Comware

 View Only
last person joined: 2 days ago 

Back to discussions
Expand all | Collapse all

Configuring sFlow or Netstream on interface Vlan-interface

This thread has been viewed 0 times

  • 1.  Configuring sFlow or Netstream on interface Vlan-interface

    Posted Mar 16, 2021 02:12 PM

    Hi,
    We are trying to configure sFlow or Netstream on an interface Vlan-interface on a Comware v7-based switch in order to send traffic samples to an sFlow/Netstream collector, but it seems the commands are not available:

    <hpe>sys
    System View: return to User View with Ctrl+Z.
    [hpe]int vlan 1
    [hpe-Vlan-interface1]s?
      save              Save current configuration
      security-logfile  Security log file configuration
      service           Specify the service slot
      show              Alias for 'display'
      shutdown          Shut down the interface
    [hpe-Vlan-interface1]ip ?
      address             Set the IP address of an interface
      binding             Bind the interface with a VPN instance
      forward-broadcast   IP forward-broadcast configuration
      forwarding-table    IP forwarding table
      irdp                Enable the ICMP Router Discovery Protocol
      mtu                 Set the ip MTU of the interface
      policy-based-route  Specify a policy
      source              Source binding function
      verify              Verify packets

    ***

    How can we configure sFlow or Netstream on this interface Vlan-interface?

    If it is not possible, we would need to configure it on 2x 100 Gbps physical interfaces configured as trunks allowing 4094 VLANs, and the sFlow/Netstream collector is connected via a single 1 Gbps interface. Therefore, the amount of sample traffic might be overwhelming for the sFlow/Netstream collector. We would like to know if there is a way to restrict to get sFlow or Netstream traffic samples only for a set of VLANs of the trunk (instead of all VLANs allowed in the trunk)

    Thanks in advance


    #comware
    #Netstream
    #sFlow
    #interfaceVlan-interface


  • 2.  RE: Configuring sFlow or Netstream on interface Vlan-interface

    EMPLOYEE
    Posted Mar 16, 2021 02:21 PM

    Hi @aroman !

    You can configure sFlow only on physical interfaces, SVIs are not supported.

    Unfortunately you can't make sFlow to selectively sample certain VLANs. It's not so flexible.

    In order to control the amount of data copied to the collector you can use 'sflow sampling rate <rate>' command where <rate> can be value between 1000 and 100000 and defines the number of packets out of which flow sampling will sample a packet on the interface. 

    As for the Netstream, it's a little bit different, but AFAIK only Comware-based routers support it. Could you clarify what is your device and I'll take a look if Netstream is supported there. In overall, unlike sFlow, Netstream has an ability to filter matching traffic with ACL. The interface-level command is 'ip netstream { inbound | outbound } filter acl <ipv4-acl-number>' 

     

     

     



  • 3.  RE: Configuring sFlow or Netstream on interface Vlan-interface

    Posted Mar 16, 2021 03:43 PM

    Hi @Ivan_B ,

    Thanks a lot for your answer. We are looking to configure sFlow or Netstream on an interface Vlan-interface on an HPE 5950 switch running Comware Version 7.1.070, Release 6301



  • 4.  RE: Configuring sFlow or Netstream on interface Vlan-interface

    EMPLOYEE
    Posted Mar 16, 2021 04:13 PM

    In this case 5950 is an exception from other switches and supports both sFlow and Netstream. One important note - Netstream and sFlow are mutually exclusive. You cannot enable both on the same port.

    I think this guide will be very helpful - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00078383en_us It's got configuration guidance and examples for both sampling protocols. Please, pay attention that not all 5950 support Netstream:

    NeStream is not available on the following switches:
    HPE FlexFabric 5950 32QSFP28 switch (JH321A)
    HPE FlexFabric 5950 32QSFP28 TAA-compliant switch (JH322A)

    Also on supported switches it has certain limitations:

    - After you enable NetStream on an HPE FlexFabric 5950 4-slot switch (JH404A) or HPE FlexFabric 5950 48SFP28 8QSFP28 switch (JH402A), the two Gigabit SFP ports on the back panel become unavailable.
    - NetStream is not available on the two Gigabit SFP ports on the back panel of the HPE FlexFabric 5950 4-slot switch (JH404A) or HPE FlexFabric 5950 48SFP28 8QSFP28 switch (JH402A).

    But good news is that 5950's Netstream implementation also has 'ip netstream filter' command, so maybe in your particular case it will be more suitable than sFlow.

    And as we discussed above you can't sample traffic on Vlan-interfaces, only physical ports.

     



  • 5.  RE: Configuring sFlow or Netstream on interface Vlan-interface

    Posted Mar 16, 2021 07:21 PM

    Thansk again @Ivan_B , unfortunately precisely the switch model where we need to configure this is HPE FlexFabric 5950 32QSFP28 switch (JH321A), and we need to configure it on an interface Vlan-interface (not on a physical interface). The physical interface is a trunk that has several VLANs permitted, but we only need to get traffic samples from 2 of them