Acl-based inbound sflow – Brocade Multi-Service IronWare Switching Configuration Guide (Supporting R05.6.00) User Manual
Page 928
898
Multi-Service IronWare Switching Configuration Guide
53-1003036-02
ACL-based Inbound sFlow
23
NOTE
Data for POS ports is sampled using Ethernet format. The PPP or HDLC header of the sampled POS
packet is replaced with an Ethernet header. PPP or HDLC control packets or IS-IS packets
transmitted or received at a POS port are not sampled. Such packets are not included in the number
of packets from which each sample is taken.
NOTE
sFlow packets cannot be forwarded from a management interface. You must configure an IP
interface on an Interface module to forward sFlow packets.
ACL-based Inbound sFlow
Multi-Service IronWare software supports using an IPv4 or IPv6 ACL to select sample traffic to be
sent to an sFlow collector. The data matching an ACL clause can be collected to observe traffic flow
patterns and quantities between a set of switches and routers. To accommodate collecting sFlow
through standard procedures and using ACL-filtered traffic, the proprietary Tag Type 1991
encapsulates the sFlow samples obtained through ACL-based sFlow and separates them from the
sequence flow of other sFlow samples.
shows the format of an sFlow packet, which
illustrates the differences between a standard sFlow payload and an ACL-based payload.
shows sFlow in a UDP packet. Within the UDP packet, the sFlow contents are carried in
individual samples that are identified by a Tag Type and a Length variable. The standard values for
the Tag Types are 1 (sampled packet) and 2 (counter sample). The Length variable describes the
length of the sample. Within the sample are other variables including the Sequence number and
the Source ID.
Brocade has introduced the proprietary Tag Type 1991 to identify ACL-based sFlow samples. For
these samples, standard Tag Type 1 samples collected using ACL-based Inbound sFlow are
encapsulated in a Tag Type 1991 sample. The Length variable identifies the entire length of the Tag
Type 1991 sample including the encapsulated Tag Type 1 sample.The encapsulated sample has a
Length variable of its own that only identifies the length of that sample.
The Tag Type 1991 samples are sequenced separately from the unencapsulated Tag Type 1
samples. For instance, in the packet detail described in “Sequence Flow for sFlow Records” in
, the top sFlow record with Tag Type 1 begins with the sequence number 1. The next
sFlow record is Tag Type 1991, which indicates that the sample contained is from ACL-based sFlow.
Encapsulated within this ACL-based sFlow sample is an sFlow sample record of Tag Type 1. The
ACL-based sFlow sample (which contains the Tag Type 1 sample) is followed by an unencapsulated
Tag Type 1 sFlow sample. That unencapsulated Tag Type 1 sFlow sample follows the sequence
numbering of the first unencapsulated Tag Type 1 sFlow sample, which gives it a sequence number
of 2.
This is useful in cases where an sFlow collector does not recognize Tag Type 1991. In these
situations, the Tag Type 1991 samples can be ignored without disrupting the sFlow sequence
numbers. It is also useful for identifying samples obtained using ACL-based sFlow on which other
processing might be performed.
FIGURE 209
sFlow packet format