The number of flows supported by a Gateway is determined by the system memory. There is a log that reflects the number of flows during startup.

The following example shows the log of maximum supported flows:

ERROR  [MAIN] gwd_get_max_flow_supported:35 Flow Admission: GWD 
Max flow supported: 1929780 soft limit:1157820 hard limit:1736730

If logs have rolled over, use the following table as reference:

Gateway Memory(GB) Max Number of Flows Critical Number of Flows(90% of max flows)
4 245760 221184
8 491520 442368
16 983040 884736
32 1966080 1769472

If flow limits reach a critical limit the system should be investigated for a possible flow leak.

Current flow objects in the system are as follows:

vcadmin@vcg1-example:~$ sudo /opt/vc/bin/getcntr -c memb.mod_mp_flow_t.obj_cnt -d
        gwd-mem

If the flows are determined to be invalid, a diagnostic bundle should be generated before restarting the Gateway service to clear the stale flows. If the flows are determined to be valid, then the customers should be moved to alternate Gateways to reduce the flow count.

The following table lists the threshold values and recommended actions for flow count.

Threshold State Threshold Value Recommended Corrective Action
Warning 50% of 1.9 Million flows
  1. If total flow count crosses warning or critical threshold:
    • Collect diagnostic bundle.
    • Check the stale flow count thresholds and perform corresponding actions listed for stale flows.
    • If the stale flow count is within warning threshold, check the top consumers from flow table.
    • Disable any peer that is creating lot of rogue flows and if a DOS attack is suspected.
    • Check if any Enterprise is consuming most of the flow entries. This information can be used to load balance Edges in the Enterprise.
    • If memory usage crosses critical threshold, perform actions specified for memory metrics.
  2. If flow count crosses critical threshold:
    • Open high priority support case with VMware, along with diagnostic bundle.
    • Restart the services on Gateway.
    • Use the following command to check the peers with high flow count: /opt/vc/bin/vc_top_peers.sh -t flow.
Critical 75% of 1.9 Million flows

The following table lists the threshold values and recommended actions for stale flow count.

Threshold State Threshold Value Recommended Corrective Action
Warning 10%
  1. If stale flow count crosses warning or critical threshold:
    • Collect diagnostic bundle.
    • Check if small set of Edges are contributing to these stale flows.
  2. If stale flow count crosses critical threshold:
    • Open high priority support case with VMware, along with diagnostic bundle.
    • Restart the services on Gateway.
  3. If the same issue occurs multiple times on same Gateway or observed on different Gateways, mark the already created support case as critical.
Critical 25%