sFlow agent

The sFlow agent on the switch provides ingress sampling of all forwarded layer 2 and layer 3 traffic on LAG and Ethernet ports. High-availability is supported (packet sampling continues to work after switch-over).

The sFlow agent can communicate with up to three sFlow collectors at the same time. The agent communicates with collectors only on the default VRF.

Although you can configure very high sampling rates, the switch may drop samples if it cannot handle the rate of sampled packets. High sampling rates may also cause high CPU usage resulting in control plane performance issues.

A single sFlow datagram sent to a collector contains multiple flow and counter samples. The total number of samples an sFlow datagram can contain varies depending on the settings for header size and maximum datagram size.

Default settings

  • sFlow is disabled on all interfaces.
  • Collector port: UDP port 6343.
  • Sampling rate: 4096.
  • Polling interval: 30 seconds.
  • Header size: 128 bytes.
  • Max datagram size: 1400 bytes.

Supported features

  • Global sampling rate
  • Interface counters polling
  • Agent IP configuration for IPv4 and IPv6
  • Header size configuration
  • Max datagram size configuration
  • Ingress sampling for all forwarded traffic (L2, L3)
  • Enable/Disable sFlow per interface
  • Support for three remote collectors
  • An out-of-band collector can be defined on the management VRF
  • A collector can be defined on the non-default VRF
  • Sampling on Ethernet and LAG interfaces
  • High availability support (sampling continues to work after switch-over)
  • Source IP support (setting source IP for sFlow datagrams sent to a remote collector)

Limitations

  • No sampling of egress traffic
  • Sampling rate cannot be set per interface (global only)
  • sFlow is not configurable via SNMP