.1.15397.2.1.130.6
OID: 1.3.6.1.4.1.15397.2.1.130.4
OID: 1.3.6.1.4.1.15397.2.1.130.7
401
Appendix C. System Diagnostics Values
Note
SNMP traps are created and sent only if a trap receiver is configured in the CLI. The default alert levels are
those automatically defined by the system. This section does not cover alert levels that are changed or added
compared to the default.
402
Appendix C. System Diagnostics Values
403
Appendix C. System Diagnostics Values
Description: The maximum number of subscriber names in rules using 'Split by subscriber' shaping objects has been
exceeded.
Severity: Major
Action: Review the System Configuration value DYNAMIC_NETOBJECT_SUBSCRIBER_MAX.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Ruleset - Engine/Subscriber: Parsing/handling errors in engine
(1.3.6.1.4.1.15397.2.1.64.58)
Threshold: Value > 0
Description: Error while handling/parsing subscriber names in rules using 'Split by subscriber'. Are both userspace and engine
restarted after config change?
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Ruleset - Engine/Subscriber: Split on unknown subscriber (1.3.6.1.4.1.15397.2.1.64.43)
Threshold: Rate > 0
Description: Split-by subscriber object added to connection with no subscriber added in the configured NetObject.
Severity: Minor
Action: Verify that ruleset is correct and provisioning of subscribers is working.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Ruleset - Engine/Subscriber: Split on unknown sessioncontext
(1.3.6.1.4.1.15397.2.1.64.44)
Threshold: Rate > 0
Description: Split-by session context object added to connection with no matching session context. Verify that ruleset is
correct and provisioning of session contexts is working.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Ruleset - Engine/Enrich: Storage in engine is full (1.3.6.1.4.1.15397.2.1.64.55)
Threshold: Value > 0
Description: The maximum number of enrich entries has been exceeded. Review the System Configuration value
DYNAMIC_NETOBJECT_ENRICH_MAX.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Ruleset - Engine/Enrich: Parsing/handling errors in engine (1.3.6.1.4.1.15397.2.1.64.56)
Threshold: Value > 0
Description: Error while handling/parsing enrich data. Are both userspace and engine restarted after config change?
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Ruleset - Engine/NatCfg: Dynamic natcfg allocation failures (1.3.6.1.4.1.15397.2.1.64.47)
Threshold: Value > 0
Description: The maximum number of dynamic NAT configs in rules using NAT has been exceeded.
Severity: Major
Action: Review the System Configuration value MAX_DYNAMIC_NATCFG_ENGINE.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Shaping/Out of packets drops (1.3.6.1.4.1.15397.2.1.88.15)
Threshold: Value > 0
Description: Packet pool is exhausted. Shaping will not work.
Severity: Major
404
Appendix C. System Diagnostics Values
405
Appendix C. System Diagnostics Values
406
Appendix C. System Diagnostics Values
Severity: Major
Action: Investigate network between PREs.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Queue Sync/(ext update) Update packets lost (1.3.6.1.4.1.15397.2.1.123.26)
Threshold: Value > 0
Description: QSync is missing update packets from peer. Packet loss on the network between PREs!
Severity: Major
Action: Investigate network between PREs.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Queue Sync/(ext status) Version mismatch in status packets received
(1.3.6.1.4.1.15397.2.1.123.29)
Threshold: Value > 0
Description: QSync has received a mismatch in version or unknown version in status packets from peer.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Queue Sync/(ext status) Invalid packets received (1.3.6.1.4.1.15397.2.1.123.30)
Threshold: Value > 0
Description: QSync has received invalid status packets from peer.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Queue Sync/(ext status) Status packets lost (1.3.6.1.4.1.15397.2.1.123.31)
Threshold: Value > 0
Description: QSync is missing status packets from peer.
Severity: Major
Action: Investigate packet loss on the network between PREs
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Queue Sync/(ext status) Status packets late/out of order (1.3.6.1.4.1.15397.2.1.123.32)
Threshold: Value > 0
Description: QSync has received old/late/out of order status packets. Another newer status packet has already been
processed. Network is reordering/queueing UDP packets.
Severity: Major
Action: Investigate duplicate IP on network.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Queue Sync/(ext timeout) Number of timeouts of peer (1.3.6.1.4.1.15397.2.1.123.33)
Threshold: Value > 0
Description: QSync has not received any packets from peer for timeout period. Peer is considered to be timed out.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Shaping Counter/Dropped shaping counter updates (1.3.6.1.4.1.15397.2.1.124.7)
Threshold: Value > 0
Description: Shaping counters has failed to send updates to at least one client due to insufficient space in buffer.
Severity: Major
Action: Ensure that clients are not slow or blocked. Review the System Configuration value SHAPING_COUNTERS_MAX.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Tunnel/Context allocation failures (1.3.6.1.4.1.15397.2.1.130.12)
Threshold: Value > 0
407
Appendix C. System Diagnostics Values
Description: The engine failed to decapsulate tunneled traffic due to resource problems.
Severity: Major
Action: Review the System Configuration value TUNNEL_CTXS.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: L2TP/L2TP map: Storage in engine is FULL (1.3.6.1.4.1.15397.2.1.132.21)
Threshold: Value > 0
Description: The maximum number of (outgoing, incoming)-pairs reached. Review the System Configuration value
TUNNEL_L2TPMAP_MAX
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Liveview/Hosts not created due to exhausted cache (1.3.6.1.4.1.15397.2.1.134.14)
Threshold: Value > 0
Description: This is PacketLogicd's pool for local hosts. If it is exhausted accounting data for hosts and their netobjects will
not be created. This will also affect statistics. The pool is created using the config item HOST_NUM_HOSTS.
Severity: Major
Action: Review system configuration value HOST_NUM_HOSTS.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Liveview/Max complexity among active views (1.3.6.1.4.1.15397.2.1.134.48)
Threshold: Value > 255
Description: An active view was disabled due to being too complex.
Severity: Minor
Action: Review the view configuration.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Liveview/Messages with excess ShapingObject (1.3.6.1.4.1.15397.2.1.134.51)
Threshold: Value > 0
Description: Too many ShapingObjects received by packetlogicd. ShapingObjects will not be displayed by LiveView
Severity: Minor
Action: Restart packetlogicd
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Statistics/Values not created, Cache exhausted (1.3.6.1.4.1.15397.2.1.136.6)
Threshold: Value > 0
Description: Statistics value cache exhausted.
Severity: Major
Action: Review the System Configuration value PLS_MAX_VALUES.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Statistics/Values not created, Priority Threshold (1.3.6.1.4.1.15397.2.1.136.7)
Threshold: Value > 0
Description: Statistics value cache close to exhaustion. Creation of normal priority values is halted.
Severity: Major
Action: Review the System Configuration value PLS_MAX_VALUES.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Statistics/Session Context Row Drops (1.3.6.1.4.1.15397.2.1.136.83)
Threshold: Value > 0
Description: Session Context Rows are dropped. This could result in loss of Statistics based off Session Context
Severity: Major
Action: Review the System Configuration value PLS_SESSION_CONTEXT_MAX_ROWS.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Statistics/Session Context Rows, Max Columns Exceeded (1.3.6.1.4.1.15397.2.1.136.100)
408
Appendix C. System Diagnostics Values
409
Appendix C. System Diagnostics Values
Severity: Major
Action: Try reloading the ruleset.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Mapping creation failure - No available natcfg (PPTP) (1.3.6.1.4.1.15397.2.1.141.28)
Threshold: Value > 0
Description: PPTP mappings can not be created using port blocks owned by other systems.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Mapping creation failure - No available natcfg (FTP) (1.3.6.1.4.1.15397.2.1.141.29)
Threshold: Value > 0
Description: FTP mappings can not be created using port blocks owned by other systems.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Mapping creation failure - No available natcfg (RTSP)
(1.3.6.1.4.1.15397.2.1.141.30)
Threshold: Value > 0
Description: RTSP mappings can not be created using port blocks owned by other systems.
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Translation creation failure (no object, total) (1.3.6.1.4.1.15397.2.1.141.40)
Threshold: Value > 0
Description: No rewrite object found. This will cause rewrite failures.
Severity: Major
Action: Revise the configuration of rewrite objects.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Translation creation failure (resources, total) (1.3.6.1.4.1.15397.2.1.141.41)
Threshold: Value > 0
Description: Too few rewrite headers configured. This will cause rewrite failures.
Severity: Major
Action: Revise the number of configured rewrite headers which is set by the configuration values of MAX_CONNECTIONS *
REDIRECT_HDR_PERCENT.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Translation creation failure (incompatible L4 protocol, total)
(1.3.6.1.4.1.15397.2.1.141.42)
Threshold: Value > 0
Description: Unsupported protocol for rewrite. This will cause rewrite failures. The supported protocols are TCP, UDP, ICMP
and GRE
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Translation creation failure (collision, total) (1.3.6.1.4.1.15397.2.1.141.43)
Threshold: Value > 0
Description: Connection does already exist. This will cause rewrite failures.
Severity: Major
Action: Revise the network topology to make sure that NAT:ed packets are not sent through PRE a second time.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
410
Appendix C. System Diagnostics Values
Variable binding pl2TrapOid: Rewrite/Translation creation failure (No rewrite address, total) (1.3.6.1.4.1.15397.2.1.141.50)
Threshold: Value > 0
Description: No rewrite address could not be found. The rewrite address may have been removed or reconfigured to belong
to another pool
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Translation creation failure (No mapping found, inbound)
(1.3.6.1.4.1.15397.2.1.141.73)
Threshold: Value > 0
Description: Could not rewrite inbound packet since no mapping was found.
Severity: Major
Action: To allow forwarding of packets without mappings, enable configuration value NAT_EIF_FORWARD_UNKNOWN.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Translation creation failure (not allowed, inbound) (1.3.6.1.4.1.15397.2.1.141.74)
Threshold: Value > 0
Description: Not allowed to use the mapping.
Severity: Major
Action: Revise the configuration value of NAT_EIF_ENABLED or the same pool configuration. An other reason could be that
the mapping is only allowed for single use such as ALG mappings
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Port block creation failures (resources) (1.3.6.1.4.1.15397.2.1.141.122)
Threshold: Value > 0
Description: Failed to create port block. Too few configured port blocks.
Severity: Major
Action: Revise the number of port blocks by increasing the configuration value of NAT_PBA_NUM_PORTBLOCKS or revise
the port block granularity to produce less port blocks.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Port block creation failures (start > end) (1.3.6.1.4.1.15397.2.1.141.123)
Threshold: Value > 0
Description: Failed to create port block due to faulty configuration of port block where the start port is higher than the end
port of the block. This should be reported as an error
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Port block creation failures (low and high) (1.3.6.1.4.1.15397.2.1.141.124)
Threshold: Value > 0
Description: Failed to create port block due to faulty configuration of port block where the port block spans over both low
ports (0 < x < 1024) and high ports (1024 <= x <= 65535). This should be reported as an error
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Port block creation abortion (cache full) (1.3.6.1.4.1.15397.2.1.141.125)
Threshold: Value > 0
Description: Failed to create port block. Port block pool cache full.
Severity: Major
Action: Revise the configuration value of NAT_PBA_NUM_PORTBLOCKS.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Rewrite/Port block assignment failures (subscriber limit reached)
(1.3.6.1.4.1.15397.2.1.141.127)
411
Appendix C. System Diagnostics Values
412
Appendix C. System Diagnostics Values
413
Appendix C. System Diagnostics Values
Description: The current score batch has been spilled to disk.The system is unable to reach Insights storage or unable to
keep up with theload of transferring data. If this happens constantly the system will not beable to keep up with the load.
Severity: Major
Action: Review system load and connectivity.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Host Stats/Host stats host pool exhausted (1.3.6.1.4.1.15397.2.1.146.7)
Threshold: Value > 0
Description: Host stats host pool exhausted.
Severity: Major
Action: Try increasing HOST_STATS_MAX_HOSTS.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Comm/CLIENT: Authentication failures (1.3.6.1.4.1.15397.2.1.148.6)
Threshold: Value > 0
Description: User authentication failurs.
Severity: Major
Action: Verify that the correct user is added on the other system with the correct key, and that there is no ACL preventing
connections.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Comm/CLIENT: Host key verification failures (1.3.6.1.4.1.15397.2.1.148.7)
Threshold: Value > 0
Description: Host key verification failed.
Severity: Major
Action: If the other system has been replaced or changed host key, clear the host key cache of this system in the CLI.
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Session Context - Engine/Too many sessions context entries matching single connection
(1.3.6.1.4.1.15397.2.1.150.4)
Threshold: Value > 0
Description: Too many sessions context entries matching single connection
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
Trap OID: pl2TrapSystemStatsAlert64 (1.3.6.1.4.1.15397.2.8.0.4)
Variable binding pl2TrapOid: Line Sharing/Host pool is depleted (1.3.6.1.4.1.15397.2.1.153.14)
Threshold: Value > 0
Description: Host pool is depleted. Check LS_HOST_POOL_SIZE
Severity:
Action:
Clear trap OID: 1.3.6.1.4.1.15397.2.8.0.5
414
Appendix D. Keyboard shortcuts
This section lists all keyboard shortcuts available in the PacketLogic client interface. Note that there are platform-specific variations
to keyboard shortcuts. For example, in Mac OS X the Apple key is used consistently instead of the Ctrl key. In cases where
there are specific platform-dependant variations on keyboard shortcuts, they are listed below.
Ctrl+M
Open the System Manager
Ctrl+Alt+R
Reconnect
Ctrl+Shift+W
Close Window
Ctrl+Q
Quit
Ctrl+Shift+C
Quick connect
For all list views, the following keyboard shortcuts are available:
Down
Move selection down.
Up
Move selection up.
Left or -
Close one expanded level.
Right or +
Expand one level.
Enter
Open selected item (corresponds to double-click).
Space
Toggles checkboxes checked/unchecked.
F2
Opens a dialog to rename the selected item. Enter sets the new name, Esc cancels.
415
Appendix D. Keyboard shortcuts
To open a general-purpose search field in any list view or statistics bar chart view, press \textbf{Ctrl+F} or simply start typing
the search string.
When the search field is open, the following keyboard shortcuts are available:
Esc
Close the search field.
F3 or Ctrl+G
Go to the next match.
Shift+F3
Go to the previous match.
Ctrl+N
Create a new backup.
Ctrl+W
Close the Backup Manager.
Ctrl+W
Close the File Manager.
Del
Delete the selected file.
Ctrl+S
Save the selected log file on the local file system.
Ctrl+W
Close the Log Viewer.
Ctrl+C
Copy the selected text to the clipboard.
Ctrl+A
Select all text in the displayed log file.
416
Appendix D. Keyboard shortcuts
Ctrl+F
Search the logs for a text string.
Ctrl+N
Add a new object.
Ctrl+I
Add a new item in the current object.
Ctrl+S
Save the edited ruleset.
Ctrl+W
Close the Objects & Rules Editor.
Ctrl+X
Cut the selected object, rule, or item.
Ctrl+C
Copy the selected object, rule, or item.
Ctrl+V
Paste the most recently cut or copied object, rule, or item.
Ctrl+Up
Move the selected filtering rule up in the list.
Ctrl+Down
Move the selected filtering rule down in the list.
Right
Add the selected service or Shaping Object to the list.
Left
Remove the selected service or Shaping Object from the list.
When selecting date ranges in TimeObjects, the following keyboard shortcuts are available:
Esc
Closes the date range selection without selecting a date.
Enter
Sets the selected date range.
For objects where there are advanced options available, Space and Enter toggles showing/hiding the advanced options.
417
Appendix D. Keyboard shortcuts
Ctrl+S
Save the current configuration.
Ctrl+W
Close the System Configuration Editor.
Ctrl+N
Add a new user.
Ctrl+S
Save the edited user configuration.
Ctrl+W
Close the User Editor.
Ctrl+X
Cut the selected user.
Ctrl+C
Copy the selected user.
Ctrl+V
Paste the user last cut or copied.
Del
Delete the selected user.
Ctrl+P
Change password for the selected user.
Ctrl+W
Close the window.
418
Appendix D. Keyboard shortcuts
Ctrl+D
Display debug information for the resources.
Ctrl+W
Close the current tab.
Ctrl+F
Find (in bar chart).
Alt+Up
Go up one level in the object path.
Alt+Home
Go to the root level in the object path.
Ctrl+L
Focus the Location Field.
Ctrl+Left
View the previous date interval.
Ctrl+Right
View the next date interval.
Ctrl+B
Switch to Bar Chart.
Ctrl+I
Switch to Pie Chart.
Ctrl+T
Switch to Throughput Chart.
Ctrl+P
Print the current statistics view.
Ctrl+D
Add a bookmark.
Down or PageDown
Go down one page in a multi-page statistics view.
Up or PageUp
Go up one page in a multi-page statistics view.
Home
Go to the first page in a multi-page statistics view.
End
Go to the last page in a multi-page statistics view.
419
Appendix D. Keyboard shortcuts
Ctrl+W
Close the Bookmark Manager.
Ctrl+X
Cut the selected bookmark.
Ctrl+C
Copy the selected bookmark.
Ctrl+V
Paste the bookmark last cut or copied.
Left
Move the date selection to the left.
Right
Move the date selection to the right.
Up
Move the date selection up.
Down
Move the date selection down.
PageUp
Go forward one month.
PageDown
Go back one month.
D.15. LiveView
The following keyboard shortcuts are available in the LiveView part:
Ctrl+Shift+P
Pause/unpause (stop/start updating)
Ctrl+Shift+G
Open the Go to Host dialog, where an IP address can be entered to go directly to the connections for that host.
420
Appendix D. Keyboard shortcuts
Ctrl+D
Display debugging zones in System Diagnostics.
Ctrl+W
Close the current view.
421
422
Index
ICMP ports (low), 267
Incoming, 113
Incoming Avg Latency, 251, 259
Incoming bps, 255
A Incoming Bytes, 247
Aggregation, 43, 196 Incoming concurrent connections, 258
Attributes, 123 Incoming concurrent connections (Peak), 249
Incoming Connections, 248
B Incoming CPS, 257
Backup and restore, 158 Incoming link speed, 263
Backup Manager (Client), 74 Incoming Link Utilization, 263
Bandwidth, 148 Incoming Packet Drops, 254, 262
Incoming Packet Retransmissions, 254, 262
C Incoming Packets, 250, 258
Centralized management, 148 Incoming Quality (External), 252, 260
Channel Editor, 51 Incoming Quality (Internal), 252, 259
Channel statistics graph fields, 264 Incoming Quality of Experience, 253, 261
Channel statistics total fields, 263 Incoming Quality Packets, 254, 261
Chassis processor(PL15000/PL20000), 132 Incoming Shaping Dropped Bytes, 248, 256
Client, 7, 85 Incoming Shaping Dropped Packets, 250, 258
Client-server, 113 Incoming Unestablished Connections, 249
Command line mode, 84 Insights Data Storage, 216, 216, 217, 218
Concepts, 111, 171, 215 Internal Avg Handshake RTT, 253, 261
Connection logging, 241, 244 IPFIX collector, 227
Connection quality measurement, 115 IPFIX elements, enterprise-specific elements, 232
Connection search, 244 IPFIX elements, standard, 231
Connection Search (Client), 82 IPFIX export, 226, 226
Connections, 248 IPFIX export configuration, 228
CPS, 256 IPFIX fields, 230
IPFIX flow, 237
D IPFIX sampling, 239
Database daemon, 133 IPFIX template, 226
Database daemon (Statistics), 134 IPFIXObject editor, 44
Depth, 174
Distribution, 40, 173 K
Key concepts, 111, 171, 215
E
Edit menu (Client), 23 L
Engine, 132 Limits, 42
External Avg Handshake RTT, 253, 261 Link configuration, 185, 185
Links (Statistics), 184
F Local, 113
Features, 111, 171, 215 Log Levels Editor, 61
Fields, 39, 177 Log Viewer, 80
File Manager, 78
File menu (Client), 22 M
FLICKA, 136 Monitoring, 151
H N
Handshake RTT, 117 NAT statistics, 193, 266
Help menu (client), 29 NetObject Attributes, 123
NetObjects, 122
I
ICMP port allocation failures (high), 268 O
ICMP port allocation failures (low), 267 Object root, 174
ICMP ports (high), 267 Objects, 122
423
Index
424
Index
V
Value paths, 177
Value types, 179
Values, 177
View menu (Statistics), 25
425
426