Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

VLAN Fields

JSA retains Virtual Local Area Network (VLAN) information that is exported in external flow records, such as those that are received from IPFIX, NetFlow V9, sFlow V5, or J-Flow V9. VLAN can also be viewed in internal flows, such as those that are received by Network Interface Card. You can then query, filter, search, or write custom rules with this VLAN information.

The following VLAN fields are supported for IPFIX, Netflow version 9, and J-Flow.

  • vlanId

  • postVlanId

  • dot1qVlanId

  • dot1qPriority

  • dot1qCustomerVlanId

  • dot1qCustomerPriority

  • postDot1qVlanId

  • postDotqCustomerVlanId

  • dot1qDEI (raw packets only)

  • dot1qCustomerDEI (raw packets only)

The following VLAN fields are supported for raw packets and sFlow version 5.

  • dot1qVlanId

  • dot1qPriority

  • dot1qCustomerVlanId

  • dot1qCustomerPriority

  • dot1qDEI

  • dot1qCustomerDEI

All flows with VLAN information contain two specific fields that can be used to define unique domains in JSA:

  • Enterprise VLAN ID

  • Customer VLAN ID

For example, a UDP flow is sent from 10.0.0.0 to 10.255.255.255 on VLAN 10. Another UDP flow is sent from 10.0.0.0 to 10.255.255.255 on VLAN 20. In JSA, the unique identifier for each flow includes the nested VLAN fields (including post fields). This means that the two flows above are treated independently, each with their own VLAN definition.

Assign Domains and Tenants to Flows with VLAN Information

With domain management support for VLAN flows, you can define your domains in JSA based on the VLAN information in your network.

In JSA, you can assign domains to incoming flows based on the VLAN information that is contained in the flow. The incoming flows are mapped to domains that contain the same VLAN definition. You can also filter and query the domains for the VLAN-based domain.

You can assign tenants to domain definitions to achieve multi-tenancy. The VLAN-based domain definitions enable multi-tenancy across different VLANs, if required.

For example, two domain definitions are created and mapped to two network tenants:

  • For tenant ABC, traffic is sent on Enterprise VLAN ID = 0, and Customer VLAN ID = 10.

  • For tenant DEF, traffic is sent on Enterprise VLAN ID = 0, and Customer VLAN ID = 20.

The first domain definition is created for tenant ABC, which contains a flow VLAN definition of Enterprise VLAN ID = 0 and customer VLAN ID = 10.

A second domain definition is created for tenant DEF, which contains a flow VLAN definition of Enterprise VLAN ID = 0 and customer VLAN ID = 20.

Incoming flows with Enterprise VLAN ID and Customer VLAN ID fields set to 0 and 10 are viewed only by tenant ABC. Similarly, incoming flows with Enterprise VLAN ID and Customer VLAN ID fields of 0 and 20 are only viewed by tenant DEF. This reflects the traffic ownership for each tenant in the network.