Ethernet Switching
Reply
Trusted Contributor
harrydanger
Posts: 86
Registered: ‎03-13-2009
0

EX 4200 and sFLOW

all,

 

having some issues configuring SFLOW on a very basic config.

 

1x4200 is sat behind a firewall with 1 vlan with virtual IP, uplink to firewall and global routing table configured with default route.

connectivity is good and can ping the sflow collector configured on a different  subnet, on the other side of the firewall

 

I have configured sflow on some access ports in the vlan and the access port connecting to the firewall.

 

I was expecting to see sflow traffic to the colector. I see 1 packet cross the firewall configured on the sflow port (9996) to the colelctor, and then nothing. Strangely the packet has the ip address of the management interface, completely different from the switch vlan and the collector range (not sure if this is issue)

 

help much appreciated. config attached

 

Harry.

 

Distinguished Expert
mikep
Posts: 483
Registered: ‎06-30-2009

Re: EX 4200 and sFLOW

Hi,

 

 >Strangely the packet has the ip address of the management interface, completely different from the switch vlan and the collector >range (not sure if this is issue)

 

It is working as designed:

The sFlow collector uses the sFlow agent’s IP address to determine the source of the
sFlow data. The IP address assigned to the agent is based on the following order of
priority of interfaces configured on the switch:
1. Loopback interface
2. Virtual Management Ethernet (VME) interface
3. Management Ethernet interface
4. Any other Layer 3 interface

 

Although there are default values for polling-intervall (20 secs)  and sample-rate (1000), could you try to configure these values explicitly in your sflow config?

 

Kind Regards

Michael Pergament

 

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

Trusted Contributor
harrydanger
Posts: 86
Registered: ‎03-13-2009
0

Re: EX 4200 and sFLOW

thanks mike, i will give this a whirl
Trusted Contributor
harrydanger
Posts: 86
Registered: ‎03-13-2009
0

Re: EX 4200 and sFLOW

Mike, all is working fine and now have some test info for sFLOW. thanks for your help although 1 last question.

 

I want to be able to forward sflow packets to a host that is in a VLAN in a different routing instance than the global instance. As i am now aware, the global routing instance must have a route to this host to be able to forward packets. How can i acheive this. I have tried to apply a policy statement to the global routing interface which imports a route to the subnet (/24), which now has been imported. however, if i try to ping the host, the vlan interface for the vrf'd vlan, or the firewall interface in this vlan, nothing responds. is there something im missing.

 

Harry

 

Distinguished Expert
mikep
Posts: 483
Registered: ‎06-30-2009

Re: EX 4200 and sFLOW

Hi,

 

let us assume you have following config:

 

lab@ex4200-vc1# show routing-instances
test {
    instance-type virtual-router;
    interface ge-0/0/12.0;  <--- IP interface to FW
    routing-options {
        interface-routes {
            rib-group inet test;
        }
    }


lab@ex4200-vc1# show interfaces ge-0/0/12
unit 0 {
    family inet {
        address 80.237.201.100/24;
    }
}

 

Then you can export all test.inet.0 routes (incl. ge-0/0/12 direct route) to inet.0 like that:

 

lab@ex4200-vc1# show routing-options rib-groups
test {
    export-rib test.inet.0;
    import-rib [ test.inet.0 inet.0 ];
}

 

lab@ex4200-vc1# show routing-instances test routing-options
interface-routes {
    rib-group inet test;
}
 

 

Test:

 

There is no  peer IP address on device connected to ge-0/0/12. But if I ceate pings from inet.0 I see outgoing ARP requests for .101 address:

lab@ex4200-vc1# run ping 80.237.201.101                       
PING 80.237.201.101 (80.237.201.101): 56 data bytes

 

lab@ex4200-vc1> monitor traffic interface ge-0/0/12 no-resolve
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is OFF.
Listening on ge-0/0/12, capture size 96 bytes

10:49:32.184406 Out arp who-has 80.237.201.101 tell 80.237.201.100
10:49:32.884162 Out arp who-has 80.237.201.101 tell 80.237.201.100
10:49:33.484144 Out arp who-has 80.237.201.101 tell 80.237.201.100
^C

 

So ICMP requests are going out of the interface which belongs to test.inet.0.

 

Kind Regards

Michael Pergament

 

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

 

Regular Visitor
dlockuan-cla
Posts: 6
Registered: ‎12-28-2009
0

Re: EX 4200 and sFLOW

Hi Michael,

 

I was viewing your comment about sflow, I have a similar problem, I have an EX4200 with release 10.0S1.1 and find some difference where my best route to collector is via the interface vme.0, I don't know if it is problem because the collector is reachable via the vme.0.

I was researching into the documention of Juniper about restrictions of Sflow Traffic by managment interfaces. Do you know where I can find this information??

 

Thanks for all,

 

David.

DLA.
Contributor
tnhphuong
Posts: 32
Registered: ‎07-25-2008
0

Re: EX 4200 and sFLOW

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.