[an error occurred while processing this directive] [an error occurred while processing this directive]

Example: Monitoring Network Traffic Using sFlow Technology on EX-series Switches

You can configure sFlow technology, designed for monitoring high-speed switched or routed networks, to continuously monitor traffic at wire speed on all interfaces simultaneously. sFlow data can be used to provide network traffic visibility information.

This example describes how to configure and use sFlow monitoring. JUNOS software fully supports the sFlow standard described in RFC 3176, InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks (see RFC 3176).

Requirements

This example uses the following hardware and software components:

  • JUNOS Release 9.3 or later for EX-series switches
  • One EX 3200 or EX 4200 switch

Overview and Topology

sFlow technology is a statistical-sampling–based network monitoring technology for high-speed switched or routed networks. sFlow technology samples network packets and sends the samples to a monitoring station. The information gathered by the sFlow technology is used to create a network traffic visibility picture.

An sFlow monitoring system consists of an sFlow agent embedded in the switch and a centralized collector. The sFlow agent runs on the switch. It combines interface counters and flow samples and sends them across the network to the sFlow collector. Figure 1 depicts the basic elements of the sFlow system.

Figure 1: sFlow Technology Monitoring System

Image g021065.gif

Configuration

To configure sFlow technology, perform the following tasks:

CLI Quick Configuration

To quickly configure sFlow technology, copy the following commands and paste them into the switch terminal window:


[edit protocols sflow]
set collector 10.204.32.46

set collector udp-port 5600
set interfaces ge-0/0/0.0
set polling-interval 20
set sample-rate 1000

Step-by-Step Procedure

To configure sFlow technology:

  1. Configure the IP address of the collector:
    [edit protocols sflow]
    user@switch# set collector 10.204.32.46

    Note: You can configure a maximum of 4 collectors.

  2. Configure the UDP port of the collector. The default UDP port assigned is 6343.
    [edit protocols sflow]
    user@switch# set collector udp-port 5600
  3. Enable sFlow technology on a specific interface:

    [edit protocols sflow]
    user@switch# set interfaces ge-0/0/0.0

    Note: You cannot enable sFlow technology on a Layer 3 VLAN-tagged interface.

    You cannot enable sFlow technology on a LAG interface. sFlow technology can be enabled on the member interfaces of the LAG.

  4. Specify how often the sFlow agent polls the interface:
    [edit protocols sflow]
    user@switch# set polling-interval 20

    Note: The polling interval can be specified as a global parameter also. Specify 0 if you do not want to poll the interface.

  5. Specify the rate at which packets must be sampled:
    [edit protocols sflow]
    user@switch# set sample-rate 1000

Results

Check the results of the configuration:

user@switch# show
sflow {
polling-interval 20;
sample-rate 1000;
collector 10.204.32.46;
interfaces ge-0/0/0.0;
}

Verification

To confirm that the configuration is correct, perform these tasks:

Verifying That sFlow Technology Has Been Configured Properly

Purpose

Verify that sFlow technology has been configured properly.

Action

Use the show sflow command:


user@switch> show sflow 
sFlow            : Enabled
Sample rate      : 1:1000
Sample limit     : 300 packets/second
Polling interval	: 20 seconds

Note: The sample limit cannot be configured and is set to 300 packets/second.

Meaning

The output shows that sFlow technology is enabled and specifies the values for the sampling rate, sampling limit, and polling interval.

Verifying That sFlow Technology Is Enabled on the Intended Interface

Purpose

Verify that sFlow technology is enabled on interfaces and display the sampling parameters.

Action

Use the show sflow interface command:


user@switch> show sflow interface 
Interface		Status		  Sample rate		Sample limit		Polling-interval
ge-0/0/0.0		Enabled	 	  		1000					300	 					20

Note: The sample limit cannot be configured and is set to 300 packets/second.

Meaning

The output indicates that sFlow technology is enabled on the ge-0/0/0.0 interface with a sampling rate of 1000, sampling limit of 300 packets per second and a polling interval of 20 seconds.

Verifying the sFlow Collector Configuration

Purpose

Verify the sFlow collector's configuration.

Action

Use the show sflow collector command:


user@switch> show sflow collector 
Collector address		  UDP-port		No of samples
10.204.32.46						5600			    1000				
100.204.32.76						3400			    1000

Meaning

The output displays the IP address of the collector and the UDP port. It also displays the packet sampling rate.

[an error occurred while processing this directive]