Configuring sFlow Agents in the Network
You must first configure at least one sFlow Collector instance before configuring an sFlow Agent. Then, you can configure and enable an sFlow Agent on each switch that you want to be part of the sFlow monitoring system to monitor the network traffic.
To configure and enable an sFlow Agent on a switch, use the use the sflow-create command to create at least one sFlow Instance with the following available parameters:
CLI (network-admin@switch) > sflow-create name name-string
|
name name-string |
Specify a name for the sFlow. |
|
Specify one of more of the following options: |
|
|
type ingress|egress |
Specify whether the sFlow sampler type is for ingress or egress traffic. |
|
sample-type raw|cooked |
Specify the sFlow sample type, the default sample type is raw. |
|
ports port-list |
Specify the sFlow ports. |
|
sample-rate 256-16000 |
Specify the sFlow sampling rate. The value ranges from 256-16000 and the default value is 4096. Enter zero (0) if you want to disable sFlow sampling. |
|
counter-polling-interval 0..120 |
Specify the sFlow interface statistics for counter polling interval. This is the periodic sampling or polling counters associated with a data source. |
|
trunc-length trunc-length-number |
Specify the truncated length of the sFlow sample (sample packet size). |
|
agent-id ip-address |
Specify the local IP address. |
Note: When creating an sFlow instance, do not configure both the sample-rate and the counter-polling-interval to zero (0). If you do so, an error message: sflow-create: Sample-rate/counter-polling-interval both can't be 0 is displayed. However, later, you can change both values to zero (0) using the sflow-modify command, if so desired.
Note: If you configure both the sample-rate and the counter-polling-interval to zero (0) using the sflow-modify command, then nosFlow datagrams are sent out to the sFlow Collector for monitoring and analysis.
Below is an example of configuration to enable an sFlow Instance, named net-monitor, in ingress ports 57-59, with sample-type raw, sample-rate 4096, counter-polling-interval of 5 seconds (i.e., 1 sample in every 5 seconds), and trunc-length of 160 bytes:
CLI (network-admin@switch) > sflow-create name net-monitor type ingress sample-type raw ports 57-59 sample-rate 4096 counter-polling-interval 5 trunc-length 160
To delete an existing sFlow Instance, use the command:
CLI (network-admin@switch) > sflow-delete name name-string
To view an sFlow Instance's, use the command:
CLI (network-admin@switch) > sflow-show
Note: To view the binding between an sFlow instance and the nv-message-queues, use the sflow-thread-binding-show command. This command helps during the troubleshooting process and should be run with the support of the Pluribus TAC team. See the Example: A Sample Configuration section below for more details.
To modify the configuration parameters of an sFlow Instance, use the command:
CLI (network-admin@switch) > sflow-modify name name-string
|
name name-string |
Specify the sFlow name that you want to modify. |
|
Modify one or more of the following options: |
|
|
type ingress|egress |
Specify to change the sFlow type to ingress or egress traffic. |
|
sample-type raw|cooked |
Specify to change the sample type to raw or cooked. Default value is raw. |
|
ports port-list |
Specify to change the sFlow ports. |
|
sample-rate 256-16000 |
Modify to change the sFlow sampling rate. The default value is 4096. |
|
counter-polling-interval 0..120 |
Modify and change the sFlow interface stats-counter polling interval. |
|
trunc-length trunc-length-number |
Modify the truncated length of the sFlow sample. |
|
agent-id ip-address |
Modify the local IP address. |
For example, to modify and view the counter-polling-interval of the sFlow Instance, net-monitor, you can use the following commands:
CLI (network-admin@switch*) > sflow-modify name net-monitor counter-polling-interval 120
CLI (network-admin@switch*) > sflow-show format all layout vertical
name: net-monitor
type: ingress
sample-type: raw
ports: 1,3,53,57-59
sample-rate: 4096
counter-polling-interval:120
sample-interval: 5
trunc-length: 160
agent id: 10.1.1.200
sample-pkt-cnt: 2845
sample-drops: 87
The following options are available with the sflow-show command:
CLI (network-admin@switch*) > sflow-show
|
Specify one or more of the options: |
|
|
name name-string |
Displays the name for the sFlow. |
|
type ingress|egress |
Displays whether the sFlow type is for ingress or egress traffic. |
|
sample-type raw|cooked |
Displays the sFlow sample type. |
|
ports port-list |
Displays the sFlow ports. |
|
sample-rate 256-16000 |
Displays the sFlow sample rate. |
|
counter-polling-interval 0..120 |
Displays the sFlow interface stats-counter polling interval. |
|
trunc-length trunc-length-number |
Displays the truncated length of the sFlow sample. |
|
agent-id ip-address |
Displays the local IP address. |
|
sample-pkt-cnt sample-pkt-cnt-number |
Displays the sFlow sample packet count. |
|
sample-drops sample-drops-number |
Displays the sFlow sample dropped packets. |
|
malformed-packet-drops malformed-packet-drops-number |
Displays the sFlow malformed packet drops. |
|
malformed-vlan-packet-drops malformed-vlan-packet-drops-number |
Displays the sFlow malformed vlan packet drops. |
|
malformed-ip-packet-drops malformed-ip-packet-drops-number |
Displays the sFlow malformed ip packet drops. |
|
internal-q-drops internal-q-drops-number |
Displays the sFlow internal Q drops. |
|
oversize-packet-drops oversize-packet-drops-number |
Displays the sFlow over size packet drops. |
|
internal-nq-drops internal-nq-drops-number |
Displays the sFlow internal nQ drops |
If all the command parameters are configured for an sFlow Instance, then the sflow-show command displays an extended output, as shown here:
CLI (network-admin@switch*) > sflow-show format all layout vertical
switch: switch
name: sf25
type: ingress
sample-type: raw
ports: 25
sample-rate: 4096
trunc-length: 160
agent-id: 10.14.22.100
sample-pkt-cnt: 66798
sample-drops: 0
malformed-packet-drops: 0
malformed-vlan-packet-drops: 0
malformed-ip-packet-drops: 0
internal-q-drops: 0
oversize-packet-drops: 0
internal-nq-drops: 0
Example: A Complex Multi-Instance Configuration
Below are the details of a more complex example of sFlow Agent configuration: it contains both ingress and egress samplers, multiple instances, and shows the sample counts and drops.
CLI (network-admin@switch*) > sflow-show
The sflow-show command displays 15 sFlows Instances (s1-s15) configured using the sflow-create command. In Netvisor ONE, when you configure the sFlows Instances, they are associated to a CPU thread (and queue) in groups. To view the groupings and associations, use the command::
CLI (network-admin@switch*) > sflow-thread-binding-show
name thread-id nv-msg-queue-name nv-cache-queue-name
---- --------------- ----------------- -------------------
s1 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s2 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s3 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s4 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s5 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s6 140323777259264 sflow-packet-q-9 sflow-cache-q-9
s7 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s8 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s9 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s10 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s11 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s12 140322640197376 sflow-packet-q-10 sflow-cache-q-10
s13 140322665375488 sflow-packet-q-11 sflow-cache-q-11
s14 140322665375488 sflow-packet-q-11 sflow-cache-q-11
s15 140322665375488 sflow-packet-q-11 sflow-cache-q-11
From the above output, you can see that the first six sFlows Instances (s1-s6) have the same thread-id, nv-msg-queue-name, and nv-cache-queue-name parameters. Similarly, the next six sFlows Instances (s7-s12) are associated to a different set of parameters, and so on. This command helps in understanding the bindings created automatically between the sFlow Instances and the switch resources.
In the above output:
- thread-id: is the unique identifier of the CPU resources associated to sFlow Instances (in groups of 6)
- nv-msg-queue-name: is the actual software queue used for sFlow data
- nv-cache-queue-name: is a pool of buffers. Netvisor ONE allocates one memory block from a cache_queue whenever a sample is received from the hardware, which is then queued to the nv_queue.
To view the nv_queue details, use the command:
CLI (network-admin@switch*) > nv-queue-stats-show | grep sflow
