Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Domain Segmentation

Domains are virtual buckets that you use to separate data based on the source of the data. Segmenting your network into different domains helps to ensure that relevant information is available only to those users that need it, helping you to build a multitenant environment.

To ensure that traffic on a specific network interface is segmented from other traffic in your network, you can add the network interface to a domain. The interface must be configured as a flow source before it appears in the Domain configuration window.

Note:

Network Insights supports traffic segmentation across multiple flow sources only if those flow sources are configured for separate domains, or they are part of separate NUMA nodes.

Consider the following information when you plan for domain segmentation in your deployment:

  • For installations that use a Napatech card, all ports on the napatech0 interface are treated as a single aggregated interface.

  • You can receive flows from a network tap if both halves of the tap are connected to network interface ports on the same NUMA node.

  • For flows that are aggregated across multiple flow sources, the Flow interface field shows the interface that first observed the flow session.

Overlapping IP addresses

If your Network Insights deployment monitors network segments that have overlapping IP addresses, you must use the domain segmentation capability to ensure that traffic remains segmented by the input flow sources. If you do not use domains, traffic that is received on Intel or virtual network interfaces on the same NUMA node are aggregated together.

Within a single domain, flow sources are aggregated together based on the following matching flow properties:

  • IP address

  • Ports (TCP/UDP)

  • Protocol

  • VLAN IDs

  • VXLAN Identifier

If domains are configured based on the flow source, Network Insights ensures that different flow IDs are generated for different domains. This process ensures that the overlapping IP addresses are not aggregated back together by the QFlow process.