Configuring sFlow
sFlow is a method of monitoring the traffic on your network to identify areas on the network that might impact performance and throughput. With sFlow, you can export truncated packets and interface counters. FortiSwitch implements sFlow version 5 and supports trunks and VLANs.
NOTE: Because sFlow is CPU intensive, Fortinet does not recommend high rates of sampling for long periods.
sFlow uses packet sampling to monitor network traffic. The sFlow agent captures packet information at defined intervals and sends them to an sFlow collector for analysis, providing real-time data analysis. To minimize the impact on network throughput, the information sent is only a sampling of the data.
The sFlow collector is a central server running software that analyzes and reports on network traffic. The sampled packets and counter information, referred to as flow samples and counter samples, respectively, are sent as sFlow datagrams to a collector. Upon receiving the datagrams, the sFlow collector provides real-time analysis and graphing to indicate the source of potential traffic issues. sFlow collector software is available from a number of third-party software vendors. You must configure a FortiGate policy to transmit the samples from the FortiSwitch unit to the sFlow collector.
sFlow can monitor network traffic in two ways:
- Flow samples—You specify the percentage of packets (one out of n packets) to randomly sample.
- Counter samples—You specify how often (in seconds) the network device sends interface counters.
Use the following CLI commands to specify the IP address and port for the sFlow collector. By default, the IP address is 0.0.0.0, and the port number is 6343.
config switch-controller sflow
collector-ip <x.x.x.x>
collector-port <port_number>
end
Use the following CLI commands to configure sFlow:
config switch-controller managed-switch
edit <FortiSwitch_serial_number>
config ports
edit <port_name>
set sflow-sampler {disabled | enabled}
set sflow-sample-rate <0-99999>
set sflow-counter-interval <1-255>
next
next
end
For example:
config switch-controller sflow
collector-ip 1.2.3.4
collector-port 10
end
config switch-controller managed-switch
edit S524DF4K15000024
config ports
edit port5
set sflow-sampler enabled
set sflow-sample-rate 10
set sflow-counter-interval 60
next
next
end