Showing Traffic Information (asg_ifconfig)

Description

The asg_ifconfig command in Gaia gClish The name of the global command line shell in Check Point Gaia operating system for Security Appliances connected to Check Point Quantum Maestro Orchestrators. Commands you run in this shell apply to all Security Appliances in the Security Group. or the Expert mode collects traffic statistics from all or a specified range of Security Group A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. Members.

The combined output shows the traffic distribution between Security Group Members and their interfaces (calculated during a certain period).

The asg_ifconfig command has these modes:

Mode	Description
Native	This is the default setting. When the `analyze` or `banalyze` option is not specified the command behaves almost the same as the native Linux `ifconfig` command. However, the output shows statistics for all interfaces on all Security Group Members, and for interfaces on the local Security Group Member.
Analyze	Shows accumulated traffic information and traffic distribution between Security Group Members.
Banalyze	Shows accumulated traffic information and traffic distribution between interfaces.

Notes:

The analyze and banalyze parameters cannot be used together.
If you run this command in a Virtual System context, you can only see the output that applies to that context.

Syntax

asg_ifconfig -h

asg_ifconfig [-b <SGM_IDs>] [<interface>] [analyze | banalyze] [-d <delay>] [-a] [-v]

Parameters

Parameter	Description
`-h`	Shows the built-in help.
`-b <SGM_IDs>`	Applies to Security Group Members as specified by `<SGM_IDs>`. `<SGM_IDs>` can be: No `<SGM_IDs` > specified, or `all` - Applies to all Security Group Members and Sites One Security Group Member (for example, `1_1`) A comma-separated list of Security Group Members (for example, `1_1,1_4`) A range of Security Group Members (for example, `1_1-1_4`) In Dual Site, one Site (`chassis1`, or `chassis2`) In Dual Site, the Active Site (`chassis_active`)
`<interface>`	The name of the interface.
`analyze`	Shows accumulated traffic information. Use the `-a`, `-v,` and `-d <delay>` parameters to show traffic distribution between interfaces.
`banalyze`	Shows accumulated traffic information. Use the `-a`, `-v,` and `-d <delay>` parameters to show traffic distribution between interfaces. You can use these parameters to sort the traffic distribution table: `-rp` X packets `-rb` X bytes `-rd` X dropped packets `-tp` X packets `-tb` X bytes `-td` X dropped packet For example, if you sort with the `-rb` option, the higher values appear at the top of the `RX bytes` column in the traffic distribution table: SGM ID RX packets RX bytes RX dropped 1_03 70% 1_02 20% 1_01 10% By default, the traffic distribution table is not sorted.
`-d <delay>`	Delay, in seconds, between data samples. Default = 5.
`-a`	Shows total traffic volume. By default (without `-a`), the average traffic volume per second shows.
`-v`	Verbose mode - shows traffic distribution between interfaces.

Native Usage

This example shows the total traffic sent and received by eth2-01 for all Security Group Members on Site 1 (Active Site).

By default, the average traffic volume per second shows.

Using the Analyze Option

This example shows accumulated traffic volume statistics for eth2-Sync for each Security Group Member and the total for all Security Group Members.

The traffic distribution for each Security Group Member also shows.

The -a option shows the total traffic volume instead of the average volume per second.

Example

[Expert@MyChassis-ch01-01:0]# gclish

[Global] MyChassis-ch01-01> asg_ifconfig eth2-Sync analyze -v -a

Command is executed on SGMs: chassis_active

1_01:

eth2-Sync   Link encap:Ethernet  HWaddr 00:1C:7F:01:04:FE

            UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1

            RX: packets:225018 bytes:36970520 (37.0 MiB)  dropped:0

            TX: packets:3522445 bytes:1381032583 (1.4 GiB)  dropped:0

1_02:

eth2-Sync   Link encap:Ethernet  HWaddr 00:1C:7F:02:04:FE

            UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1

            RX: packets:221395 bytes:35947248 (35.9 MiB)  dropped:0

            TX: packets:4674143 bytes:1850315554 (1.9 GiB)  dropped:0

1_03:

eth2-Sync   Link encap:Ethernet  HWaddr 00:1C:7F:03:04:FE

            UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1

            RX: packets:10 bytes:644 (644.0 b)  dropped:0

            TX: packets:67826313 bytes:7345458105 (7.3 GiB)  dropped:0

1_04:

eth2-Sync   Link encap:Ethernet  HWaddr 00:1C:7F:04:04:FE

            UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1

            RX: packets:13 bytes:860 (860.0 b)  dropped:0

            TX: packets:68489217 bytes:7487476060 (7.5 GiB)  dropped:0

1_05:

eth2-Sync   Link encap:Ethernet  HWaddr 00:1C:7F:05:04:FE

            UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1

            RX: packets:203386 bytes:19214238 (19.2 MiB)  dropped:0

            TX: packets:7164109 bytes:2740761091 (2.7 GiB)  dropped:0

=*= Accumulative =*=

eth2-Sync   Link encap:Ethernet

            UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1

            RX: packets:649822 bytes:92133510 (92.1 MiB)  dropped:0

            TX: packets:151676227 bytes:20805043393 (20.8 GiB)  dropped:0

=*= Traffic Distribution =*=

-----------------------------------------------------------------------------

     SGM ID RX packets   RX bytes RX dropped TX packets   TX bytes TX dropped

-----------------------------------------------------------------------------

       1_01      34.6%      40.1%       0.0%       2.3%       6.6%       0.0%

       1_02      34.1%      39.0%       0.0%       3.1%       8.9%       0.0%

       1_03       0.0%       0.0%       0.0%      44.7%      35.3%       0.0%

       1_04       0.0%       0.0%       0.0%      45.2%      36.0%       0.0%

       1_05      31.3%      20.9%       0.0%       4.7%      13.2%       0.0%

-----------------------------------------------------------------------------

[Global] MyChassis-ch01-01>