Hi blackmetal,
Please find answers inline:
1. Do we have any limitation on ex4200 sflow ?
[ANS] We should be ok if we configure sflow without being too aggressive:
Here's the document that explains the configuartion of sflow:
https://www.juniper.net/documentation/en_US/junos10.4/topics/example/sflow-configuring-ex-series.html#jd0e30https://kb.juniper.net/InfoCenter/index?page=content&id=KB14855For example, enabling "sflow" for all interfaces with polling-interval as 1 second and sample-rate as 100 for both ingress and egress, that's aggressive and is bound to spike the CPU.
2. If we enable sflow on our ex4200, when we receive ddos attacks it does not effect on CPU or cause high cpu usages or outage?
[ANS] Normally it doesn't affect the network performance ; However it also depends on several factors, like the polling interval, the sample rate, amount of traffic and number of interfaces that are being polled. If the polling interval is too aggressive, it can lead to High CPU (like "sfid" process etc.). Here is a link that talks mentions 300pps limit:
https://www.juniper.net/documentation/en_US/junos/topics/example/sflow-configuring-ex-series.htmlHope this helps.
Regards,
-r.
--------------------------------------------------
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated :).