Step 3: determine the max-header-size sampled data, Step 4: select ports to sample, Step 5: determine the sampling rate – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual
Page 2089
sFlow Introduction and Configuration
Software Reference for x310 Series Switches
C613-50046-01 REV A
AlliedWare Plus
TM
Operating System - Version 5.4.4C
80.9
Step 3:
Determine the max-header-size sampled data
The maximum header size for the sampled data is set by the
command. The optimum setting is to capture only the header portion of the
frame and discard the user-data portion. This is especially important where the
user data contains sensitive information.
Keeping the max-header-size as small as possible has the additional benefit of
lightening the CPU load.
First, inspect the nature of the data to be sampled and the protocols used to carry
it.
For this example we will assume that the network contains Ethernet II frames with
the 4 byte 802.1Q header component, IP, TCP protocols. In this situation the
following rules can be applied:
For an environment using standard TCP\IPv4 over Ethernet frames, consider the
following protocol basics.
Ethernet header (including the 4 byte 802.1Q header component) = 18 bytes
IPv4 header = 24 bytes
TCP header = 24 bytes
Total = 66 bytes
A similar calculation can be made for an environment using IPv6 over Ethernet.
Ethernet header (including the 4 byte 802.1Q component) = 18 bytes
IPv6 header = 40 bytes
TCP header = 24 bytes
Total = 82 bytes
For this example the
will be set to 68 bytes (assuming an
IPv4 environment)
Step 4:
Select ports to sample
Each sampled sFlow port speed is 1 Gbps
12 ports have been selected for sampling
Step 5:
Determine the sampling rate
Selecting the sampling rate involves a trade-off between sFlow requirements,
and system loading. The greater the sampling rate, the more samples will be
taken, and the more accurate their results will be. Unfortunately, taking more
samples increases the load on the switch CPU and on the connection to the
collector.
For this particular configuration, the value of N was set to 5000 so as to present a
light load on the CPU.
Caution
In the above network scenarios:
For IPv4—any data existing between 66 bytes and the value set by
this command will be included in the sFlow packet samples. For
example, with the default of 128 applied, up to 128-66=62 bytes of
user data could be included in the sFlow datagram samples sent
between the Agent and the Collector.
For IPv6—any data existing between 82 bytes and the value set by
this command will be included in the sFlow packet samples. For
example, with the default of 128 applied, up to 128-82=46 bytes of
user data could be included in the sFlow datagram samples sent
between the Agent and the Collector.