Articles in this section

See more

How to send traffic from Gigamon to Sinefa in AWS

Avatar
Sinefa Support Team
Updated
Follow

This post describes how you can configure Gigamon’s AWS visibility platform to send traffic to a Sinefa probe in AWS for instant, L7, 1-sec resolution visibility.

Before you get started, you will need Gigamon’s visibility platform installed and configured in your AWS environment. There is a getting started guide available from Gigamon's AWS marketplace listing.

Step 1 - Deploy a Sinefa probe in AWS

You will need a Sinefa probe deployed inside AWS to receive traffic from the Gigamon platform. Instructions for deploying a Sinefa probe inside AWS can be found here: https://community.sinefa.com/hc/en-us/articles/201112997-Quick-Start-Guide-Amazon-AWS-EC2-Instance

You will need to allow inbound UDP port 4789 to the Sinefa probe (optionally from the Gigamon V series node security group).

giga_aws_1.png

Step 2 - Prepare the Sinefa probe

Gigamon sends traffic to tools (like Sinefa probes) using VXLANs. You will need to setup a VXLAN interface on the Sinefa probe and configure the probe to monitor that interface.

First, update the probe to the latest software:

$ sudo yum update

Then create the VXLAN interface:

$ sudo ip link add vxlan0 type vxlan dev eth0 id 0 dstport 4789
$ sudo ip link set vxlan0 up

Then configure the probe to monitor all traffic on that interface:

$ sudo /opt/sinefa/bin/sinefa-netflow-config -a vxlan0

Now the probe is listening on the new vxlan0 interface. Any traffic it receives on this interface will be monitored.

Step 3 - Configure Gigamon to send traffic to Sinefa

Login to the GigaVue-FM user interface and navigate to the AWS section. Go to the Configuration, Tunnel Library section and add a new tunnel.

giga_aws_2.png

Be sure to specify the type as “VXLAN”, the remote tunnel IP as the internal IP of the Sinefa probe and the port as 4789.

Now you have a tunnel you can use to send traffic to the probe. Next, go to the Monitoring Sessions section and create a new monitoring session.

giga_aws_3.png

Using a Map and our new tunnel, we can create a session that sends some or all of the traffic captured by Gigamon to the Sinefa probe.

Once the tunnel is deployed, login to the Sinefa app and you should see live traffic from the new Sinefa probe in AWS.

giga_aws_4.png

Comments

0 comments

Article is closed for comments.