Enabling IPv4 ACL rules for sFlow monitoring

sFlow is a sampling technology for monitoring networks. You can monitor specified incoming data flows by including the copy-sflow keyword in rules within an ACL applied to a device.

In order for sFlow to function, the sFlow collector must be globally configured. For details, refer to the Extreme SLX-OS Monitoring Configuration Guide.

  1. Enter configure terminal to access global configuration mode.
    device# configure terminal
    
  2. Enter the ip access-list standard/extended command to create or access the ACL.
    device(config)# ip access-list extended ext-vfour1
    
  3. In each rule for which you need to enable sFlow, include the copy-sflow keyword.
    device(conf-ipacl-ext)# permit 30.30.30.0 255.255.255.0 any copy-sflow
    device(conf-ipacl-ext)# deny 31.31.31.0 255.255.255.0 copy-sflow
    
  4. Apply the ACL that you created to the appropriate physical interface, specifying the in keyword.
    device(config)# interface ethernet 0/1
    device(conf-if-eth-0/1)# ip access-group ext-vfour1 in