Login
- Table of Contents
-
- 10-Network Management and Monitoring Configuration Guide
- 00-Preface
- 01-System maintenance and debugging configuration
- 02-NQA configuration
- 03-iNQA configuration
- 04-Packet trace configuration
- 05-NTP configuration
- 06-PTP configuration
- 07-SNMP configuration
- 08-RMON configuration
- 09-Event MIB configuration
- 10-NETCONF configuration
- 11-Ansible configuration
- 12-Puppet configuration
- 13-Chef configuration
- 14-CWMP configuration
- 15-EAA configuration
- 16-Process monitoring and maintenance configuration
- 17-Sampler configuration
- 18-Mirroring configuration
- 19-NetStream configuration
- 20-IPv6 NetStream configuration
- 21-NetAnalysis configuration
- 22-sFlow configuration
- 23-Information center configuration
- 24-GOLD configuration
- 25-Packet capture configuration
- 26-Performance management configuration
- 27-TCP connection trace configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 22-sFlow configuration | 128.60 KB |
Contents
Restrictions and guidelines: sFlow configuration
Configuring basic sFlow information
Display and maintenance commands for sFlow
The remote sFlow collector cannot receive sFlow packets
Configuring sFlow
About sFlow
sFlow is a traffic monitoring technology.
As shown in Figure 1, the sFlow system involves an sFlow agent embedded in a device and a remote sFlow collector. The sFlow agent collects interface counter information and packet information and encapsulates the sampled information in sFlow packets. When the sFlow packet buffer is full, or the aging timer (fixed to 1 second) expires, the sFlow agent performs the following actions:
· Encapsulates the sFlow packets in the UDP datagrams.
· Sends the UDP datagrams to the specified sFlow collector.
The sFlow collector analyzes the information and displays the results. One sFlow collector can monitor multiple sFlow agents.
sFlow provides the following sampling mechanisms:
· Flow sampling—Obtains packet information.
· Counter sampling—Obtains interface counter information.
sFlow can use flow sampling and counter sampling at the same time.
Figure 1 sFlow system
Protocols and standards
· RFC 3176, InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks
· sFlow.org, sFlow Version 5
Restrictions and guidelines: sFlow configuration
Make sure the sum of sampled packet rates on all interfaces does not exceed 5000 pps. Configure the sampling rate for flow sampling and sampling interval for counter sampling properly.
sFlow is mutually exclusive with the following features:
· Mirroring that references a sampler.
· NetStream, IPv6 NetStream, NetAnalysis, INT, and MOD.
For more information about mirroring, NetStream, IPv6 NetStream, and NetAnalysis, see “Configuring port mirroring,” “Configuring flow mirroring,” “Configuring NetStream,” “Configuring IPv6 NetStream,” and "Configuring NetAnalysis.” For more information about INT and MOD, see Telemetry Configuration Guide.
Configuring basic sFlow information
Restrictions and guidelines
As a best practice, manually configure an IP address for the sFlow agent. The device periodically checks whether the sFlow agent has an IP address. If the sFlow agent does not have an IP address, the device automatically selects an IPv4 address for the sFlow agent but does not save the IPv4 address in the configuration file.
Only one IP address can be configured for the sFlow agent on the device, and a newly configured IP address overwrites the existing one.
Procedure
1. Enter system view.
system-view
2. Configure an IP address for the sFlow agent.
sflow agent { ip ipv4-address | ipv6 ipv6-address }
By default, no IP address is configured for the sFlow agent.
3. Configure the sFlow collector information.
sflow collector collector-id [ vpn-instance vpn-instance-name ] { ip ipv4-address | ipv6 ipv6-address } [ datagram-size size | description string | dscp dscp-value | port port-number | time-out seconds ] *
By default, no sFlow collector information is configured.
4. Specify the source IP address of sFlow packets.
sflow source { ip ipv4-address | ipv6 ipv6-address } *
By default, the source IP address is determined by routing.
Configuring flow sampling
About this task
Perform this task to configure flow sampling on an Ethernet interface. The sFlow agent performs the following tasks:
1. Samples packets on that interface according to the configured parameters.
2. Encapsulates the packets into sFlow packets.
3. Encapsulates the sFlow packets in the UDP packets and sends the UDP packets to the specified sFlow collector.
Restrictions and guidelines
To configure flow sampling in Layer 3 Ethernet subinterface view, only the inbound sampling direction is supported. If you configure outbound or bidirectional sampling, the configuration does not take effect.
When you set the sampling rate in Layer 3 Ethernet subinterface view, you must first execute the sflow sampling-direction inbound command to configure inbound sampling. If you do not do so, the sampling rate configuration fails.
The system does not support configuring the packet sampling rate in the inbound direction for an Ethernet interface and its subinterfaces at the same time. If you do so, the sampling rate setting on the interface configured first takes effect.
To set the packet sampling rate for all subinterfaces of an Ethernet interface, make sure the sampling rate is the same for all the subinterfaces.
Restrictions and guidelines
Layer 3 Ethernet subinterfaces support performing flow sampling only on received packets. To configure flow sampling in Layer 3 Ethernet subinterface view:
1. Use the sflow sampling-direction inbound command to set the inbound sampling direction.
2. Use the sflow sampling-rate rate command to set the sampling rate for flow sampling.
When you enable flow sampling for both a Layer 3 Ethernet interface and its subinterfaces, follow these restrictions and guidelines:
· You cannot enable flow sampling in the same direction for the Ethernet interface and the subinterfaces. Layer 3 Ethernet subinterfaces support only the inbound direction. Therefore, enable outbound sampling for the Ethernet interface and inbound sampling for the subinterfaces.
· To avoid configuration failure, make sure the flow sampling rate is the same for all the subinterfaces of the same main interface.
Configuring flow sampling on an Ethernet interface
1. Enter system view.
system-view
2. Enter Layer 2 Ethernet interface view, Layer 3 Ethernet subinterface view, or Layer 3 Ethernet interface view.
interface interface-type interface-number
3. (Optional.) Set the flow sampling mode.
sflow sampling-mode random
By default, random sampling is used.
4. Enable flow sampling and specify the number of packets out of which flow sampling samples a packet on the interface.
sflow sampling-rate rate
By default, flow sampling is disabled.
As a best practice, set the sampling interval to 2n that is greater than or equal to 8192, for example, 32768.
5. (Optional.) Set the flow sampling direction.
sflow sampling-direction { both | inbound | outbound }
By default, the flow sampling direction is bidirectional.
6. (Optional.) Set the maximum number of bytes (starting from the packet header) that flow sampling can copy per packet.
sflow flow max-header length
The default setting is 128 bytes.
As a best practice, use the default setting.
7. Specify the sFlow instance and sFlow collector for flow sampling.
sflow flow [ instance instance-id ] collector collector-id
By default, no sFlow instance or sFlow collector is specified for flow sampling.
Configuring flow sampling on an Ethernet subinterface
1. Enter system view.
system-view
2. Enter Layer 3 Ethernet subinterface view.
interface interface-type interface-number.subnumber
3. (Optional.) Set the flow sampling mode.
sflow sampling-mode random
By default, random sampling is used.
4. Set the flow sampling direction to inbound.
sflow sampling-direction inbound
By default, the flow sampling direction is inbound.
5. Enable flow sampling and specify the number of packets out of which flow sampling samples a packet on the interface.
sflow sampling-rate rate
By default, flow sampling is disabled.
As a best practice, set the sampling interval to 2n that is greater than or equal to 8192, for example, 32768.
6. (Optional.) Set the maximum number of bytes (starting from the packet header) that flow sampling can copy per packet.
sflow flow max-header length
The default setting is 128 bytes.
As a best practice, use the default setting.
7. Specify the sFlow instance and sFlow collector for flow sampling.
sflow flow [ instance instance-id ] collector collector-id
By default, no sFlow instance or sFlow collector is specified for flow sampling.
Configuring counter sampling
About this task
Perform this task to configure counter sampling on an Ethernet interface. The sFlow agent performs the following tasks:
1. Periodically collects the counter information on that interface.
2. Encapsulates the counter information into sFlow packets.
3. Encapsulates the sFlow packets in the UDP packets and sends the UDP packets to the specified sFlow collector.
Procedure
1. Enter system view.
system-view
2. Enter Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, or Layer 3 Ethernet subinterface view.
interface interface-type { interface-number | interface-number.subnumber }
3. Enable counter sampling and set the counter sampling interval.
sflow counter interval interval
By default, counter sampling is disabled.
4. Specify the sFlow instance and sFlow collector for counter sampling.
sflow counter [ instance instance-id ] collector collector-id
By default, no sFlow instance or sFlow collector is specified for counter sampling.
Display and maintenance commands for sFlow
Execute display commands in any view.
|
Task |
Command |
|
Display sFlow configuration. |
display sflow |
sFlow configuration examples
Example: Configuring sFlow
Network configuration
As shown in Figure 2, perform the following tasks:
· Configure flow sampling in random mode and counter sampling on HundredGigE 1/1/1 of the device to monitor traffic on the port.
· Configure the device to send sampled information in sFlow packets through HundredGigE 1/1/3 to the sFlow collector.
Procedure
1. Configure VLANs, assign Ethernet interfaces to VLANs, and configure IP addresses and subnet masks for VLAN interfaces, as shown in Figure 2. (Details not shown.)
2. Configure the sFlow agent and configure information about the sFlow collector:
# Configure the IP address for the sFlow agent.
<Device> system-view
[Device] sflow agent ip 3.3.3.1
# Configure information about the sFlow collector. Specify the sFlow collector ID as 1, IP address as 3.3.3.2, port number as 6343 (default), and description as netserver.
[Device] sflow collector 1 ip 3.3.3.2 description netserver
3. Configure counter sampling:
# Enable counter sampling and set the counter sampling interval to 120 seconds on HundredGigE 1/1/1.
[Device] interface hundredgige 1/1/1
[Device-HundredGigE1/1/1] sflow counter interval 120
# Specify sFlow collector 1 for counter sampling.
[Device-HundredGigE1/1/1] sflow counter collector 1
4. Configure flow sampling:
# Enable flow sampling and set the flow sampling mode to random and sampling interval to 32767.
[Device-HundredGigE1/1/1] sflow sampling-mode random
[Device-HundredGigE1/1/1] sflow sampling-rate 32767
# Specify sFlow collector 1 for flow sampling.
[Device-HundredGigE1/1/1] sflow flow collector 1
Verifying the configuration
# Verify the following items:
· HundredGigE 1/1/1 enabled with sFlow is active.
· The counter sampling interval is 120 seconds.
· The flow sampling interval is 32767 (one packet is sampled from every 32767 packets).
[Device-HundredGigE1/1/1] display sflow
sFlow datagram version: 5
Global information:
Agent IP: 3.3.3.1(CLI)
Source address:
Collector information:
ID IP Port Aging Size VPN-instance Description Dscp
1 3.3.3.2 6343 N/A 1400 netserver 0
Port counter sampling information:
Interface Instance CID Interval(s)
HGE1/1/1 1 1 120
Port flow sampling information:
Interface Instance FID MaxHLen Rate Mode Status
HGE1/1/1 1 1 128 32767 Random Active
Troubleshooting sFlow
The remote sFlow collector cannot receive sFlow packets
Symptom
The remote sFlow collector cannot receive sFlow packets.
Analysis
The possible reasons include:
· The sFlow collector is not specified.
· sFlow is not configured on the interface.
· The IP address of the sFlow collector specified on the sFlow agent is different from that of the remote sFlow collector.
· No IP address is configured for the Layer 3 interface that sends sFlow packets.
· An IP address is configured for the Layer 3 interface that sends sFlow packets. However, the UDP datagrams with this source IP address cannot reach the sFlow collector.
· The physical link between the device and the sFlow collector fails.
· The sFlow collector is bound to a non-existent VPN.
· The length of an sFlow packet is less than the sum of the following two values:
¡ The length of the sFlow packet header.
¡ The number of bytes that flow sampling can copy per packet.
Solution
To resolve the problem:
1. Use the display sflow command to verify that sFlow is correctly configured.
2. Verify that a correct IP address is configured for the device to communicate with the sFlow collector.
3. Verify that the physical link between the device and the sFlow collector is up.
4. Verify that the VPN bound to the sFlow collector already exists.
5. Verify that the length of an sFlow packet is greater than the sum of the following two values:
¡ The length of the sFlow packet header.
¡ The number of bytes (as a best practice, use the default setting) that flow sampling can copy per packet.
