Fortinet black logo

Devices Managed by FortiOS

Configuring sFlow

Copy Link
Copy Doc ID d60ec86c-919f-11eb-b70b-00505692583a:173286
Download PDF

Configuring sFlow

sFlow is a method of monitoring the traffic on your network to identify areas on the network that might impact performance and throughput. With sFlow, you can export truncated packets and interface counters. FortiSwitch implements sFlow version 5 and supports trunks and VLANs.

NOTE: Because sFlow is CPU intensive, Fortinet does not recommend high rates of sampling for long periods.

sFlow uses packet sampling to monitor network traffic. The sFlow agent captures packet information at defined intervals and sends them to an sFlow collector for analysis, providing real-time data analysis. To minimize the impact on network throughput, the information sent is only a sampling of the data.

The sFlow collector is a central server running software that analyzes and reports on network traffic. The sampled packets and counter information, referred to as flow samples and counter samples, respectively, are sent as sFlow datagrams to a collector. Upon receiving the datagrams, the sFlow collector provides real-time analysis and graphing to indicate the source of potential traffic issues. sFlow collector software is available from a number of third-party software vendors. You must configure a FortiGate policy to transmit the samples from the FortiSwitch unit to the sFlow collector.

sFlow can monitor network traffic in two ways:

  • Flow samples—You specify the percentage of packets (one out of n packets) to randomly sample.
  • Counter samples—You specify how often (in seconds) the network device sends interface counters.

Use the following CLI commands to specify the IP address and port for the sFlow collector. By default, the IP address is 0.0.0.0, and the port number is 6343.

config switch-controller sflow

collector-ip <x.x.x.x>

collector-port <port_number>

end

Use the following CLI commands to configure sFlow:

config switch-controller managed-switch

edit <FortiSwitch_serial_number>

config ports

edit <port_name>

set sflow-sampler {disabled | enabled}

set sflow-sample-rate <0-99999>

set sflow-counter-interval <1-255>

next

next

end

For example:

config switch-controller sflow

collector-ip 1.2.3.4

collector-port 10

end

config switch-controller managed-switch

edit S524DF4K15000024

config ports

edit port5

set sflow-sampler enabled

set sflow-sample-rate 10

set sflow-counter-interval 60

next

next

end

Configuring sFlow

sFlow is a method of monitoring the traffic on your network to identify areas on the network that might impact performance and throughput. With sFlow, you can export truncated packets and interface counters. FortiSwitch implements sFlow version 5 and supports trunks and VLANs.

NOTE: Because sFlow is CPU intensive, Fortinet does not recommend high rates of sampling for long periods.

sFlow uses packet sampling to monitor network traffic. The sFlow agent captures packet information at defined intervals and sends them to an sFlow collector for analysis, providing real-time data analysis. To minimize the impact on network throughput, the information sent is only a sampling of the data.

The sFlow collector is a central server running software that analyzes and reports on network traffic. The sampled packets and counter information, referred to as flow samples and counter samples, respectively, are sent as sFlow datagrams to a collector. Upon receiving the datagrams, the sFlow collector provides real-time analysis and graphing to indicate the source of potential traffic issues. sFlow collector software is available from a number of third-party software vendors. You must configure a FortiGate policy to transmit the samples from the FortiSwitch unit to the sFlow collector.

sFlow can monitor network traffic in two ways:

  • Flow samples—You specify the percentage of packets (one out of n packets) to randomly sample.
  • Counter samples—You specify how often (in seconds) the network device sends interface counters.

Use the following CLI commands to specify the IP address and port for the sFlow collector. By default, the IP address is 0.0.0.0, and the port number is 6343.

config switch-controller sflow

collector-ip <x.x.x.x>

collector-port <port_number>

end

Use the following CLI commands to configure sFlow:

config switch-controller managed-switch

edit <FortiSwitch_serial_number>

config ports

edit <port_name>

set sflow-sampler {disabled | enabled}

set sflow-sample-rate <0-99999>

set sflow-counter-interval <1-255>

next

next

end

For example:

config switch-controller sflow

collector-ip 1.2.3.4

collector-port 10

end

config switch-controller managed-switch

edit S524DF4K15000024

config ports

edit port5

set sflow-sampler enabled

set sflow-sample-rate 10

set sflow-counter-interval 60

next

next

end