Configuring sFlow Agents on the Network
You must first configure the sFlow Collector before configuring the sFlow Agent using the sflow-create command. You must configure and enable sFlow Agent on each switch that you want to be part of the sFlow monitoring system to monitor the network traffic.
To configure or enable sFlow Agent on a switch, use the command:
CLI (network-admin@switch) > sflow-create name name-string
|
name name-string |
Specify a name for the sFlow. |
|
type ingress|egress |
Specify whether the sFlow type is for ingress or egress traffic. |
|
sample-type raw|cooked |
Specify the sFlow sample type, the default sample type is raw. |
|
ports port-list |
Specify the sFlow ports. |
|
sample-rate 256-16000 |
Specify the sFlow sample rate. The value ranges from 256-16000 and the default value is 4096. Enter zero (0) if you want to disable sFlow sampling. |
|
counter-polling-interval 0..120 |
Specify the sFlow interface statistics for counter polling interval. This is the periodic sampling or polling counters associated with a data source. |
|
trunc-length trunc-length-number |
Specify the truncated length of the sFlow sample (sample packet size). |
|
agent-id ip-address |
Specify the local IP address. |
Note: While creating the sFlow, do not configure both the sample-rate and counter-polling-interval to zero (0). If you do so, an error message: sflow-create: Sample-rate/counter-polling-interval both can't be 0 is displayed. However, later, you can change both values to zero (0) using the sflow-modify command if desired.
Note: When you configure the sample-rate and counter-polling-interval to zero (0) using the sflow-modify command, then no packets are sent out for sFlow monitoring.
Below is an example configuration on a switch to enable the sFlow Agent, net-monitor, on the ingress ports 57-59, with sample type raw, sample-rate 4096, counter-polling-interval of 5 seconds (1 sample in 5 seconds), trunc-length of 160 bytes:
CLI (network-admin@switch) > sflow-create name net-monitor type ingress sample-type raw ports 57-59 sample-rate 4096 counter-polling-interval 5 trunc-length 160
For deleting an existing sFlow Agent, use the command:
CLI (network-admin@switch) > sflow-delete name name-string
To view the sFlow Agent details, use the command:
CLI (network-admin@switch) > sflow-show
Note: To view the binding between the sFlows and the nv-message-queues, use the sflow-thread-binding-show command. This command helps during debugging process and should be run with the support from Pluribus TAC team. See the Example: A Sample Configuration below.
To modify the configuration details for an sFlow Agent, use the command:
CLI (network-admin@switch) > sflow-modify name name-string
|
name name-string |
Specify the sFlow name that you want to modify. |
|
Modify one or more of the following options: |
|
|
type ingress|egress |
Specify to change the sFlow type to ingress or egress traffic. |
|
sample-type raw|cooked |
Specify to change the sample type to raw or cooked. Default value is raw. |
|
ports port-list |
Specify to change the sFlow ports. |
|
sample-rate 256-16000 |
Modify to change the sFlow sample rate. The default value is 4096. |
|
counter-polling-interval 0..120 |
Modify and change the sFlow interface stats-counter polling interval. |
|
trunc-length trunc-length-number |
Modify the truncated length of the sFlow sample. |
|
agent-id ip-address |
Modify the local IP address. |
For example, to modify and view the counter-polling-interval for the sFlow, net-monitor, use the command:
CLI (network-admin@switch*) > sflow-modify name net-monitor counter-polling-interval 120
CLI (network-admin@switch*) > sflow-show format all layout vertical
name: net-monitor
type: ingress
sample-type: raw
ports: 1,3,53,57-59
sample-rate: 4096
counter-polling-interval:120
sample-interval: 5
trunc-length: 160
agent id: 10.1.1.200
sample-pkt-cnt: 2845
sample-drops: 87
Based on the configuration, the following details are displayed for the sflow-show command:
CLI (network-admin@switch*) > sflow-show
|
Specify one or more of the options: |
|
|
name name-string |
Displays the name for the sFlow. |
|
type ingress|egress |
Displays whether the sFlow type is for ingress or egress traffic. |
|
sample-type raw|cooked |
Displays the sFlow sample type. |
|
ports port-list |
Displays the sFlow ports. |
|
sample-rate 256-16000 |
Displays the sFlow sample rate. |
|
counter-polling-interval 0..120 |
Displays the sFlow interface stats-counter polling interval. |
|
trunc-length trunc-length-number |
Displays the truncated length of the sFlow sample. |
|
agent-id ip-address |
Displays the local IP address. |
|
sample-pkt-cnt sample-pkt-cnt-number |
Displays the sFlow sample packet count. |
|
sample-drops sample-drops-number |
Displays the sFlow sample dropped packets. |
|
malformed-packet-drops malformed-packet-drops-number |
Displays the sFlow malformed packet drops. |
|
malformed-vlan-packet-drops malformed-vlan-packet-drops-number |
Displays the sFlow malformed vlan packet drops. |
|
malformed-ip-packet-drops malformed-ip-packet-drops-number |
Displays the sFlow malformed ip packet drops. |
|
internal-q-drops internal-q-drops-number |
Displays the sFlow internal Q drops. |
|
oversize-packet-drops oversize-packet-drops-number |
Displays the sFlow over size packet drops. |
|
internal-nq-drops internal-nq-drops-number |
Displays the sFlow internal nQ drops |
If all the command parameters are configured for an sFlow Agent, then the sflow-show command displays an output as given here:
CLI (network-admin@switch*) > sflow-show format all layout vertical
switch: switch
name: sf25
type: ingress
sample-type: raw
ports: 25
sample-rate: 4096
trunc-length: 160
agent-id: 10.14.22.100
sample-pkt-cnt: 66798
sample-drops: 0
malformed-packet-drops: 0
malformed-vlan-packet-drops: 0
malformed-ip-packet-drops: 0
internal-q-drops: 0
oversize-packet-drops: 0
internal-nq-drops: 0
Example: A Sample Configuration
Below is a set of sample configuration details for the sflows created in Pluribus lab for further understanding.
CLI (network-admin@switch*) > sflow-show
The sflow-show command displays 15 sFlows (s1-s15) configured using the sflow-create command. In Netvisor ONE, when you configure the sFlows, every six sFlows are bound to one thread (sFlow Agent). To view the details, use the command:
CLI (network-admin@switch*) > sflow-thread-binding-show
name thread-id nv-msg-queue-name nv-cache-queue-name
---- --------------- ----------------- -------------------
s1 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s2 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s3 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s4 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s5 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s6 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s7 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s8 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s9 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s10 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s11 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s12 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s13 140322665375488 sflow-packet-q-11 sflow-cache-q-11
s14 140322665375488 sflow-packet-q-11 sflow-cache-q-11
s15 140322665375488 sflow-packet-q-11 sflow-cache-q-11
From the above output, you can see that the first six sFlows (s1-s6) have the same thread-id, nv-msg-queue-name, and nv-cache-queue-name parameters. Similarly, the next six sFlows (s7-s12) have a new set of parameters and so on. This helps in understanding the bindings between the sFlows and the parameters.
In the above output,
- thread-id: is the unique identifier of the sFlow Agent that binds the sFlows (in groups of 6)
- nv-msg-queue-name: is the actual software queue used for sflow sampling
- nv-cache-queue-name: is a pool of buffers. Netvisor ONE allocates one memory block from the cache_queue whenever a sample is received from the hardware, which is then queued to the nv_queue.
To view the nv_queue details, use the command:
CLI (network-admin@switch*) > nv-queue-stats-show | grep sflow
