sFlow Configuration
Configuration Hierarchy
The following diagram illustrates the sFlow configuration hierarchy. In this configuration hierarchy, traffic sampling collectors and traffic sampling profiles are set up under forwarding-options to enable packet sampling using the sFlow protocol. After defining the collectors and sampling profiles, the sampling profile can be attached to the physical interfaces that allows the device to sample traffic from that interfaces.
Configuration Syntax and Commands
The following sections describe the sFlow configuration syntax and commands.
Platform Profile Configuration
Platform Profile Configuration is applicable only to C-BNG devices. On Spine devices, Platform Profile configuration is not required.
| The device must be rebooted after completing the Platform Profile configuration for it to take effect. |
Syntax
set system platform profile <profile-name>
| Attribute | Description |
|---|---|
profile_name |
Name of platform profile |
feature |
Feature name. |
Example commands:
set system platform profile nat_4q set system platform profile nat_4q feature sFlow
supervisor@rtbrick.net: op> show config system platform
{
"rtbrick-config:platform": {
"profile": [
{
"profile_name": "nat_4q",
"feature": [
"sFlow"
]
}
]
}
}
sFlow Collector Configuration
You can configure a maximum number of four collectors to receive sampled traffic.
| The agent ID must be identical across all collectors. This ensures the source of sampled data is recognized as the same across multiple collectors. |
You can create, modify, or delete collectors dynamically, while the device continues to operate. This gives you the flexibility to modify the configurations of the sFlow collectors without causing any downtime.
Syntax
set forwarding-options traffic-sampling collector <collector-id> <attribute> <value>
Example commands:
set forwarding-options traffic-sampling collector 1 set forwarding-options traffic-sampling collector 1 instance default set forwarding-options traffic-sampling collector 1 export-protocol sflow set forwarding-options traffic-sampling collector 1 address ipv4 10.1.1.1 set forwarding-options traffic-sampling collector 1 sampling-rate 100 set forwarding-options traffic-sampling collector 1 destination-udp-port 6343 set forwarding-options traffic-sampling collector 1 agent-id 1.2.3.4
| Attribute | Description |
|---|---|
collector-id |
Identifier for each collector. |
agent-id |
Unique identifier for the device sending sFlow data. This ID must be the same across all collectors. |
collector-ip |
The IP address of the collector to which the sFlow UDP data gram is sent. |
instance |
The Instance of collector IP reachability. |
destination-udp-port |
The UDP port used for sending sFlow data to the collector (Default: 6343). |
sampling-rate |
Specifies the rate at which the packets are sampled. Range: 100 - 50,000. Example: When configured as 100, 1 packet out of 100 packets gets sampled. |
export-protocol |
The protocol for sending the captured sample packets to the collector (Protocol used is sFlow). |
Example: Collector configuration
The following configuration sets up sFlow collectors. Each collector is assigned with a unique ID and is configured with an IP address to receive the sampled traffic, along with parameters like sampling rate, number of samples, and the destination UDP port for sFlow data. The same agent ID (1.2.3.4) is used for all collectors. The sampled traffic is sent to the collector’s IP address, 10.1.1.1, over UDP port 6343. All collectors operate within the 'default' instance.
Collector 1 is configured with a sampling rate of '1' that indicates every packet traversing the configured interface is sampled without skipping any packet. The number of samples specified is 3, which indicates that the individual packets are aggregated into groups of three samples before being exported to the collector. The sFlow agent, which is the device or system sending the traffic samples, is defined by the agent identifier ‘1.2.3.4’.
In this configuration, collectors 2, 3, and 4 sample every 10th packet but differ in the number of samples and destination ports. Agent ID 1.2.3.4 is configured for all collectors 2, 3, and 4.
{
"rtbrick-config:forwarding-options": {
"traffic-sampling": {
"collector": [
{
"collector-id": 1,
"instance": "default",
"export-protocol": "sflow",
"address": {
"ipv4": "10.1.1.1"
},
"sampling-rate": 100,
"destination-udp-port": 6343,
"agent-id": "1.2.3.4"
},
{
"collector-id": 2,
"instance": "default",
"export-protocol": "sflow",
"address": {
"ipv4": "20.1.1.1"
},
"interval": 4,
"sampling-rate": 100,
"destination-udp-port": 6343,
"agent-id": "1.2.3.4"
},
{
"collector-id": 3,
"instance": "default",
"export-protocol": "sflow",
"address": {
"ipv4": "30.1.1.1"
},
"sampling-rate": 100,
"destination-udp-port": 6343,
"agent-id": "1.2.3.4"
},
{
"collector-id": 4,
"instance": "default",
"export-protocol": "sflow",
"address": {
"ipv4": "40.1.1.1"
},
"sampling-rate": 100,
"destination-udp-port": 6343,
"agent-id": "1.2.3.4"
}
]
}
}
}
Traffic-Sampling Profile Configuration
You can create a traffic sampling profile that can be attached to the physical interface .
Syntax
set forwarding-options traffic-sampling profile <profile-name> collector-id <collector-id> description <description> direction [ingress\|egress\|both]
Example set of commands:
set forwarding-options traffic-sampling profile test set forwarding-options traffic-sampling profile test collector 1 set forwarding-options traffic-sampling profile test direction ingress set forwarding-options traffic-sampling profile test export-protocol sflow
| Attribute | Description |
|---|---|
profile-name |
Name of the sampling profile. |
collector-id |
The identifier of the collector to which the packet samples are sent. |
direction |
Defines whether traffic sampling is performed on ingress, egress, or both of the directions. |
description |
Description for the profile. |
Example: Traffic sampling profile configuration
This configuration defines two traffic sampling profiles that control how network traffic is sampled and exported to specific collectors using the sFlow protocol. Each profile focuses on capturing only incoming traffic on the monitored interfaces and exports this data to a designated collector for analysis.
The first profile, named "test", is configured to send the collected traffic data to Collector 1. This profile is designed to focus on incoming traffic.
The second profile, named "test1", has a similar configuration. It also monitors only incoming traffic, using the sFlow protocol to export the data. The traffic collected under this profile is directed to Collector 2.
{
"rtbrick-config:forwarding-options": {
"traffic-sampling": {
"profile": [
{
"profile-name": "test",
"collector": 1,
"direction": "ingress",
},
{
"profile-name": "test1",
"collector": 2,
"direction": "ingress",
}
]
}
}
}
Attach Traffic-Sampling Profile with the Physical Interface
You can attach a traffic sampling profile to a physical interface using the following command.
Syntax
set interface <interface-name> traffic-sampling-profile <profile-name>
Example Command:
set interface ifp-0/1/10 traffic-sampling-profile test1
| Attribute | Description |
|---|---|
interface-name |
Name of the physical interface. |
<profile-name> |
Name of the profile. |
Example: Traffic sampling profile is attached on multiple physical interfaces.
This configuration sets up a few physical interfaces with different speeds. Some of these interfaces have traffic sampling profiles configured. Two interfaces (ifp-0/1/10 and ifp-0/1/8) are configured with traffic sampling profiles ('test1' and 'test', respectively).
[
{
"name": "ifp-0/1/10",
"speed": "10G",
"traffic-sampling-profile": "test1",
"unit": [
{
"unit-id": 1,
"address": {
"ipv4": [
{
"prefix4": "121.0.0.1/24"
}
],
"ipv6": [
{
"prefix6": "fc66:1337:7331::1/64"
}
]
}
},
{
"unit-id": 25,
"vlan": 25,
"address": {
"ipv4": [
{
"prefix4": "10.1.1.2/24"
}
]
}
},
{
"unit-id": 26,
"vlan": 26,
"address": {
"ipv4": [
{
"prefix4": "20.1.1.2/24"
}
]
}
}
]
},
{
"name": "ifp-0/1/20",
"speed": "10G"
},
{
"name": "ifp-0/1/26",
"speed": "1G"
},
{
"name": "ifp-0/1/5",
"speed": "1G"
},
{
"name": "ifp-0/1/6",
"speed": "1G"
},
{
"name": "ifp-0/1/61",
"speed": "10G"
},
{
"name": "ifp-0/1/63",
"speed": "10G"
},
{
"name": "ifp-0/1/8",
"speed": "10G",
"traffic-sampling-profile": "test"
},
{
"name": "ifp-0/1/9",
"speed": "10G"
},
{
"name": "lo-0/0/4",
"unit": [
{
"unit-id": 1,
"address": {
"ipv4": [
{
"prefix4": "1.2.3.4/24"
}
]
}
}
]
}
]