Print this page
manuals
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/man/man1m/flowadm.1m
+++ new/usr/src/man/man1m/flowadm.1m
1 1 '\" te
2 2 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved
3 +.\" Copyright (c) 2011, Joyent, Inc. All Rights Reserved
3 4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
4 5 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
5 6 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
6 7 .TH FLOWADM 1M "Feb 14, 2009"
7 8 .SH NAME
8 9 flowadm \- administer bandwidth resource control and priority for protocols,
9 10 services, containers, and virtual machines
10 11 .SH SYNOPSIS
11 12 .LP
12 13 .nf
13 14 \fBflowadm show-flow\fR [\fB-pP\fR] [\fB-S\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [\fB-l\fR \fIlink\fR]
14 - [\fB-o\fR \fIfield\fR[,...]] [\fIflow\fR]
15 + [\fB-o\fR \fIfield\fR[,...]] [\fB-z\fR \fIzonename\fR] [\fIflow\fR]
15 16 .fi
16 17
17 18 .LP
18 19 .nf
19 -\fBflowadm add-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR \fB-a\fR \fIattr\fR=\fIvalue\fR[,...]
20 - \fB-p\fR \fIprop\fR=\fIvalue\fR[,...] \fIflow\fR
21 -\fBflowadm remove-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] {\fB-l\fR \fIlink\fR | \fIflow\fR}
20 +\fBflowadm add-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fB-l\fR \fIlink\fR
21 + \fB-a\fR \fIattr\fR=\fIvalue\fR[,...] \fB-p\fR \fIprop\fR=\fIvalue\fR[,...] \fIflow\fR
22 +\fBflowadm remove-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] {\fB-l\fR \fIlink\fR | \fIflow\fR}
22 23 .fi
23 24
24 25 .LP
25 26 .nf
26 27 \fBflowadm set-flowprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-p\fR \fIprop\fR=\fIvalue\fR[,...] \fIflow\fR
27 28 \fBflowadm reset-flowprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-p\fR \fIprop\fR[,...]] \fIflow\fR
28 29 \fBflowadm show-flowprop\fR [\fB-cP\fR] [\fB-l\fR \fIlink\fR] [\fB-o\fR \fIfield\fR[,...]]
29 30 [\fB-p\fR \fIprop\fR[,...]] [\fIflow\fR]
30 31 .fi
31 32
32 33 .LP
33 34 .nf
34 35 \fBflowadm show-usage\fR [\fB-a\fR] [\fB-d\fR | {\fB-p\fR \fIplotfile\fR \fB-F\fR \fIformat\fR}] [\fB-s\fR \fItime\fR]
35 36 [\fB-e\fR \fItime\fR] \fB-f\fR \fIfilename\fR [\fIflow\fR]
36 37 .fi
37 38
38 39 .SH DESCRIPTION
39 40 .sp
40 41 .LP
41 42 The \fBflowadm\fR command is used to create, modify, remove, and show
42 43 networking bandwidth and associated resources for a type of traffic on a
43 44 particular link.
44 45 .sp
45 46 .LP
46 47 The \fBflowadm\fR command allows users to manage networking bandwidth resources
47 48 for a transport, service, or a subnet. The service is specified as a
48 49 combination of transport and local port. The subnet is specified by its IP
49 50 address and subnet mask. The command can be used on any type of data link,
50 51 including physical links, virtual NICs, and link aggregations.
51 52 .sp
52 53 .LP
53 54 A flow is defined as a set of attributes based on Layer 3 and Layer 4 headers,
54 55 which can be used to identify a protocol, service, or a virtual machine. When a
55 56 flow is identified based on flow attributes, separate kernel resources
56 57 including layer 2, 3, and 4 queues, their processing threads, and other
57 58 resources are uniquely created for it, such that other traffic has minimal or
58 59 zero impact on it.
59 60 .sp
60 61 .LP
61 62 Inbound and outbound packet are matched to flows in a very fast and scalable
62 63 way, so that limits can be enforced with minimal performance impact.
63 64 .sp
64 65 .LP
65 66 The \fBflowadm\fR command can be used to identify a flow without imposing any
66 67 bandwidth resource control. This would result in the traffic type getting its
67 68 own resources and queues so that it is isolated from rest of the networking
68 69 traffic for more observable and deterministic behavior.
69 70 .sp
|
↓ open down ↓ |
38 lines elided |
↑ open up ↑ |
70 71 .LP
71 72 \fBflowadm\fR is implemented as a set of subcommands with corresponding
72 73 options. Options are described in the context of each subcommand.
73 74 .SH SUB-COMMANDS
74 75 .sp
75 76 .LP
76 77 The following subcommands are supported:
77 78 .sp
78 79 .ne 2
79 80 .na
80 -\fB\fBflowadm show-flow\fR [\fB-pP\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]]
81 -[\fB-o\fR \fIfield\fR[,...]] [\fB-l\fR \fIlink\fR] [\fIflow\fR]\fR
81 +\fB\fBflowadm show-flow\fR [\fB-pP\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [\fB-o\fR \fIfield\fR[,...]] [\fB-l\fR \fIlink\fR] [\fB-z\fR \fIzonename\fR] [\fIflow\fR]\fR
82 82 .ad
83 83 .sp .6
84 84 .RS 4n
85 85 Show flow configuration information (the default) or statistics, either for all
86 86 flows, all flows on a link, or for the specified \fIflow\fR.
87 87 .sp
88 88 .ne 2
89 89 .na
90 90 \fB\fB-o\fR \fIfield\fR[,...]\fR
91 91 .ad
92 92 .sp .6
93 93 .RS 4n
94 94 A case-insensitive, comma-separated list of output fields to display. The field
95 95 name must be one of the fields listed below, or a special value \fBall\fR, to
96 96 display all fields. For each flow found, the following fields can be displayed:
97 97 .sp
98 98 .ne 2
99 99 .na
100 100 \fB\fBflow\fR\fR
101 101 .ad
102 102 .sp .6
103 103 .RS 4n
104 104 The name of the flow.
105 105 .RE
106 106
107 107 .sp
108 108 .ne 2
109 109 .na
110 110 \fB\fBlink\fR\fR
111 111 .ad
112 112 .sp .6
113 113 .RS 4n
114 114 The name of the link the flow is on.
115 115 .RE
116 116
117 117 .sp
118 118 .ne 2
119 119 .na
120 120 \fB\fBipaddr\fR\fR
121 121 .ad
122 122 .sp .6
123 123 .RS 4n
124 124 IP address of the flow. This can be either local or remote depending on how the
125 125 flow was defined.
126 126 .RE
127 127
128 128 .sp
129 129 .ne 2
130 130 .na
131 131 \fB\fBtransport\fR\fR
132 132 .ad
133 133 .sp .6
134 134 .RS 4n
135 135 The name of the layer for protocol to be used.
136 136 .RE
137 137
138 138 .sp
139 139 .ne 2
140 140 .na
141 141 \fB\fBport\fR\fR
142 142 .ad
143 143 .sp .6
144 144 .RS 4n
145 145 Local port of service for flow.
146 146 .RE
147 147
148 148 .sp
149 149 .ne 2
150 150 .na
151 151 \fB\fBdsfield\fR\fR
152 152 .ad
153 153 .sp .6
154 154 .RS 4n
155 155 Differentiated services value for flow and mask used with \fBDSFIELD\fR value
156 156 to state the bits of interest in the differentiated services field of the IP
157 157 header.
158 158 .RE
159 159
160 160 .RE
161 161
162 162 .sp
163 163 .ne 2
164 164 .na
165 165 \fB\fB-p\fR, \fB--parseable\fR\fR
166 166 .ad
167 167 .sp .6
168 168 .RS 4n
169 169 Display using a stable machine-parseable format.
170 170 .RE
171 171
172 172 .sp
173 173 .ne 2
174 174 .na
175 175 \fB\fB-P\fR, \fB--persistent\fR\fR
176 176 .ad
177 177 .sp .6
178 178 .RS 4n
179 179 Display persistent flow property information.
180 180 .RE
181 181
182 182 .sp
183 183 .ne 2
184 184 .na
185 185 \fB\fB-S\fR, \fB--continuous\fR\fR
186 186 .ad
187 187 .sp .6
188 188 .RS 4n
189 189 Continuously display network utilization by flow in a manner similar to the way
190 190 that \fBprstat\fR(1M) displays CPU utilization by process.
191 191 .RE
192 192
193 193 .sp
194 194 .ne 2
195 195 .na
196 196 \fB\fB-s\fR, \fB--statistics\fR\fR
197 197 .ad
198 198 .sp .6
199 199 .RS 4n
200 200 Displays flow statistics.
201 201 .RE
202 202
203 203 .sp
204 204 .ne 2
205 205 .na
206 206 \fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR
207 207 .ad
208 208 .sp .6
209 209 .RS 4n
210 210 Used with the \fB-s\fR option to specify an interval, in seconds, at which
211 211 statistics should be displayed. If this option is not specified, statistics are
212 212 displayed once.
213 213 .RE
214 214
215 215 .sp
|
↓ open down ↓ |
124 lines elided |
↑ open up ↑ |
216 216 .ne 2
217 217 .na
218 218 \fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR | \fIflow\fR\fR
219 219 .ad
220 220 .sp .6
221 221 .RS 4n
222 222 Display information for all flows on the named link or information for the
223 223 named flow.
224 224 .RE
225 225
226 +.sp
227 +.ne 2
228 +.na
229 +\fB\fB-z\fR \fIzonename\fR
230 +.ad
231 +.sp .6
232 +.RS 4n
233 +Operate on a link that has been delegated to the specified zone.
226 234 .RE
227 235
236 +.RE
237 +
228 238 .sp
229 239 .ne 2
230 240 .na
231 -\fB\fBflowadm add-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR
232 -\fIlink\fR \fB-a\fR \fIattr\fR=\fIvalue\fR[,...] \fB-p\fR
233 -\fIprop\fR=\fIvalue\fR[,...] \fIflow\fR\fR
241 +\fB\fBflowadm add-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fB-l\fR \fIlink\fR \fB-a\fR \fIattr\fR=\fIvalue\fR[,...] \fB-p\fR \fIprop\fR=\fIvalue\fR[,...] \fIflow\fR\fR
234 242 .ad
235 243 .sp .6
236 244 .RS 4n
237 245 Adds a flow to the system. The flow is identified by its flow attributes and
238 246 properties.
239 247 .sp
240 248 As part of identifying a particular flow, its bandwidth resource can be limited
241 249 and its relative priority to other traffic can be specified. If no bandwidth
242 250 limit or priority is specified, the traffic still gets its unique layer 2, 3,
243 251 and 4 queues and processing threads, including NIC hardware resources (when
244 252 supported), so that the selected traffic can be separated from others and can
245 253 flow with minimal impact from other traffic.
246 254 .sp
247 255 .ne 2
248 256 .na
249 257 \fB\fB-t\fR, \fB--temporary\fR\fR
250 258 .ad
251 259 .sp .6
252 260 .RS 4n
253 261 The changes are temporary and will not persist across reboots. Persistence is
254 262 the default.
255 263 .RE
256 264
257 265 .sp
258 266 .ne 2
259 267 .na
260 268 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
|
↓ open down ↓ |
17 lines elided |
↑ open up ↑ |
261 269 .ad
262 270 .sp .6
263 271 .RS 4n
264 272 Specifies an alternate root directory where \fBflowadm\fR should apply
265 273 persistent creation.
266 274 .RE
267 275
268 276 .sp
269 277 .ne 2
270 278 .na
279 +\fB\fB-z\fR \fIzonename\fR
280 +.ad
281 +.sp .6
282 +.RS 4n
283 +Operate on a link that has been delegated to the specified zone.
284 +.RE
285 +
286 +.sp
287 +.ne 2
288 +.na
271 289 \fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR\fR
272 290 .ad
273 291 .sp .6
274 292 .RS 4n
275 293 Specify the link to which the flow will be added.
276 294 .RE
277 295
278 296 .sp
279 297 .ne 2
280 298 .na
281 299 \fB\fB-a\fR \fIattr\fR=\fIvalue\fR[,...], \fB--attr\fR=\fIvalue\fR\fR
282 300 .ad
283 301 .sp .6
284 302 .RS 4n
285 303 A comma-separated list of attributes to be set to the specified values.
286 304 .RE
287 305
288 306 .sp
289 307 .ne 2
290 308 .na
291 309 \fB\fB-p\fR \fIprop\fR=\fIvalue\fR[,...], \fB--prop\fR=\fIvalue\fR[,...]\fR
292 310 .ad
|
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
293 311 .sp .6
294 312 .RS 4n
295 313 A comma-separated list of properties to be set to the specified values.
296 314 .RE
297 315
298 316 .RE
299 317
300 318 .sp
301 319 .ne 2
302 320 .na
303 -\fB\fBflowadm remove-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR
304 -{\fIlink\fR | \fIflow\fR}\fR
321 +\fB\fBflowadm remove-flow\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fB-l\fR {\fIlink\fR | \fIflow\fR}\fR
305 322 .ad
306 323 .sp .6
307 324 .RS 4n
308 325 Remove an existing flow identified by its link or name.
309 326 .sp
310 327 .ne 2
311 328 .na
312 329 \fB\fB-t\fR, \fB--temporary\fR\fR
313 330 .ad
314 331 .sp .6
315 332 .RS 4n
316 333 The changes are temporary and will not persist across reboots. Persistence is
317 334 the default.
318 335 .RE
319 336
320 337 .sp
|
↓ open down ↓ |
6 lines elided |
↑ open up ↑ |
321 338 .ne 2
322 339 .na
323 340 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
324 341 .ad
325 342 .sp .6
326 343 .RS 4n
327 344 Specifies an alternate root directory where \fBflowadm\fR should apply
328 345 persistent removal.
329 346 .RE
330 347
348 +.sp
349 +.ne 2
350 +.na
351 +\fB\fB-z\fR \fIzonename\fR
352 +.ad
353 +.sp .6
354 +.RS 4n
355 +Operate on a link that has been delegated to the specified zone.
356 +.RE
357 +
331 358 .sp
332 359 .ne 2
333 360 .na
334 361 \fB\fB-l\fR \fIlink\fR | \fIflow\fR, \fB--link\fR=\fIlink\fR | \fIflow\fR\fR
335 362 .ad
336 363 .sp .6
337 364 .RS 4n
338 365 If a link is specified, remove all flows from that link. If a single flow is
339 366 specified, remove only that flow.
340 367 .RE
341 368
342 369 .RE
343 370
344 371 .sp
345 372 .ne 2
346 373 .na
347 374 \fB\fBflowadm set-flowprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-p\fR
348 375 \fIprop\fR=\fIvalue\fR[,...] \fIflow\fR\fR
349 376 .ad
350 377 .sp .6
351 378 .RS 4n
352 379 Set values of one or more properties on the flow specified by name. The
353 380 complete list of properties can be retrieved using the \fBshow-flow\fR
354 381 subcommand.
355 382 .sp
356 383 .ne 2
357 384 .na
358 385 \fB\fB-t\fR, \fB--temporary\fR\fR
359 386 .ad
360 387 .sp .6
361 388 .RS 4n
362 389 The changes are temporary and will not persist across reboots. Persistence is
363 390 the default.
364 391 .RE
365 392
366 393 .sp
367 394 .ne 2
368 395 .na
369 396 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
370 397 .ad
371 398 .sp .6
372 399 .RS 4n
373 400 Specifies an alternate root directory where \fBflowadm\fR should apply
374 401 persistent setting of properties.
375 402 .RE
376 403
377 404 .sp
378 405 .ne 2
379 406 .na
380 407 \fB\fB-p\fR \fIprop\fR=\fIvalue\fR[,...], \fB--prop\fR=\fIvalue\fR[,...]\fR
381 408 .ad
382 409 .sp .6
383 410 .RS 4n
384 411 A comma-separated list of properties to be set to the specified values.
385 412 .RE
386 413
387 414 .RE
388 415
389 416 .sp
390 417 .ne 2
391 418 .na
392 419 \fB\fBflowadm reset-flowprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-p\fR
393 420 [\fIprop\fR=\fIvalue\fR[,...]] \fIflow\fR\fR
394 421 .ad
395 422 .sp .6
396 423 .RS 4n
397 424 Resets one or more properties to their default values on the specified flow. If
398 425 no properties are specified, all properties are reset. See the
399 426 \fBshow-flowprop\fR subcommand for a description of properties, which includes
400 427 their default values.
401 428 .sp
402 429 .ne 2
403 430 .na
404 431 \fB\fB-t\fR, \fB--temporary\fR\fR
405 432 .ad
406 433 .sp .6
407 434 .RS 4n
408 435 Specifies that the resets are temporary. Temporary resets last until the next
409 436 reboot.
410 437 .RE
411 438
412 439 .sp
413 440 .ne 2
414 441 .na
415 442 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
416 443 .ad
417 444 .sp .6
418 445 .RS 4n
419 446 Specifies an alternate root directory where \fBflowadm\fR should apply
420 447 persistent setting of properties.
421 448 .RE
422 449
423 450 .sp
424 451 .ne 2
425 452 .na
426 453 \fB\fB-p\fR \fIprop\fR=\fIvalue\fR[,...], \fB--prop\fR=\fIvalue\fR[,...]\fR
427 454 .ad
428 455 .sp .6
429 456 .RS 4n
430 457 A comma-separated list of properties to be reset.
431 458 .RE
432 459
433 460 .RE
434 461
435 462 .sp
436 463 .ne 2
437 464 .na
438 465 \fB\fBflowadm show-flowprop\fR [\fB-cP\fR] [\fB-l\fR \fIlink\fR] [\fB-p\fR
439 466 \fIprop\fR[,...]] [\fIflow\fR]\fR
440 467 .ad
441 468 .sp .6
442 469 .RS 4n
443 470 Show the current or persistent values of one or more properties, either for all
444 471 flows, flows on a specified link, or for the specified flow.
445 472 .sp
446 473 By default, current values are shown. If no properties are specified, all
447 474 available flow properties are displayed. For each property, the following
448 475 fields are displayed:
449 476 .sp
450 477 .ne 2
451 478 .na
452 479 \fB\fBFLOW\fR\fR
453 480 .ad
454 481 .sp .6
455 482 .RS 4n
456 483 The name of the flow.
457 484 .RE
458 485
459 486 .sp
460 487 .ne 2
461 488 .na
462 489 \fB\fBPROPERTY\fR\fR
463 490 .ad
464 491 .sp .6
465 492 .RS 4n
466 493 The name of the property.
467 494 .RE
468 495
469 496 .sp
470 497 .ne 2
471 498 .na
472 499 \fB\fBVALUE\fR\fR
473 500 .ad
474 501 .sp .6
475 502 .RS 4n
476 503 The current (or persistent) property value. The value is shown as \fB--\fR
477 504 (double hyphen), if it is not set, and \fB?\fR (question mark), if the value is
478 505 unknown. Persistent values that are not set or have been reset will be shown as
479 506 \fB--\fR and will use the system \fBDEFAULT\fR value (if any).
480 507 .RE
481 508
482 509 .sp
483 510 .ne 2
484 511 .na
485 512 \fB\fBDEFAULT\fR\fR
486 513 .ad
487 514 .sp .6
488 515 .RS 4n
489 516 The default value of the property. If the property has no default value,
490 517 \fB--\fR (double hyphen), is shown.
491 518 .RE
492 519
493 520 .sp
494 521 .ne 2
495 522 .na
496 523 \fB\fBPOSSIBLE\fR\fR
497 524 .ad
498 525 .sp .6
499 526 .RS 4n
500 527 A comma-separated list of the values the property can have. If the values span
501 528 a numeric range, the minimum and maximum values might be shown as shorthand. If
502 529 the possible values are unknown or unbounded, \fB--\fR (double hyphen), is
503 530 shown.
504 531 .RE
505 532
506 533 Flow properties are documented in the "Flow Properties" section, below.
507 534 .sp
508 535 .ne 2
509 536 .na
510 537 \fB\fB-c\fR, \fB--parseable\fR\fR
511 538 .ad
512 539 .sp .6
513 540 .RS 4n
514 541 Display using a stable machine-parseable format.
515 542 .RE
516 543
517 544 .sp
518 545 .ne 2
519 546 .na
520 547 \fB\fB-P\fR, \fB--persistent\fR\fR
521 548 .ad
522 549 .sp .6
523 550 .RS 4n
524 551 Display persistent flow property information.
525 552 .RE
526 553
527 554 .sp
528 555 .ne 2
529 556 .na
530 557 \fB\fB-p\fR \fIprop\fR[,...], \fB--prop\fR=\fIprop\fR[,...]\fR
531 558 .ad
532 559 .sp .6
533 560 .RS 4n
534 561 A comma-separated list of properties to show.
535 562 .RE
536 563
537 564 .RE
538 565
539 566 .sp
540 567 .ne 2
541 568 .na
542 569 \fB\fBflowadm show-usage\fR [\fB-a\fR] [\fB-d\fR | {\fB-p\fR \fIplotfile\fR
543 570 \fB-F\fR \fIformat\fR}] [\fB-s\fR \fItime\fR] [\fB-e\fR \fItime\fR]
544 571 [\fIflow\fR]\fR
545 572 .ad
546 573 .sp .6
547 574 .RS 4n
548 575 Show the historical network flow usage from a stored extended accounting file.
549 576 Configuration and enabling of network accounting through \fBacctadm\fR(1M) is
550 577 required. The default output will be the summary of flow usage for the entire
551 578 period of time in which extended accounting was enabled.
552 579 .sp
553 580 .ne 2
554 581 .na
555 582 \fB\fB-a\fR\fR
556 583 .ad
557 584 .sp .6
558 585 .RS 4n
559 586 Display all historical network usage for the specified period of time during
560 587 which extended accounting is enabled. This includes the usage information for
561 588 the flows that have already been deleted.
562 589 .RE
563 590
564 591 .sp
565 592 .ne 2
566 593 .na
567 594 \fB\fB-d\fR\fR
568 595 .ad
569 596 .sp .6
570 597 .RS 4n
571 598 Display the dates for which there is logging information. The date is in the
572 599 format \fIDD\fR/\fIMM\fR/\fIYYYY\fR.
573 600 .RE
574 601
575 602 .sp
576 603 .ne 2
577 604 .na
578 605 \fB\fB-F\fR \fIformat\fR\fR
579 606 .ad
580 607 .sp .6
581 608 .RS 4n
582 609 Specifies the format of \fIplotfile\fR that is specified by the \fB-p\fR
583 610 option. As of this release, \fBgnuplot\fR is the only supported format.
584 611 .RE
585 612
586 613 .sp
587 614 .ne 2
588 615 .na
589 616 \fB\fB-p\fR \fIplotfile\fR\fR
590 617 .ad
591 618 .sp .6
592 619 .RS 4n
593 620 When specified with \fB-s\fR or \fB-e\fR (or both), outputs flow usage data to
594 621 a file of the format specified by the \fB-F\fR option, which is required.
595 622 .RE
596 623
597 624 .sp
598 625 .ne 2
599 626 .na
600 627 \fB\fB-s\fR \fItime\fR, \fB-e\fR \fItime\fR\fR
601 628 .ad
602 629 .sp .6
603 630 .RS 4n
604 631 Start and stop times for data display. Time is in the format
605 632 \fIYYYY\fR.\fIMM\fR.\fIDD\fR,\fIhh\fR:\fImm\fR:\fIss\fR.
606 633 .RE
607 634
608 635 .sp
609 636 .ne 2
610 637 .na
611 638 \fB\fB-f\fR \fIfilename\fR\fR
612 639 .ad
613 640 .sp .6
614 641 .RS 4n
615 642 Read extended accounting records of network flow usage from \fIfilename\fR.
616 643 .RE
617 644
618 645 .sp
619 646 .ne 2
620 647 .na
621 648 \fB\fIflow\fR\fR
622 649 .ad
623 650 .sp .6
624 651 .RS 4n
625 652 If specified, display the network flow usage only from the named flow.
626 653 Otherwise, display network usage from all flows.
627 654 .RE
628 655
629 656 .RE
630 657
631 658 .SS "Flow Attributes"
632 659 .sp
633 660 .LP
634 661 The flow operand that identify a flow in a \fBflowadm\fR command is a
635 662 comma-separated list of one or more keyword, value pairs from the list below.
636 663 .sp
637 664 .ne 2
638 665 .na
639 666 \fB\fBlocal_ip\fR[\fB/\fR\fIprefix_len\fR]\fR
640 667 .ad
641 668 .sp .6
642 669 .RS 4n
643 670 Identifies a network flow by the local IP address. \fIvalue\fR must be a IPv4
644 671 address in dotted-decimal notation or an IPv6 address in colon-separated
645 672 notation. \fIprefix_len\fR is optional.
646 673 .sp
647 674 If \fIprefix_len\fR is specified, it describes the netmask for a subnet
648 675 address, following the same notation convention of \fBifconfig\fR(1M) and
649 676 \fBroute\fR(1M) addresses. If unspecified, the given IP address will be
650 677 considered as a host address for which the default prefix length for a IPv4
651 678 address is \fB/32\fR and for IPv6 is \fB/128\fR.
652 679 .RE
653 680
654 681 .sp
655 682 .ne 2
656 683 .na
657 684 \fB\fBremote_ip\fR[\fB/\fR\fIprefix_len\fR]\fR
658 685 .ad
659 686 .sp .6
660 687 .RS 4n
661 688 Identifies a network flow by the remote IP address. The syntax is the same as
662 689 \fBlocal_ip\fR attributes
663 690 .RE
664 691
665 692 .sp
666 693 .ne 2
667 694 .na
668 695 \fB\fBtransport\fR={\fBtcp\fR|\fBudp\fR|\fBsctp\fR|\fBicmp\fR|\fBicmpv6\fR}\fR
669 696 .ad
670 697 .sp .6
671 698 .RS 4n
672 699 Identifies a layer 4 protocol to be used. It is typically used in combination
673 700 with local_port to identify the service that needs special attention.
674 701 .RE
675 702
676 703 .sp
677 704 .ne 2
678 705 .na
679 706 \fB\fBlocal_port\fR\fR
680 707 .ad
681 708 .sp .6
682 709 .RS 4n
683 710 Identifies a service specified by the local port.
684 711 .RE
685 712
686 713 .sp
687 714 .ne 2
688 715 .na
689 716 \fB\fBdsfield\fR[\fB:\fR\fIdsfield_mask\fR]\fR
690 717 .ad
691 718 .sp .6
692 719 .RS 4n
693 720 Identifies the 8-bit differentiated services field (as defined in RFC 2474).
694 721 .sp
695 722 The optional \fIdsfield_mask\fR is used to state the bits of interest in the
696 723 differentiated services field when comparing with the \fBdsfield\fR value. A
697 724 \fB0\fR in a bit position indicates that the bit value needs to be ignored and
698 725 a \fB1\fR indicates otherwise. The mask can range from \fB0x01\fR to
699 726 \fB0xff\fR. If \fIdsfield_mask\fR is not specified, the default mask \fB0xff\fR
700 727 is used. Both the \fBdsfield\fR value and mask must be in hexadecimal.
701 728 .RE
702 729
703 730 .sp
704 731 .LP
705 732 The following five types of combinations of attributes are supported:
706 733 .sp
707 734 .in +2
708 735 .nf
709 736 local_ip[/\fIprefixlen\fR]=\fIaddress\fR
710 737 remote_ip[/\fIprefixlen\fR]=\fIaddress\fR
711 738 transport={tcp|udp|sctp|icmp|icmpv6}
712 739 transport={tcp|udp|sctp},local_port=\fIport\fR
713 740 dsfield=\fIval\fR[:\fIdsfield_mask\fR]
714 741 .fi
715 742 .in -2
716 743 .sp
717 744
718 745 .sp
719 746 .LP
720 747 On a given link, the combinations above are mutually exclusive. An attempt to
721 748 create flows of different combinations will fail.
722 749 .SS "Restrictions"
723 750 .sp
724 751 .LP
725 752 There are individual flow restrictions and flow restrictions per zone.
726 753 .SS "Individual Flow Restrictions"
727 754 .sp
728 755 .LP
729 756 Restrictions on individual flows do not require knowledge of other flows that
730 757 have been added to the link.
731 758 .sp
732 759 .LP
733 760 An attribute can be listed only once for each flow. For example, the following
734 761 command is not valid:
735 762 .sp
736 763 .in +2
737 764 .nf
738 765 # \fBflowadm add-flow -l vnic1 -a local_port=80,local_port=8080 httpflow\fR
739 766 .fi
740 767 .in -2
741 768 .sp
742 769
743 770 .sp
744 771 .LP
745 772 \fBtransport\fR and \fBlocal_port\fR:
746 773 .sp
747 774 .LP
748 775 TCP, UDP, or SCTP flows can be specified with a local port. An ICMP or ICMPv6
749 776 flow that specifies a port is not allowed. The following commands are valid:
750 777 .sp
751 778 .in +2
752 779 .nf
753 780 # \fBflowadm add-flow -l e1000g0 -a transport=udp udpflow\fR
754 781 # \fBflowadm add-flow -l e1000g0 -a transport=tcp,local_port=80 \e
755 782 udp80flow\fR
756 783 .fi
757 784 .in -2
758 785 .sp
759 786
760 787 .sp
761 788 .LP
762 789 The following commands are not valid:
763 790 .sp
764 791 .in +2
765 792 .nf
766 793 # \fBflowadm add-flow -l e1000g0 -a local_port=25 flow25\fR
767 794 # \fBflowadm add-flow -l e1000g0 -a transport=icmpv6,local_port=16 \e
768 795 flow16\fR
769 796 .fi
770 797 .in -2
771 798 .sp
772 799
773 800 .SS "Flow Restrictions Per Zone"
774 801 .sp
775 802 .LP
776 803 Within a zone, no two flows can have the same name. After adding a flow with
777 804 the link specified, the link will not be required for display, modification, or
778 805 deletion of the flow.
779 806 .SS "Flow Properties"
780 807 .sp
781 808 .LP
782 809 The following flow properties are supported. Note that the ability to set a
783 810 given property to a given value depends on the driver and hardware.
784 811 .sp
785 812 .ne 2
786 813 .na
787 814 \fB\fBmaxbw\fR\fR
788 815 .ad
789 816 .sp .6
790 817 .RS 4n
791 818 Sets the full duplex bandwidth for the flow. The bandwidth is specified as an
792 819 integer with one of the scale suffixes(\fBK\fR, \fBM\fR, or \fBG\fR for Kbps,
793 820 Mbps, and Gbps). If no units are specified, the input value will be read as
794 821 Mbps. The default is no bandwidth limit.
795 822 .RE
796 823
797 824 .sp
798 825 .ne 2
799 826 .na
800 827 \fB\fBpriority\fR\fR
801 828 .ad
802 829 .sp .6
803 830 .RS 4n
804 831 Sets the relative priority for the flow. The value can be given as one of the
805 832 tokens \fBhigh\fR, \fBmedium\fR, or \fBlow\fR. The default is \fBmedium\fR.
806 833 .RE
807 834
808 835 .SH EXAMPLES
809 836 .LP
810 837 \fBExample 1 \fRCreating a Policy Around a Mission-Critical Port
811 838 .sp
812 839 .LP
813 840 The command below creates a policy around inbound HTTPS traffic on an HTTPS
814 841 server so that HTTPS obtains dedicated NIC hardware and kernel TCP/IP
815 842 resources. The name specified, \fBhttps-1\fR, can be used later to modify or
816 843 delete the policy.
817 844
818 845 .sp
819 846 .in +2
820 847 .nf
821 848 # \fBflowadm add-flow -l bge0 -a transport=TCP,local_port=443 https-1\fR
822 849 # \fBflowadm show-flow -l bge0\fR
823 850 FLOW LINK IP ADDR PROTO PORT DSFLD
824 851 https1 bge0 -- tcp 443 --
825 852 .fi
826 853 .in -2
827 854 .sp
828 855
829 856 .LP
830 857 \fBExample 2 \fRModifying an Existing Policy to Add Bandwidth Resource Control
831 858 .sp
832 859 .LP
833 860 The following command modifies the \fBhttps-1\fR policy from the preceding
834 861 example. The command adds bandwidth control and give the policy a high
835 862 priority.
836 863
837 864 .sp
838 865 .in +2
839 866 .nf
840 867 # \fBflowadm set-flowprop -p maxbw=500M,priority=high https-1\fR
841 868 # \fBflowadm show-flow https-1\fR
842 869 FLOW LINK IP ADDR PROTO PORT DSFLD
843 870 https1 bge0 -- tcp 443 --
844 871
845 872 # \fBflowadm show-flowprop https-1\fR
846 873 FLOW PROPERTY VALUE DEFAULT POSSIBLE
847 874 https-1 maxbw 500 -- --
848 875 https-1 priority HIGH -- LOW,NORMAL,HIGH
849 876 .fi
850 877 .in -2
851 878 .sp
852 879
853 880 .LP
854 881 \fBExample 3 \fRLimiting the UDP Bandwidth Usage
855 882 .sp
856 883 .LP
857 884 The following command creates a policy for UDP protocol so that it cannot
858 885 consume more than 100Mbps of available bandwidth. The flow is named
859 886 \fBlimit-udp-1\fR.
860 887
861 888 .sp
862 889 .in +2
863 890 .nf
864 891 # \fBflowadm add-flow -l bge0 -a transport=UDP -p maxbw=100M, \e
865 892 priority=low limit-udp-1\fR
866 893 .fi
867 894 .in -2
868 895 .sp
869 896
870 897 .LP
871 898 \fBExample 4 \fRShowing Flow Usage
872 899 .sp
873 900 .LP
874 901 Flow usage statistics can be stored using the extended accounting facility,
875 902 \fBacctadm\fR(1M).
876 903
877 904 .sp
878 905 .in +2
879 906 .nf
880 907 # \fBacctadm -e extended -f /var/log/net.log net\fR
881 908
882 909 # \fBacctadm net\fR
883 910 Network accounting: active
884 911 Network accounting file: /var/log/net.log
885 912 Tracked Network resources: extended
886 913 Untracked Network resources: none
887 914 .fi
888 915 .in -2
889 916 .sp
890 917
891 918 .sp
892 919 .LP
893 920 The historical data that was saved can be retrieved in summary form using the
894 921 \fBshow-usage\fR subcommand of \fBflowadm\fR.
895 922
896 923 .LP
897 924 \fBExample 5 \fRSetting Policy, Making Use of \fBdsfield\fR Attribute
898 925 .sp
899 926 .LP
900 927 The following command sets a policy for EF PHB (DSCP value of 101110 from RFC
901 928 2598) with a bandwidth of 500 Mbps and a high priority. The \fBdsfield\fR value
902 929 for this flow will be \fB0x2e\fR (101110) with the \fBdsfield_mask\fR being
903 930 \fB0xfc\fR (because we want to ignore the 2 least significant bits).
904 931
905 932 .sp
906 933 .in +2
907 934 .nf
908 935 # \fBflowadm add-flow -l bge0 -a dsfield=0x2e:0xfc \e
909 936 -p maxbw=500M,priority=high efphb-flow\fR
910 937 .fi
911 938 .in -2
912 939 .sp
913 940
914 941 .sp
915 942 .LP
916 943 Display summary information:
917 944
918 945 .sp
919 946 .in +2
920 947 .nf
921 948 # \fBflowadm show-usage -f /var/log/net.log\fR
922 949 FLOW DURATION IPACKETS RBYTES OPACKETS OBYTES BANDWIDTH
923 950 flowtcp 100 1031 546908 0 0 43.76 Kbps
924 951 flowudp 0 0 0 0 0 0.00 Mbps
925 952 .fi
926 953 .in -2
927 954 .sp
928 955
929 956 .sp
930 957 .LP
931 958 Display dates for which logging information is available:
932 959
933 960 .sp
934 961 .in +2
935 962 .nf
936 963 # \fBflowadm show-usage -d -f /var/log/net.log\fR
937 964 02/19/2008
938 965 .fi
939 966 .in -2
940 967 .sp
941 968
942 969 .sp
943 970 .LP
944 971 Display logging information for \fBflowtcp\fR starting at 02/19/2008, 10:38:46
945 972 and ending at 02/19/2008, 10:40:06:
946 973
947 974 .sp
948 975 .in +2
949 976 .nf
950 977 # \fBflowadm show-usage -s 02/19/2008,10:39:06 -e 02/19/2008,10:40:06 \e
951 978 -f /var/log/net.log flowtcp\fR
952 979 FLOW TIME IPACKETS RBYTES OPACKETS OBYTES BANDWIDTH
953 980 flowtcp 10:39:06 1 1546 4 6539 3.23 Kbps
954 981 flowtcp 10:39:26 2 3586 5 9922 5.40 Kbps
955 982 flowtcp 10:39:46 1 240 1 216 182.40 bps
956 983 flowtcp 10:40:06 0 0 0 0 0.00 bps
957 984 .fi
958 985 .in -2
959 986 .sp
960 987
961 988 .sp
962 989 .LP
963 990 Output the same information as above as a plotfile:
964 991
965 992 .sp
966 993 .in +2
967 994 .nf
968 995 # \fBflowadm show-usage -s 02/19/2008,10:39:06 -e 02/19/2008,10:40:06 \e
969 996 -p /home/plot/myplot -F gnuplot -f /var/log/net.log flowtcp\fR
970 997 # \fBTime tcp-flow\fR
971 998 10:39:06 3.23
972 999 10:39:26 5.40
973 1000 10:39:46 0.18
974 1001 10:40:06 0.00
975 1002 .fi
976 1003 .in -2
977 1004 .sp
978 1005
979 1006 .SH EXIT STATUS
980 1007 .sp
981 1008 .ne 2
982 1009 .na
983 1010 \fB\fB0\fR\fR
984 1011 .ad
985 1012 .sp .6
986 1013 .RS 4n
987 1014 All actions were performed successfully.
988 1015 .RE
989 1016
990 1017 .sp
991 1018 .ne 2
992 1019 .na
993 1020 \fB\fB>0\fR\fR
994 1021 .ad
995 1022 .sp .6
996 1023 .RS 4n
997 1024 An error occurred.
998 1025 .RE
999 1026
1000 1027 .SH ATTRIBUTES
1001 1028 .sp
1002 1029 .LP
1003 1030 See \fBattributes\fR(5) for descriptions of the following attributes:
1004 1031 .sp
1005 1032
1006 1033 .sp
1007 1034 .TS
1008 1035 box;
1009 1036 c | c
1010 1037 l | l .
1011 1038 ATTRIBUTE TYPE ATTRIBUTE VALUE
1012 1039 _
1013 1040 Interface Stability Committed
1014 1041 .TE
1015 1042
1016 1043 .SH SEE ALSO
1017 1044 .sp
1018 1045 .LP
1019 1046 \fBacctadm\fR(1M), \fBdladm\fR(1M), \fBifconfig\fR(1M), \fBprstat\fR(1M),
1020 1047 \fBroute\fR(1M), \fBattributes\fR(5), \fBdlpi\fR(7P)
|
↓ open down ↓ |
680 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX