Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

Example: Configuring sFlow Technology to Monitor Network Traffic on EX Series Switches

You can configure sFlow technology, designed for monitoring high-speed switched or routed networks, to continuously monitor traffic at wire speed on all interfaces simultaneously. You can specify sample rates for ingress and egress packets. sFlow data can be used to provide network traffic visibility information.

This example describes how to configure and use sFlow technology to monitor network traffic. Junos OS fully supports the sFlow standard described in RFC 3176, InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks (see http://faqs.org/rfcs/rfc3176.html).

Requirements

This example uses the following hardware and software components:

  • One EX Series switch
  • Junos OS Release 9.3 or later for EX Series switches

Overview and Topology

sFlow technology is a statistical-sampling–based network monitoring technology for high-speed switched or routed networks. sFlow technology samples network packets and sends the samples to a monitoring station. You can specify sample rates for ingress and egress packets. The information gathered is used to create a network traffic visibility picture.

An sFlow monitoring system consists of an sFlow agent embedded in the switch and a centralized collector. The sFlow agent runs on the switch. It combines interface counters and flow samples and sends them across the network to the sFlow collector. Figure 1 depicts the basic elements of the sFlow system.

Figure 1: sFlow Technology Monitoring System

sFlow Technology Monitoring System

Configuration

To configure sFlow technology, perform the following tasks:

CLI Quick Configuration

To quickly configure sFlow technology, copy the following commands and paste them into the switch terminal window:

[edit protocols]
set sflow collector 10.204.32.46 udp-port 5600

set sflow interfaces ge-0/0/0
set sflow polling-interval 20
set sflow sample-rate egress 1000

Step-by-Step Procedure

To configure sFlow technology:

  1. Configure the IP address and UDP port of the collector:
    [edit protocols]
    user@switch# set sflow collector 10.204.32.46 udp-port 5600

    Note: You can configure a maximum of 4 collectors.

  2. Enable sFlow technology on a specific interface:
    [edit protocols sflow]
    user@switch# set interfaces (sFlow Monitoring Technology) ge-0/0/0

    Note: You cannot enable sFlow technology on a Layer 3 VLAN-tagged interface.

    You cannot enable sFlow technology on a link aggregation group (LAG) interface—that is, an aggregated Ethernet interface with a name such as ae0. You can enable sFlow technology on the member interfaces that make up the LAG.

  3. Specify how often the sFlow agent polls the interface:
    [edit protocols sflow]
    user@switch# set polling-interval 20

    Note: The polling interval can be specified as a global parameter also. Specify 0 if you do not want to poll the interface.

  4. Specify the rate at which egress packets must be sampled:

    Note: The sample-rate number (the global sample-rate) statement has been deprecated and might be removed from future product releases. We strongly recommend that you phase out its use.

    [edit protocols sflow]
    user@switch# set sample-rate egress 1000

    Note: If you set only the egress sample rate, the ingress sample rate will be disabled.

Results

Check the results of the configuration:

[edit protocols sflow]
user@switch# show
polling-interval 20; sample-rate egress 1000;collector 10.204.32.46 { udp-port 5600;}interfaces ge-0/0/0.0;

Verification

To confirm that the configuration is correct, perform these tasks:

Verifying That sFlow Technology Has Been Configured Properly

Purpose

Verify that sFlow technology has been configured properly.

Action

Use the show sflow command:

user@switch> show sflow 
sFlow: Enabled
Sample limit: 300 packets/second
Polling interval: 20 seconds
Sample rate egress: 1:1000: Enabled
Sample rate ingress: 1:2048: Disabled
Agent ID: 10.204.96.222

Note: The sample limit cannot be configured and is set to 300 packets/second.

Meaning

The output shows that sFlow technology is enabled and specifies the values for the sample limit, polling interval, and sample rate.

Verifying That sFlow Technology Is Enabled on the Intended Interface

Purpose

Verify that sFlow technology is enabled on interfaces and display the sampling parameters.

Action

Use the show sflow interface command:

user@switch> show sflow interface 
Interface        Status      Sample rate    Adapted sample rate   Polling-interval
            Egress Ingress   Egress Ingress   Egress Ingress
ge-0/0/0.0  Enabled  Disabled  1000    2048    1000     2048            20

Note: The sample limit cannot be configured and is set to 300 packets/second.

Meaning

The output indicates that sFlow technology is enabled on the ge-0/0/0.0 interface with an egress sample rate of 1000, a disabled ingress sample rate, a sampling limit of 300 packets per second and a polling interval of 20 seconds.

Verifying the sFlow Collector Configuration

Purpose

Verify the sFlow collector's configuration.

Action

Use the show sflow collector command:

Collector         Udp-port    No. of samples
 address
10.204.32.46      5600        1000
10.204.32.76      3400        1000

Meaning

The output displays the IP address of the collectors and the UDP ports. It also displays the number of samples.

 

Related Documentation

 

Published: 2012-12-07

Previous Page Next Page