Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Understanding sFlow Technology on a Junos Fusion Enterprise

This topic describes sFlow technology in a Junos Fusion Enterprise.

This topic covers:

sFlow Technology on a Junos Fusion Enterprise Overview

sFlow technology is a monitoring technology for high-speed switched or routed networks. sFlow technology randomly samples network packets and sends the samples to a monitoring system. In a Junos Fusion Enterprise, you can configure sFlow technology on the aggregation device to continuously monitor traffic on all extended interfaces simultaneously.

Many sFlow technology concepts for standalone switches also apply to sFlow technology on a Junos Fusion Enterprise. See Understanding How to Use sFlow Technology for Network Monitoring on an EX Series Switch for a detailed overview of sFlow on standalone EX Series switches.

Understanding the sFlow Sampling Mechanism on a Junos Fusion Enterprise

sFlow technology uses the following two sampling mechanisms:

  • Packet-based sampling: Samples one packet out of a specified number of packets from an interface enabled for sFlow technology.

  • Time-based sampling: Samples interface statistics at a specified interval from an interface enabled for sFlow technology.

The sampling information is used to create a network traffic visibility picture. The Juniper Networks Junos operating system (Junos OS) fully supports the sFlow standard described in RFC 3176, InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks.

Note:

sFlow technology on the switches samples only raw packet headers. A raw Ethernet packet is the complete Layer 2 network frame.

An sFlow monitoring system consists of an sFlow agent (embedded in the switch), and a centralized collector. The sFlow agent’s two main activities are random sampling and statistics gathering. The sFlow agent combines interface counters and flow samples and sends them across the network to the sFlow collector in UDP datagrams, directing those datagrams to the IP address and UDP destination port of the collector. Each datagram contains the following information:

  • The IP address of the sFlow agent

  • The number of samples

  • The interface through which the packets entered the agent

  • The interface through which the packets exited the agent

  • The source and destination interface for the packets

  • The source and destination VLAN for the packets

Like all features in a Junos Fusion Enterprise, sFlow technology is configured from the aggregation devices.

Best Practice:

We recommend the following consideration guidelines for sFlow technology in a Junos Fusion Enterprise:

  • Configure sFlow technology on both aggregation devices.

  • Configure the same sampling rates on all the extended ports. If you configure different sampling rates, then the lowest value is used for all ports. Note that counter samples are sent from both aggregation devices for an extended port.

  • Use the configuration sync feature to synchronize the configuration across the aggregation devices.

  • After synchronization is finished, make sure that the collector is reachable from both aggregation devices.

Limitations for sFlow on a Junos Fusion Enterprise

Consider the following limitations when you configure sFlow technology on a Junos Fusion Enterprise:

  • You cannot configure sFlow technology on a link aggregation group (LAG), but you can configure it individually on a LAG member interface.

  • You cannot configure sFlow technology on a cascade port.

  • When using the configuration sync feature, sFlow collector statistics are not synced between the aggregation devices.

  • Adaptive sampling is not supported for extended ports. Given this limitation, make sure that you configure the appropriate sampling rate for your configuration so that there is no congestion for CPU traffic.