Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring sFlow Technology for Network Monitoring (CLI Procedure)

 

sFlow technology is a network monitoring technology for high-speed switched or routed networks. It is a technology that is based on statistical sampling. You can configure sFlow technology to continuously monitor traffic at wire speed on all interfaces simultaneously. Junos OS fully supports the sFlow standard described in RFC 3176, InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks.

On the QFabric system, the sFlow monitoring global configuration that is defined on the Director device is distributed to Node groups that have sFlow sampling configured on the interfaces.

To configure sFlow features:

  1. Configure the IP address and the UDP port of the collector:
    [edit protocols]

    user@device# set sflow collector ip-address udp-port port-number

    The default UDP port is 6343,

  2. Enable sFlow technology on a specific interface.

    You must enable sFlow monitoring on each interface individually; you cannot globally enable sFlow monitoring on all interfaces with a single configuration statement.

    [edit protocols sflow]

    user@device# set interfaces interface-name

    Be aware of the following caveats about sFlow on interfaces:

    • With the exception of the QFX10000 Series switches, you cannot enable sFlow technology on a Layer 3 VLAN-tagged interface.

    • You cannot enable sFlow technology on a link aggregation group (LAG), but you can enable it on the member interfaces of a LAG.

    • sFlow technology is not supported on a VXLAN interface.

  3. Specify in seconds how often the sFlow agent polls interfaces:
    [edit protocols sflow]

    user@device# set polling-interval seconds
    Note

    Specify 0 if you do not want to poll the interface.

  4. Specify the rate at which packets must be sampled. You can specify either an egress or an ingress sampling rate, or both. Note

    We recommend that you configure the same sampling rates on all the ports on a line card. If you configure different sampling rates on different ports, the lowest value is used for all ports. You could still configure different rates on different line cards.

    To specify an egress sampling rate:

    [edit protocols sflow]

    user@device# set sample-rate egress number

    To specify an ingress sampling rate:

    [edit protocols sflow]

    user@device# set sample-rate ingress number
  5. (Optional) You can also configure the polling interval and the egress and ingress sampling rates at the interfaces level:
    [edit protocols sflow interfaces interface-name]

    user@device# set polling-interval seconds
    [edit protocols sflow interfaces]

    user@device# set sample-rate egress number
    [edit protocols sflow interfaces]

    user@device# set sample-rate ingress number
    Note

    The interfaces-level configuration overrides the global configuration for the specified interface.

  6. Specify an IP address to be used as the agent ID for the sFlow agent:
    [edit protocols sflow]

    user@device# set agent-id ip-address
  7. Specify the source IP address to be used for sFlow datagrams:
    [edit protocols sflow]

    user@device# set source-ip ip-address
  8. (Optional) Set the disable-sw-rate-limiter configuration statement so that the sampling rate stays within the maximum hardware sampling rate.
    [edit protocols sflow]

    user@device# set disable-sw-rate-limiter

    Packet-based sampling in sFlow is implemented in the hardware. If traffic levels are unusually high, the hardware generates more samples than it can handle, and the extra samples are dropped, producing inaccurate results. Enabling the disable-sw-rate-limiter statement disables the software rate-limiting algorithm and allows the hardware sampling rate to stay within the maximum sampling rate.