Egress sFlow Sampling
Egress sFlow sampling functionality extends sampling to the egress traffic,
both unicast and multicast streams. When egress sFlow sampling is enabled on a port, the sFlow
agent samples the egress traffic on that port, and these sampled packets are processed by slow
path passed on to the collector. You can configure the rate at which the packets are sampled.
Both ingress and egress sampling can be enabled simultaneously on a port.
The sample-rate is maintained on a per-port basis, so a given port will have the same sample rate
for ingress and egress traffic.
This feature supports the following configuration options:
- sFlow can sample the egress flow of a physical interface; in this case,
the sFlow agent samples the packet from the egress flow of an interface.
- sFlow can sample both the ingress and egress flows of an interface; in
this case the sFlow agent samples the packet from the ingress and egress flow of a configured
interface.
Similar to existing ingress sFlow sampling, the egress sFlow sampling samples both unicast
and multicast egress flows. The global enable/disable control of sFlow is common for both ingress
and egress. When the global option is enabled, the port level sFlow parameters are applied to
hardware.
Limitations
The following list identifies limitations of the egress sFlow feature:
- Due to the hardware limitation, destination port information is not
supported for multicast traffic. The output interface index is populated as 0.
- The egress sFlow sampling does not support de-duplication of
packets.
- For multicast traffic, the sampling rate, sample pool of the egress
sFlow sampled datagram will be populated as 0, because the source ID of the egress sampled
multicast packet is unknown.
- For L3 unicast traffic, an unmodified packet is sampled and the destination port is supplied
if the L3 traffic is a flow within single chip. When the egress port and ingress port are in
different chips, then a modified packet is sampled and the destination ports are supplied. For
L3 multicast traffic, unmodified packet is sampled and destination port will be populated as
zero.
- Packets dropped due to egress ACL will be sampled.
- In cases of unicast and multicast flooding, the packets are sampled
before packet replication. If the ingress and member ports are in the same chip then a single
copy of the packet is sampled even though the egress sFlow is enabled on more than one member's
ports. If the member ports are spread across different chips, then packets are sampled on a
per-chip basis.
- In flooding cases, the least configured sampling rate among the member
ports on a port group is considered as a sample rate. Even if you configure different sample
rates on a member ports, egress sampling is performed based on least configured sample rate
among the member ports on a unit.