- play_arrow Overview
- play_arrow Operation, Administration, and Management Features
- play_arrow Ethernet OAM and Connectivity Fault Management for Routers
- Introduction to OAM Connectivity Fault Management (CFM)
- Configure Connectivity Fault Management (CFM)
- CFM Action Profile
- Ethernet Local Management Interface
- CFM Support for CCC Encapsulated Packets
- Configure Unified ISSU for 802.1ag CFM
- CFM Monitoring between CE and PE Devices
- Configure Continuity Check Messages
- Example: Configure Ethernet CFM on Physical Interfaces
- Example: Configure Ethernet CFM on Bridge Connections
- Example: Configure Ethernet CFM over VPLS
- play_arrow Link Fault Management for Routers
- play_arrow Ethernet OAM Link Fault Management for Switches
- play_arrow Ethernet OAM Connectivity Fault Management for Switches
- play_arrow Ethernet Frame Delay
- Ethernet Frame Delay Measurements on Switches
- Configure MEP Interfaces on Switches to Support Ethernet Frame Delay Measurements (CLI Procedure)
- Configure One-Way Ethernet Frame Delay Measurements on Switches (CLI Procedure)
- Configure an Iterator Profile on a Switch (CLI Procedure)
- Trigger an Ethernet Frame Delay Measurement Session on a Switch
- Configure Two-Way Ethernet Frame Delay Measurements on Switches (CLI Procedure)
- play_arrow Ethernet Service OAM (ITU-TY.1731) for Routers
- ITU-T Y.1731 Ethernet Service OAM Overview
- Configure Ethernet Frame Delay Measurement Sessions
- Configuring MEP Interfaces to Support Ethernet Frame Delay Measurements
- Configure Ethernet Frame Loss Measurement
- Configure an Iterator Profile
- Configure Ethernet Synthetic Loss Measurements
- Ethernet Alarm Indication
- Inline Transmission Mode
-
- play_arrow Network Monitoring by using SNMP
- SNMP Architecture and SNMP MIBs Overview
- Understand SNMP Implementation in Junos OS
- Configure SNMP in Junos OS
- Configure Options on Managed Devices for Better SNMP Response Time
- Enterprise Specific Utility MIB to Enhance SNMP Coverage
- Optimize the Network Management System Configuration for the Best Results
- Interfaces to Accept SNMP Requests
- Configure SNMP for Routing Instances
- Configure SNMP Remote Operations
- SNMP Traps
- SNMP Traps Supported by Junos OS
- Trace SNMP Activity
- Access Privileges for an SNMP Group
- Configure Local Engine ID on SNMPv3
- Configure SNMPv3
- Configure SNMPv3 Authentication Type and Encryption Type
- SNMPv3 Traps
- SNMPv3 Informs
- SNMP Communities
- MIB Views
- SNMP MIBs Supported by Junos OS and Junos OS Evolved
- Junos OS SNMP FAQs
- play_arrow Remote Network Monitoring (RMON) with SNMP Alarms and Events
- play_arrow Accounting Options
- play_arrow Monitoring Common Security Features
- play_arrow Performance Management
- play_arrow Port Mirroring
- play_arrow Port Mirroring and Analyzers
- Port Mirroring and Analyzers
- Configuring Port Mirroring and Analyzers
- Configuring Port Mirroring Instances
- Configuring Port Mirroring on Physical Interfaces
- Configuring Port Mirroring on Logical Interfaces
- Configuring Port Mirroring for Multiple Destinations
- Configuring Port Mirroring for Remote Destinations
- Configuring Port Mirroring Local and Remote Analysis
- 1:N Port Mirroring to Multiple Destinations on Switches
- Example: Configure Port Mirroring with Family any and a Firewall Filter
- Monitoring Port Mirroring
- Configure Packet Mirroring with Layer 2 Headers for Layer 3 Forwarded Traffic
- Troubleshooting Port Mirroring
-
- play_arrow System Log Messages
- play_arrow Network Management and Troubleshooting
- Compressing Troubleshooting Logs from /var/logs to Send to Juniper Networks Technical Support
- Monitoring and Troubleshooting
- Troubleshooting System Performance with Resource Monitoring Methodology
- Configuring Data Path Debugging and Trace Options
- Using MPLS to Diagnose LSPs, VPNs, and Layer 2 Circuits
- Using Packet Capture to Analyze Network Traffic
- On-Box Packet Sniffer Overview
- Troubleshooting Security Devices
- play_arrow Configuration Statements and Operational Commands
sFlow Support on Switches
Use Feature Explorer to confirm platform and release support for specific features.
Review the Platform-Specific sFlow Behavior section for notes related to your platform.
sFlow technology on the switches samples only raw packet headers. A raw Ethernet packet is the complete Layer 2 network frame.
An sFlow monitoring system consists of an sFlow agent embedded in the device (switch) and up to four external collectors. The sFlow agent's two main activities are random sampling and statistics gathering. The sFlow agent performs packet sampling and gathers interface statistics, and then combines the information into UDP datagrams that are sent to the sFlow collectors. An sFlow collector can be connected to the switch through the management network or data network. The software forwarding infrastructure daemon (SFID) on the switch looks up the next-hop address for the specified collector IP address to determine whether the collector is reachable by way of the management network or data network.
Each datagram contains the following information:
The IP address of the sFlow agent
The number of samples
The interface through which the packets entered the agent
The interface through which the packets exited the agent
The source and destination interface for the packets
The source and destination VLAN for the packets
You can view the Extended router data and Extended switch data headers on collector as part of sFlow records.
The Extended switch data contains information of Flow data length (byte), Incoming 802.1Q VLAN, Incoming 802.1p priority, Outgoing 802.1Q VLAN, and Outgoing 802.1p priority fields
The Extended router data contains information of Flow data length (byte), Next hop, Next hop source mask, and Next hop destination mask fields.
sFlow technology on the switches utilizes the distributed sFlow architecture. The sFlow agent has two separate sampling entities that are associated with each Packet Forwarding Engine. These sampling entities are known as subagents. Each subagent has a unique ID that is used by the collector to identify the data source. A subagent has its own independent state and forwards its own sample packets to the sFlow agent. The sFlow agent is responsible for packaging the samples into datagrams and sending them to the sFlow collector. Because sampling is distributed across subagents, the protocol overhead associated with sFlow technology is significantly reduced at the collector.
In case of dual VLANs, all fields may not be reported.
If the primary-role assignment changes in a Virtual Chassis setup, sFlow technology continues to function.
sFlow for IP-over-IP Tunnels
You can use sFlow technology to sample IP-over-IP traffic at a physical port on devices. This feature is supported for IP-over-IP tunnels with an IPv4 outer header that carry IPv4 or IPv6 traffic. Use sFlow monitoring technology to randomly sample network packets from IP-over-IP tunnels and send the samples to a destination collector for monitoring. Devices that act as a IP-over-IP tunnel entry point, transit device, or tunnel endpoint support sFlow sampling. Table 1 shows the fields that are reported when a packet is sampled at the ingress or egress interface of a device that acts as an IP-over-IP tunnel entry point, transit device, or tunnel endpoint.sFlow Field | Tunnel Entry Point | Transit Device | Tunnel Endpoint |
|---|---|---|---|
Raw packet header | Includes payload only | Includes payload and tunnel header | Egress: Includes payload only Ingress: Includes payload and tunnel header |
Input interface | Incoming IFD SNMP index | Incoming IFD SNMP index | Incoming IFD SNMP index |
Output interface | Outgoing IFD SNMP index | Outgoing IFD SNMP index | Outgoing IFD SNMP index |
sFLow for QFabric System
On a QFabric system, sFlow technology monitors the interfaces on each Node device as a group, and implements the binary backoff algorithm based on the traffic on that group of interfaces.
On the QFabric system, the following default values are used if the optional parameters are not configured:
Agent ID is the management IP address of the default partition.
Source IP is the management IP address of the default partition.
In addition, the QFabric system subagent ID (which is included in the sFlow datagrams) is the ID of the Node group from which the datagram is sent to the collector.
On a QFabric system, the sFlow technology architecture is distributed. The global sFlow technology configuration defined on the QFabric system Director device is distributed to Node groups that have sFlow sampling configured on their interfaces. The sFlow agent has a separate sampling entity, known as a subagent, running on each Node device. Each subagent has its own independent state and forwards its own sample information (datagrams) directly to the sFlow collectors.
On the QFabric system, an sFlow collector must be reachable through the data network. Because each Node device has all routes stored in the default routing instance, the collector IP address should be included in the default routing instance to ensure the collector’s reachability from the Node device.
Regardless of the rate of traffic or the configured sampling interval, a datagram is sent whenever its size reaches the maximum Ethernet transmission unit (MTU) of 1500 bytes, or whenever a 250-ms timer expires, whichever occurs first. The timer ensures that a collector receives regularly sampled data.
Packet-based sampling in sFlow is implemented in the hardware. If traffic levels are
unusually high, the hardware generates more samples than it can handle, and the extra
samples are dropped, producing inaccurate results. Enabling the
disable-sw-rate-limiter statement disables the software rate-limiting
algorithm and allows the hardware sampling rate to stay within the maximum sampling
rate.
sFlow for EVPN-VXLAN
You can use sFlow technology to sample known multicast traffic carried over EVPN-VXLAN.
Sampling of known multicast traffic is supported for traffic that enters the switch over
EVPN-VXLAN or in other words core facing interface and egresses the switch out of
customer-facing ports. Also, known multicast traffic sampling is supported only in the
egress direction. To enable egress sFlow sampling of known multicast traffic on a customer
facing port, you need to enable sFlow on the interface in the egress direction as it is done
for the standard unicast traffic sampling scenario. In addition, you need to include the
egress-multicast enable option at the [edit forwarding options sflow] hierarchy level. The maximum
replication rate for multicast traffic samples can be configured using the
eggress-multicast max-replication-rate rate option at
the [edit forwarding options sflow eggress-multicast] hierarchy
level.
When a set of sFlow egress sampling enabled interfaces are subscribed to a given multicast group and egress sFlow multicast sampling option is enabled, all the interfaces will be sampled at the same rate. The minimum of the configured sFlow rate, or in other words, the most aggressive sampling rate among this set of interfaces is used for sampling across all the interfaces in the set. A single port will generate samples at different rates if it is part of multiple multicast groups, as multicast sampling for a specific group depends on the most aggressive sampling rate among the ports of that particular group.
On EVPN-VXLAN, the centrally-routed bridging (CRB) and Edge-routed bridging (ERB) architecture are supported with sFlow. EVPN-VXLAN supports only IPv4 address.
| Incoming Interface and Encapsulation | Outgoing Interface and Encapsulation | Required Sampled Content | Forwarding Scenario | Metadata |
|---|---|---|---|---|
| Access port Layer 2 traffic | Network port | Incoming Layer 2 header + Layer 2 payload | Packets are encapsulated with VXLAN header and forwarded. | Incoming Interface Index or Identifier. Outgoing Interface Index or Identifier |
| Network port Layer 3 traffic | Access port | Incoming Layer 3 header + VXLAN header + Inner payload | Packets are de-capsulated and forwarded. | Incoming Virtual Tunnel End Point (VTEP) Interface Index or Identifier. Outgoing Interface Index or Identifier |
| Access port Layer 2 traffic | Network port | Incoming Layer 2 Header + Layer 2 payload | Packets are encapsulated with VXLAN header and forwarded. | Incoming Interface Index or Identifier. Outgoing Interface Index or Identifier |
| Network port Layer 3 traffic | Access port | Inner payload | Packets are de-capsulated and forwarded. | Incoming VTEP Interface Index or Identifier. Outgoing Interface Index or Identifier |
Table 3 provides Metadata information for extended switch data and extended routing data.
| EVPN-VXLAN | Scenario | Traffic Type | sFlow Interface Side | VXLAN Tunnel Type | Extended Switch Data | Extended Routing Data | |||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| IIF VLAN | IIF VLAN Priority | OIF VLAN | OIF VLAN Priority | NH IP | NH SMASK | NH DMASK | |||||
| CRB | Layer 2 GW Leaf | Layer 2 | Ingress | Encap | Yes | Yes | No | No | Yes | Yes | Yes |
| Decap | No | No | Yes | No | No | No | No | ||||
| Egress | Encap | Yes | No | No | No | Yes | Yes | Yes | |||
| Decap | No | No | Yes | No | No | No | No | ||||
| Layer 3 GW Spine | Layer 2 | Ingress | No | No | No | No | No | No | No | No | |
| No | No | No | No | No | No | No | No | ||||
| Transit | No | No | No | No | Yes | Yes | Yes | ||||
| Egress | No | No | No | No | No | No | No | No | |||
| No | No | No | No | No | No | No | No | ||||
| Transit | No | No | No | No | Yes | Yes | Yes | ||||
| Layer 3 Traffic (Inter Vlan Case) | Ingress | Encap | No | No | No | No | Yes | Yes | Yes | ||
| Decap | No | No | No | No | Yes | Yes | Yes | ||||
| Transit | No | No | No | No | Yes | Yes | Yes | ||||
| Egress | Encap | No | No | No | No | Yes | Yes | Yes | |||
| Decap | No | No | No | No | Yes | Yes | Yes | ||||
| Transit | No | No | No | No | Yes | Yes | Yes | ||||
| ERB | Layer 2+Layer 3 | Layer 2 | Ingress | Encap | Yes | Yes | No | No | Yes | Yes | Yes |
| Decap | No | No | Yes | No | No | No | No | ||||
| Egress | Encap | Yes | No | No | No | Yes | No | Yes | |||
| Decap | No | No | Yes | No | No | No | No | ||||
| Layer 3 Traffic (Inter VLAN Case) | Ingress | Encap | Yes | Yes | No | No | Yes | Yes | Yes | ||
| Decap | No | No | Yes | No | No | No | No | ||||
| Egress | Encap | Yes | No | No | No | Yes | Yes | Yes | |||
| Decap | No | No | Yes | No | No | No | No | ||||
Platform-Specific sFlow Behavior
Use Feature Explorer to confirm platform and release support for specific features.
Use the following table to review platform-specific behaviors for your platform.
| Platform | Difference |
|---|---|
EX Series |
|
QFX Series |
|
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.
