Ivan,
We do not have any plans to add this feature ourselves, but there is
no doubt that it would be useful. If you make the changes then we
can look at merging them back into the distributed sources.
Were you thinking that a configuration file would be used? Perhaps
indicating for each receiver which interfaces it should hear from?
When sFlow datagrams arrive from a particular switch/router they may
have samples to/from multiple interfaces packed together, so if you
separate these out into two or more streams you will then need to
construct new datagrams to send out to each receiver. The cleanest
way to do that is to use the sFlow example agent code. It takes care
of the construction and sending of datagrams. You just have to
initialize it so that it knows where to send completed datagrams,
and then you can give it the decoded samples one by one as they come
in (perhaps creating new sampler and poller objects as required). It
will XDR encode them and send out the packet when it is full,
complete with sequence numbers etc. The example code comes with an
example program that reads packets from the network and generates
sFlow output. That is a good place to start if you are looking at
how to initialize and feed the agent code. There is also a slide
presentation with speaker notes describing how the agent code works.
http://www.inmon.com/technology/sflowVersion5.php
I apologise for the rather "thrown-together" nature of the sflowtool
sources. It started as just as example of how to decode the XDR,
and grew haphazardly from there.
Feel free to contact me (off the mailing list) if you have more
detailed questions. There may be some pointers I can offer which
will save time. (For example, you will have to call the
"sfl_agent_tick()" function every second or so (in the normal polling
loop - not with an interrupt stack). So a small change is required
to the select() loop in sflowtool.c so that the select() call is
given a timeout of, say, 100mS. Then you can check the clock each
time around to see if sfl_agent_tick() should be called again.)
regards,
neil
On Dec 7, 2005, at 4:04 PM, Ivan A. Beveridge wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi all,
>
> Are there any thoughts/plans to integrate some kind of port filtering
> into sflowtool?
>
> We have a (dual) ring of switches and are currently intending to
> enable
> sflow-sampling on the edge ports only. However there is a particular
> requirement to be able to monitor the traffic on the inter-switch
> links.
>
> Enabling sampling on the inter-switch links will obviously
> duplicate the
> sampling of some frames, so what we are looking at is a way of
> using the
> "fanout" functionality of sflowtool with some way to "split" the
> sflow-data so that ISL samples go to one port, and all-but-ISL samples
> go to another port.
>
> Any thoughts/comments on this? If it is not being worked on, and we
> are
> able to get a resource to do this, could it be accepted into the
> mainline code (for ease of ongoing maintenance, etc)?
>
> Many thanks
>
>
> Ivan
> - --
> Ivan Beveridge
> <ivan@linx.net> http://www.linx.net/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFDlvnpQQZN5jq7vncRAjrwAJ4khBRfP1OjiigVRj6p/8YdXI3jEQCfUDNQ
> wjPYBCgyprKe2ylkI3hBjTU=
> =h6y+
> -----END PGP SIGNATURE-----
Received on Wed Dec 7 10:55:18 2005
This archive was generated by hypermail 2.1.8 : 12/07/05 PST