--- Begin Message ---
Yes, this is 1st gen. The SFLOW/SPAN restriction should not apply there.
Re: 60Gbps/24Mpps and SFLOW, SFLOW does not do aggregation of stats for flows
in the switch like netflow does - it's just 1-in-n packet sampling. As such,
the value of "n" should be high enough that both the switch & the collector are
not overburdened. Note that we will rate limit SFLOW copies to the CPU so
that's the first 'bottleneck'. If you end up tail-dropping samples, the
statistical validity of your sampled set goes out the window, so you want to
ensure that 1-in-n is a number that does not hit that rate limiter.
I don't have a 1st gen switch handy to see what the defaults are for that
value. It should show up in 'sh hardware rate-limiter'. In 9300-EX with 9.2.2
it's 40Kpps.
Beyond that, you also want to make sure the collector is able to consume
everything coming from all sflow enabled switches without dropping, for the
same reason mentioned above.
Hope that helps,
Tim
-----Original Message-----
From: Satish Patel <satish....@gmail.com>
Sent: Wednesday, March 20, 2019 8:40 AM
To: Nick Cutting <ncutt...@edgetg.com>
Cc: Tim Stevenson (tstevens) <tstev...@cisco.com>; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Nexus 9300 sflow performance
We have cisco Nexus9000 C9396PX
60 Gbs is data traffic, and 24Mpps ( packet per second ) not sure how
to convert it into flows. Could you please share your sflow
configuration if you don't mind?
I had nfsen in past with 8CPU / 4GB memory but it was damn slow :(
but it could be me.. i will set up again and see if it worth it or
not.
On Wed, Mar 20, 2019 at 11:34 AM Nick Cutting <ncutt...@edgetg.com> wrote:
>
> Good point. We waited for the second Gen
>
> Regarding 60 Gbs, isn’t that is the data traffic, not the flows or sampled
> flows levels?
>
> Our NFSEn box is centos
>
> 4 vCPU and 4 GBrams
>
> Collecting flows from maybe only 30 devices, about 20Gbs and 3k flows per sec.
>
> -----Original Message-----
> From: Tim Stevenson (tstevens) <tstev...@cisco.com>
> Sent: Wednesday, March 20, 2019 11:20 AM
> To: Nick Cutting <ncutt...@edgetg.com>; Satish Patel <satish....@gmail.com>;
> cisco-nsp@puck.nether.net
> Subject: RE: [c-nsp] Nexus 9300 sflow performance
>
> This message originated from outside your organization.
>
> Make sure you distinguish between N9300 (1st generation) and N9300-EX/FX/FX2
> (2nd generation). The SFLOW + SPAN limitation applies only to the latter.
> It's also on the latter that Netflow is supported, which can run concurrently
> with SPAN sessions.
>
> Tim
>
> -----Original Message-----
> From: cisco-nsp <cisco-nsp-boun...@puck.nether.net> On Behalf Of Nick Cutting
> Sent: Wednesday, March 20, 2019 6:19 AM
> To: Satish Patel <satish....@gmail.com>; cisco-nsp@puck.nether.net
> Subject: Re: [c-nsp] Nexus 9300 sflow performance
>
> We use sflow on 9300's, no performance hit - but you cannot use span sessions
> at the same time.
>
> Newer code revisions support netflow, without the SPAN session limitation,
> although we have not tried netflow on the 9300 yet.
>
> For a collector We use NFSEN - opensource, and quite a big install base, and
> it seems to handle a lot of flows.
>
> It supports sflow and netflow as we have a mix, just make sure you add the
> sflow option at build time as it’s a bit funky old linux to add it after.
>
>
>
> -----Original Message-----
> From: cisco-nsp <cisco-nsp-boun...@puck.nether.net> On Behalf Of Satish Patel
> Sent: Wednesday, March 20, 2019 8:21 AM
> To: cisco-nsp@puck.nether.net
> Subject: [c-nsp] Nexus 9300 sflow performance
>
> This message originates from outside of your organisation.
>
> Folks,
>
> I have L3 Nexus 9300 switch which is running 60Gbps traffic on ISP interface
> so I’m planning to run sflow on that specific interference to get flow.
>
> Does it going to create any performances issue on switch?
>
> Can I run sflow on Layer 3 LACP interface?
>
> Can anyone suggest free open source sflow collector?
>
> Sent from my iPhone
> _______________________________________________
> cisco-nsp mailing list cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
--- End Message ---
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
