• Home
• Products
  • Overview
  • Traffic Sentinel
  • sFlowTrend
  • sFlowTrend-Pro
  • sFlow-RT
  • Hyper-V Agent
  • Customer Portal
  • Purchase
• Technology
  • sFlow
  • Whitepapers
  • sFlow Toolkit
  • Developer Tools
• Purchase
  • How to Purchase
• Support
  • Overview
  • FAQs
  • Tutorials
  • Discussion
  • Downloads
• About Us
  • Overview
  • Management
  • Customers
  • Partners
  • Licensees
  • Reseller Info
  • News & Events
  • Contact

Support

• Overview
• FAQs
• Tutorials
• Discussion
• Downloads

Configuring an sFlow Probe

The sFlow probe configuration file describes the devices that the probe is monitoring and types of data to be gathered from each device.

Figure 1 Typical sFlow Probe Deployment

Figure 1 shows a typical probe installation. The sFlow probe is monitoring two backbone switches and an access router. Switch 1 is being monitored using port mirroring. The switch's monitor port is connected directly to the probe. Switch 2 is being monitored using LFAP. The switch sends traffic information over the network to the probe using the LFAP protocol. Finally, the Router is being monitored by a combination of NetFlow and iBGP. NetFlow provides traffic information and iBGP is used to obtain routing information.

Each device must be configured to send network traffic information to the probe. In addition devices must allow the probe SNMP access so that the probe can retrieve interface counters and configuration information.

The probe in turn is configured with information describing each device it is monitoring.

Figure 2 Structure of the Configuration File

Figure 2 shows the structure of the configuration file. The [probe] configuration contains [agent] sections for each device being monitored. Each agent contains one or more data input sections describing the type of information being received from that agent (e.g. [adaptor], [lfap] or [netflow]).

The full probe configuration file is as follows:

;
; Example sFlow Probe configuration file
;

[probe]
host = probe.mycompany.com    ; Fully qualified domain name of this probe
softwareKey = 3BC37BEF3C13E76F0003FFFFA4E46D998B7D7C3949879FCD475158E1
community = private           ; SNMP community string to talk to agents
samplingRate = 1000           ; Packet sampling rate (i.e. sample 1 in 1000)

collectorHost = 10.0.1.1      ; Host receiving sFlow data from this probe

;
; Configuration for Switch 1
;
[agent]
  address = 10.0.0.1     ; IP address of Switch 1

  ; Include scripts relevant to layer 2 switching 
  script.getArpCache.interval     = 3600  ; get MAC -> ifIndex mapping
  script.getVlanTable.interval    = 3600  ; get ifIndex -> VLAN mapping
  script.getIfTable.interval      = 3600  ; get ifIndex -> MAC mapping

  ; Include scripts relevant to layer 3 switching 
  script.getRoutingTable.interval = 3600  ; get CIDR -> nextHop, ifIndex

  [adaptor]
    deviceName = eth1    ; Mirror port on Switch 1 connects to eth1 on probe

;
; Configuration for Switch 2
;
[agent]
  address = 10.0.0.2     ; IP address of Switch 2
  inputPort = 6555       ; TCP port to receive LFAP connections

  [lfap]
    lfapVersion = 5

;
; Configuration for Router
;
[agent]
  address = 10.0.0.254    ; IP address of Router
  inputPort = 5555        ; UDP port to receive NetFlow packets
  
  ; Monitor routing table using iBGP 
  BGP_Peer = YES
  BGP_LocalAS = 65111     ; The local AS number of the Router

  [netflow]
    netFlowInputASInfo = origin    ; NetFlow records contain origin AS numbers
 

For more information, see the on-line help topics listed above.