Enabling L2 ACL rules for sFlow monitoring

sFlow is a sampling technology for monitoring networks. You can monitor specified incoming data flows by including the copy-sflow keyword in rules within an ACL applied to a device.

In order for sFlow to function, the sFlow collector must be globally configured. For details, refer to the Extreme SLX-OS Monitoring Configuration Guide .

  1. Enter configure terminal to access global configuration mode.
    device# configure terminal
    
  2. Enter the mac access-list standard/extended command to create or access the ACL.
    device(config)# mac access-list extended mac_ac12
    
  3. In each rule for which you need to enable sFlow, include the copy-sflow keyword.
    device(conf-macl-ext)# seq 5 permit host 0022.3333.4444 host 0022.3333.5555 copy-sflow
    device(conf-macl-ext)# deny host 0022.3333.7777 host 0022.3333.6666 copy-sflow
    
  4. Apply the ACL that you created to the appropriate physical interface, specifying in.
    device(config)# interface ethernet 2/1
    device(conf-if-eth-2/1)# mac access-group mac_acl2 in