Fortinet black logo

Online Help

Home FortiCWP 21.2.0 Online Help

Container Traffic

21.2.0
22.2.a
22.1.0
21.3.0
21.2.1
21.2.0
21.1.0
20.3.0
20.2.0
20.1.0
4.4.0
4.2.0
Copy Link
Copy Doc ID 623e79e5-e0e1-11eb-97f7-00505692583a:254781

Container Traffic

The dotted line inside the Namespaces represents the traffic between the pods with the arrow pointing in the direction which the data traveled. There is no detail on what is being transferred from one pod to another, but only a record showing that there had been communication between the two pods.

Prerequisite

Container Traffic feature requires CNI (Container Network Interface) plug-in. Depending on the CNI plug-in of the container platform you are using, Container Protection may or may not support the CNI plug-in of the container platform.

Table of CNI plug-in supported and not supported by Container Protection:

Supported CNI Plug-in

Unsupported CNI Plug-in

AKS (Kubernet)

GKE (Kubernet)

EKS VPC CNI (AWS)

Flannel

Calico (iptable mode)

Weave

Cilium

Calico (eBPF mode)

For Calico (eBPF mode) users, if you would like to enable and use the container traffic feature, please append the following environment variables in the calico-config.yaml file:

- name: FELIX_CHAININSERTMODE

value: "Append"

Here is a screen shot of where the variables should be placed in:

Container Traffic Detail

Go to Container Visibility, then click on any View Container Visibility box. When moving the mouse over a dotted line inside a Namespace, it will turn into blue. Click on the blue line will show the internal traffic detail between the two pods.

In case where there is traffic between the pod and an external source, the dotted line will point to a source that is outside of the Namespace.

When clicking on the dotted traffic line, it will show the traffic detail between the pod and the external source.

Previous
Next

Container Traffic

The dotted line inside the Namespaces represents the traffic between the pods with the arrow pointing in the direction which the data traveled. There is no detail on what is being transferred from one pod to another, but only a record showing that there had been communication between the two pods.

Prerequisite

Container Traffic feature requires CNI (Container Network Interface) plug-in. Depending on the CNI plug-in of the container platform you are using, Container Protection may or may not support the CNI plug-in of the container platform.

Table of CNI plug-in supported and not supported by Container Protection:

Supported CNI Plug-in

Unsupported CNI Plug-in

AKS (Kubernet)

GKE (Kubernet)

EKS VPC CNI (AWS)

Flannel

Calico (iptable mode)

Weave

Cilium

Calico (eBPF mode)

For Calico (eBPF mode) users, if you would like to enable and use the container traffic feature, please append the following environment variables in the calico-config.yaml file:

- name: FELIX_CHAININSERTMODE

value: "Append"

Here is a screen shot of where the variables should be placed in:

Container Traffic Detail

Go to Container Visibility, then click on any View Container Visibility box. When moving the mouse over a dotted line inside a Namespace, it will turn into blue. Click on the blue line will show the internal traffic detail between the two pods.

In case where there is traffic between the pod and an external source, the dotted line will point to a source that is outside of the Namespace.

When clicking on the dotted traffic line, it will show the traffic detail between the pod and the external source.

Previous
Next