пятница, 9 сентября 2016 г.

IT CROWD: sFlow на коммутаторе HP (H3C)


Настройка sFlow на коммутаторах H3C (HP)

Данные команды конфигурирования для коммутатора H3C (10.0.0.250), отбор проб пакетов с частотой дискреции 512,  с счетчиком каждые 30 секунд и отправкой SFlow в анализатор (10.0.0.50) по протоколу UDP с использованием SFlow порта по умолчанию (6343):
Проверено на коммутаторе 5800

Общая настройка на свитче:
<sysname> system-view - вход режим конфига.
[Sysname] sflow agent ip 10.0.0.250 - адрес агента (свитча)
[Sysname] sflow collector ip 10.0.0.50 port 6343 - адрес коллектора, с портом (сборщика)
[Sysname] sflow version 5
[Sysname] sflow interval 30

Настройка на выбранном порту (Ethernet1/0)
<sysname> system-view - вход режим конфига.
[Sysname] interface ethernet 1/0
[Sysname-Ethernet1/0] sflow enable inbound
[Sysname-Ethernet1/0] sflow sampling-mode random
[Sysname-Etherent1/0] sflow sampling-rate 512




Вырезка SLOW из манула H3C


Configuring the sFlow agent and sFlow collector information


Command
Remarks
1.     Enter system view.
system-view
N/A
2.     (Optional.) Configure an IP address for the sFlow agent.
sflow agent { ip ip-address | ipv6 ipv6-address }
By default, no IP address is configured for the sFlow agent. The device periodically checks whether the sFlow agent has an IP address. If not, the device automatically selects an IPv4 address for the sFlow agent but does not save the IPv4 address in the configuration file.
NOTE:
·       H3C recommends that you manually configure an IP address for the sFlow agent.
·       Only one IP address can be configured for the sFlow agent on the device, and a newly configured IP address overwrites the existing one.
3.     Configure the sFlow collector information.
sflow collector collector-id [ vpn-instance vpn-instance-name ] { ip ip-address | ipv6 ipv6-address } [ port port-number | datagram-size size |time-out seconds | description text ] *
By default, no sFlow collector information is configured.
4.     (Optional.) Specify the source IP address of sFlow packets.
sflow source { ip ip-address | ipv6 ipv6-address } *
By default, the source IP address is determined by routing.

Configuring flow sampling

Perform this task to configure flow sampling on an Ethernet interface. The sFlow agent samples packets on that interface according to the configured parameters, encapsulates them into sFlow packets, and sends them in UDP packets to the specified sFlow collector.
To configure flow sampling:

Step
Command
Remarks
1.     Enter system view.
system-view
N/A
2.     Enter Ethernet interface view.
interface interface-type interface-number
N/A
3.     (Optional.) Set the flow sampling mode.
sflow sampling-mode { determine | random }
By default, the device samples packets in determine mode.
The random sampling mode is not supported in the current software version. This random keyword is reserved for future support.
4.     Enable flow sampling andspecify the number of packets out of which flow sampling samples a packet on the interface.
sflow sampling-rate rate
By default, flow sampling is disabled.
5.     (Optional.) Set the maximumnumber of bytes of a packet (starting from the packet header) that flow sampling can copy.
sflow flow max-header length
The default setting is 128 bytes.
6.     Specify the sFlow collector for flow sampling.
sflow flow collector collector-id
By default, no sFlow collector is specified for flow sampling.

Configuring counter sampling

Perform this task to configure counter sampling on an Ethernet interface. The sFlow agent periodically collects the counter information on that interface, encapsulates the information into sFlow packets, and sends them in UDP packets to the specified sFlow collector.
To configure counter sampling:

Step
Command
Remarks
1.     Enter system view.
system-view
N/A
2.     Enter Ethernet interface view.
interface interface-type interface-number
N/A
3.     Enable counter sampling and set the counter sampling interval.
sflow counter interval interval-time
By default, counter sampling is disabled.
4.     Specify the sFlow collector for counter sampling.
sflow counter collector collector-id
By default, no sFlow collector is specified for counter sampling.

Displaying and maintaining sFlow

Execute display commands in any view.

Task
Command
Display sFlow configuration.
display sflow

sFlow configuration example



NOTE:
By default, Ethernet, VLAN, and aggregate interfaces are down. To configure such an interface, bring the interface up by executing the undo shutdown command.

Network requirements

As shown in Figure 2, configure flow sampling in determine mode and counter sampling on GigabitEthernet 3/0/1 of the device to monitor traffic on the port. Configure the device to send sampled information in sFlow packets through GigabitEthernet 3/0/3 to the sFlow collector.

Configuration procedure

1.      Configure the IP addresses and subnet masks for interfaces, as shown in Figure 2. (Details not shown.)
2.      Configure the sFlow agent and configure information about the sFlow collector:
# Configure the IP address for the sFlow agent.
<Sysname> system-view
[Sysname] sflow agent ip 3.3.3.1
# Configure information about the sFlow collector: specify the sFlow collector ID as 1, IP address as 3.3.3.2, port number as 6343 (default), and description as netserver.
[Sysname] sflow collector 1 ip 3.3.3.2 description netserver
3.      Configure counter sampling:
# Enable counter sampling and set the counter sampling interval to 120 seconds on GigabitEthernet 3/0/1.
[Sysname] interface GigabitEthernet 3/0/1
[Sysname-GigabitEthernet3/0/1] sflow counter interval 120
# Specify sFlow collector 1 for counter sampling.
[Sysname-GigabitEthernet3/0/1] sflow counter collector 1
4.      Configure flow sampling:
# Enable flow sampling and set the flow sampling mode to determine and sampling interval to 4000.
[Sysname-GigabitEthernet3/0/1] sflow sampling-mode determine
[Sysname-GigabitEthernet3/0/1] sflow sampling-rate 4000
# Specify sFlow collector 1 for flow sampling.
[Sysname-GigabitEthernet3/0/1] sflow flow collector 1

Verifying the configurations

# Display the sFlow configuration and operation information.
[Sysname-GigabitEthernet3/0/1] display sflow
sFlow datagram version: 5
Global information:
Agent IP: 3.3.3.1(CLI)
Source address:
Collector information:
ID    IP              Port  Aging      Size VPN-instance Description
1     3.3.3.2         6343  N/A        1400              netserver
Port information:                                                              
Interface      CID   Interval(s) FID   MaxHLen Rate     Mode      Status
GE3/0/1         1     120         1     128     4000   Determine  Active
The output shows that GigabitEthernet 3/0/1 enabled with sFlow is active, the counter sampling interval is 120 seconds, and the flow sampling interval is 4000 (one packet is sampled from every 4000 packets).

Troubleshooting sFlow configuration

The remote sFlow collector cannot receive sFlow packets

Symptom

The remote sFlow collector cannot receive sFlow packets.

Analysis

·           The sFlow collector is not specified.
·           sFlow is not configured on the interface.
·           The IP address of the sFlow collector specified on the sFlow agent is different from that of the remote sFlow collector.
·           No IP address is configured for the Layer 3 interface that sends sFlow packets, or the IP address is configured, but the UDP datagrams with the IP address being the source cannot reach the sFlow collector.
·           The physical link between the device and the sFlow collector fails.
·           The sFlow collector is bound to a non-existent VPN.

Solution

1.      Check that sFlow is correctly configured by using display sflow.
2.      Check that a correct IP address is configured for the device to communicate with the sFlow collector.
3.      Check that the physical link between the device and the sFlow collector is up.
4.      Check that the bound VPN already exists.




Комментариев нет:

Отправить комментарий