[ixpmanager] Sflow peer to peer Cisco

Nick Hilliard (INEX) nick at inex.ie
Fri Apr 5 12:45:09 IST 2024 

Hi Mario,

The normal operating mode for sflow on production networks would be to 
enable it for ingress traffic only so that each frame is sampled only 
once.  Unfortunately, Cisco only supports simultaneous ingress+egress 
sflow on NXOS, and there's no way to configure this to be ingress-only 
in the regular CLI.

> https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/104x/config-guides/cisco-nexus-9000-series-nx-os-system-management-configuration-guide-release-104x/m-configuring-sflow-10x.html#id_71910

> "When you enable sFlow for an interface, it is enabled for both ingress and egress. You cannot enable sFlow for only ingress or only egress."

The difficulty with this is that the sflow protocol doesn't contain a 
field for the flow direction. There are approaches for guessing the 
direction using certain heuristics, but this would be just a guess and 
there are corner cases where there doesn't work reliably.

There are other problems too, e.g. there's only a single sampling rate 
per platform, not per interface.

If the N9300 is a broadcom platform, which I think it is, you might be 
able to use the broadcom shell hack detailed on the ixp manager docs page:

https://docs.ixpmanager.org/features/sflow/#cisco-switches

For this, you would need to work out the mapping between the internal 
platform interface names and the cisco CLI interface names, and you'd 
also need to create some script to manually reset all peering edge ports 
on a switch every time the device was rebooted. This is inherently a 
fragile process, and if it's not done correctly, then you'll end up with 
duplicated traffic in the RRD graphing store.

It would be straightforward for Cisco to fix this problem by creating a 
CLI command to specify the sflow sampling direction, either on a global 
or a per-interface basis.

Nick

Mario Klobucar via ixpmanager wrote on 05/04/2024 08:01:
> Hi
> 
> In our new tender for CIX equipment one of possible vendor/solution is 
> Cisco 9k3.
> 
> But I see some limitations https://docs.ixpmanager.org/features/sflow/ 
> for Cisco.
> 
> Is there some “new” experience, knowledge, workaround for this limitations ?
> 
> Best
> 
> Mario
> 
> 
> 
> _______________________________________________
> INEX IXP Manager mailing list
> ixpmanager at inex.ie
> Unsubscribe or change options here: https://www.inex.ie/mailman/listinfo/ixpmanager
>

More information about the ixpmanager mailing list