Brocade BigIron RX Series Configuration Guide User Manual

Page 1210

Advertising
background image

1132

BigIron RX Series Configuration Guide

53-1002484-04

sFlow overview

40

Port-based monitoring: Port-based monitoring and ACL-based sFlow can co-exist on the same
interface.

Port-based sFlow: Port and ACL-based sFlow can co-exist on the same interface. When both
features are configured on an interface, packets that qualify as ACL-based sFlow packets are
sent to the collector as ACL sample packets. Also, the user can configure ACL-based sFlow on
an interface without configuring port-based sFlow.

Policy Based Routing: The copy-sflow keyword is applicable for PBR ACLs.

IPv4 ACL based Rate-Limiting: When the copy-sflow keyword is used in an IPv4 Rate Limiting
ACL, only traffic permitted by the Rate Limiting engine is copied to the CPU for forwarding to the
sFlow collector.

L2 ACLs: The copy-sflow keyword is not supported for L2 ACLs.

If the copy-sflow keyword is used for a clause that is applied to the outbound direction, it is
ignored.

The sampling rate is the average ratio of the number of packets incoming on an sFlow enabled
port, to the number of flow samples taken from those packets. However, for ACL based sFlow,
every matching packet goes to the CPU. Consequently, configured sampling rates do not affect
ACL based sFlow.

Creating an ACL with an sFlow clause

The copy-sflow keyword has been added for inclusion in IPv4 and IPv6 ACL clauses to direct traffic
that meets the criteria in the clause to be sent to the sFlow collector. In the following example, the
ACL is used to direct syn-ack packets sent from a server at address 10.10.10.1.

BigIron RX(config)# access-list 151 permit tcp host 10.10.10.1 any established

copy-sflow

BigIron RX(config)# access-list 151 permit ip any any

The copy-sflow parameter directs selected traffic to the sFlow collector. Traffic can only be selected
using the permit clause.

You must apply the ACL to an interface using the ip access-group command as shown in the
following.

BigIron RX(config)# interface ethernet 1/1

BigIron RX(config-if-e10000-1/1)# ip access-group 151 in

Specifying an sFlow collector

sFlow exports traffic statistics to an external collector. You can specify up to four collectors. You can
specify more than one collector with the same IP address if the UDP port numbers are unique. You
can have up to four unique combinations of IP address and UDP port number.

To specify sFlow collectors, enter a command such as the following.

BigIron RX(config)# sflow destination 10.10.10.1

This command specifies a collector with IP address 10.10.10.1, listening for sFlow data on UDP
port 6343.

Syntax: [no] sflow destination <ip-addr> [<dest-udp-port>]

The <ip-addr> parameter specifies the collector’s IP address.

The <dest-udp-port> parameter specifies the UDP port on which the sFlow collector will be listening
for exported sFlow data. The default port number is 6343.

Advertising
Popular Brands
Popular manuals