Sampled Flow Tracking
Sampled Flow Tracking Overview
Network administrators require access to traffic flow information that passes through various network elements to analyze and monitor networks. Sampled Flow Tracking provides access to IP flow information by sampling traffic flows in the ingress direction on the configured interfaces. The samples create flow records exported to the configured collectors in the Internet Protocol Flow Information Export (IPFIX) format.
- Flow tracker - A collection of interfaces that collects samples and creates flow records. The flow tracker has one or more exporters.
- Exporter - Sends flow records to one or more collectors.
- Collector - Receives flow records from one or more exporters.
- Data record - Contains values of the parameters corresponding to a template record.
- Template record - Defines the structure and interpretation of fields in a data record with an ordered sequence of type and length pairs.
- Options template record - Defines a template record with the structure and interpretation of fields in a data record, including scoping the applicability of the data record.
Sampled Flow Tracking creates data records based on the following flow key fields:
- Source IP address
- Destination IP address
- IP protocol
- Source port
- Destination port
- VRF
- VLAN
These records support IPv4 and IPv6 flow data records.
- VRF record - Mapping of the VRF ID to the VRF name.
- Interface record -Mapping of the interface ID to the interface name.
- Flow key indicator record - Mapping of template ID to flow key indicator.
- Flow tracker record - Information about configured flow tracker.
Sampled Flow Tracking supports selective sampling of certain traffic types, specified globally, such as routed IPv4, routed IPv6, MPLS pop, and route IPv4 per interface.
The following interfaces support this feature:
- Interfaces
- Subinterfaces
- Port Channels
- Port Channel Subinterfaces
Sampled Flow Tracking Limitations
- Sampled flow tracking is active only when sFlow is disabled on the device.
- Sampled flow tracking does not support export of IPFIX messages over ECMP paths.
- Sampled flow tracking route simulation is not supported for ECMP paths.
Configuring Sampled Flow Tracking
These sections describe sampled flow tracking configurations.
Configuring Sampled Flow Tracking
Use the flow tracker sampled command to enable sampled flow tracking on a tracker. Each tracker should have a minimum of one exporter configured.
Example
This command enables sampled flow tracking on an interface Eth1 and the flow tracker ftr1.
switch(config)# interface Eth1
switch(config-if-Et1)# flow tracker sampled ftr1
Use the sample command to enable the sample rate for a specific sampled flow tracker. The default sample rate is 1048576.
Example
These commands configure a sample rate of 1024 for the sampled flow tracker.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# sample 1024
Configuring the Sampled Flow Tracker
Use the tracker command to configure a sampled flow tracker for a device.
Example
This command configures a sampled flow tracker named ftr1.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
Use the record export on interval command to configure the interval at which active flow records are exported. The default interval is 300000 milliseconds.
Example
These commands configure an active record interval of 7000 for the exporter exp1.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# record export on interval 7000
Use the record export on inactive timeout command to configure the interval at which timed-out inactive flow records are exported. The default interval is 15000 milliseconds.
These commands configure an inactive record interval of 4000 for the exporter exp1.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# record export on inactive timeout 4000
Configuring Exporter for Sampled Flow Tracker
Use the exporter command to configure or unconfigure an exporter for a specific tracker.
Example
This command configures exporter exp1 for the specific tracker ftr1.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
Use the collector command to configure the collector for the specific exporter.
Example
These commands configure a collector for the IPv4 address 192.0.2.0 and collector port number 10.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# collector 192.0.2.0 port 10
Use the local interface command to configure the local source interface for the specific exporter.
Example
These commands configure the local source interface Ethernet1 for the exporter exp1.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# local interface Ethernet1
Use the dscp command to configure the DSCP value for the specific exporter. The default DSCP value is 0.
Example
These commands configure a DSCP value of 10 for the exporter exp1.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# dscp 10
Use the format ipfix version command to configure the IPFIX version and maximum packet size for the specific exporter. The default IPFIX version is 10 and the default maximum packet size is 9152.
Example
These commands configure an IPFIX version of 10 and a maximum packet size of 854 for the exporter exp1.
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# format ipfix version 10 max-packet-size 854
Use the template interval command to configure the interval at which templates are exported for the specific exporter. The default template interval is 3600000 milliseconds.
Example
This command configures the interval of 3400000 milliseconds for the exporter exp1.
switch(config-ftr-sampled-tr-exp-ftr1-exp1)# template interval 3400000
Hardware Flow Tracking with IPFIX Export
- IP source
- IP destination
- IP protocol
- IP protocol’s source port
- IP protocol’s destination port
- Byte count (4 bytes)
- Packet count (4 bytes)
- New-learn timestamp
- Flow start timestamp
- Flow end timestamp
Configuring Hardware Flow-tracking
! Define a loopback interface to act as the local source interface for
! IPFIX export
int Loopback0
ip address 1.2.3.4/32
@ Enable IP routing for IPFIX packet to be routed to the collector
ip routing
! The flow tracker definition
flow tracking hardware
tracker myFtr
record export on inactive timeout 60000
record export on interval 30000
!
exporter myExporter
local interface Loopback0
template interval 5000
collector 172.28.130.153
no shutdown
! Flow tracked interface/port
int Ethernet48
flow tracker hardware myFtr
no shutdown
This command shows general information about hardware flow tracking.
switch# show flow tracking hardware
Flow Tracking Status
Type: Hardware
Running: yes
Tracker: myFtr
Active interval: 30000ms
Inactive timeout: 60000ms
Groups: IPv4, IPv6, vxlanIPv4, vxlanIPv6
Exporter: myExpoter
VRF: default
Local interface: Loopback0 (1.2.3.4)
Export format: IPFIX version 10, MTU 1500
DSCP: 0
Template interval: 5000ms
Collectors:
172.28.130.153 port 4739
Active interfaces:
Et48
This command shows hardware flow tracking IPFIX template.
switch# show flow tracking hardware ipfix template
Tracker: myFtr
Data Template, Group: IPv4, Fields: 16, Template ID: 263
paddingOctets (210), 4 bytes
aristaBscanExportReason[E] (1036), 2 bytes
paddingOctets (210), 38 bytes
destinationTransportPort (11), 2 bytes
sourceTransportPort (7), 2 bytes
protocolIdentifier (4), 1 bytes
destinationIPv4Address (12), 4 bytes
sourceIPv4Address (8), 4 bytes
ingressVRFID (234), 2 bytes
paddingOctets (210), 1 bytes
aristaBscanTsNewLearn[E] (1040), 6 bytes
aristaBscanTsFlowStart[E] (1038), 6 bytes
aristaBscanTsFlowEnd[E] (1039), 6 bytes
octetDeltaCount (1), 4 bytes
packetDeltaCount (2), 4 bytes
paddingOctets (210), 38 bytes
Data Template, Group: IPv6, Fields: 17, Template ID: 264
paddingOctets (210), 4 bytes
aristaBscanExportReason[E] (1036), 2 bytes
paddingOctets (210), 9 bytes
sourceIPv6Address (27), 16 bytes
paddingOctets (210), 5 bytes
destinationTransportPort (11), 2 bytes
sourceTransportPort (7), 2 bytes
protocolIdentifier (4), 1 bytes
ingressVRFID (234), 2 bytes
destinationIPv6Address (28), 16 bytes
paddingOctets (210), 1 bytes
aristaBscanTsNewLearn[E] (1040), 6 bytes
aristaBscanTsFlowStart[E] (1038), 6 bytes
aristaBscanTsFlowEnd[E] (1039), 6 bytes
octetDeltaCount (1), 4 bytes
packetDeltaCount (2), 4 bytes
paddingOctets (210), 38 bytes
Data Template, Group: vxlanIPv4, Fields: 16, Template ID: 265
paddingOctets (210), 4 bytes
aristaBscanExportReason[E] (1036), 2 bytes
paddingOctets (210), 38 bytes
destinationTransportPort (11), 2 bytes
sourceTransportPort (7), 2 bytes
protocolIdentifier (4), 1 bytes
destinationIPv4Address (12), 4 bytes
sourceIPv4Address (8), 4 bytes
ingressVRFID (234), 2 bytes
paddingOctets (210), 1 bytes
aristaBscanTsNewLearn[E] (1040), 6 bytes
aristaBscanTsFlowStart[E] (1038), 6 bytes
aristaBscanTsFlowEnd[E] (1039), 6 bytes
octetDeltaCount (1), 4 bytes
packetDeltaCount (2), 4 bytes
paddingOctets (210), 38 bytes
Data Template, Group: vxlanIPv6, Fields: 17, Template ID: 266
paddingOctets (210), 4 bytes
aristaBscanExportReason[E] (1036), 2 bytes
paddingOctets (210), 9 bytes
sourceIPv6Address (27), 16 bytes
paddingOctets (210), 5 bytes
destinationTransportPort (11), 2 bytes
sourceTransportPort (7), 2 bytes
protocolIdentifier (4), 1 bytes
ingressVRFID (234), 2 bytes
destinationIPv6Address (28), 16 bytes
paddingOctets (210), 1 bytes
aristaBscanTsNewLearn[E] (1040), 6 bytes
aristaBscanTsFlowStart[E] (1038), 6 bytes
aristaBscanTsFlowEnd[E] (1039), 6 bytes
octetDeltaCount (1), 4 bytes
packetDeltaCount (2), 4 bytes
paddingOctets (210), 38 bytes
Options Template, VRF Mapping, Template ID: 256
ingressVRFID (234), 4 bytes
VRFname (236), variable length
Options Template, Interface Mapping, Template ID: 257
ingressInterface (10), 4 bytes
interfaceName (82), variable length
Options Template, Flow Key, Template ID: 258
templateId (145), 2 bytes
flowKeyIndicator (173), 8 bytes
Options Template, Tracker, Template ID: 259
observationDomainId (149), 4 bytes
observationDomainName (300), variable length
flowActiveTimeout (36), 2 bytes
flowIdleTimeout (37), 2 bytes
selectorAlgorithm (304), 2 bytes
samplingSize (309), 4 bytes
samplingPopulation (310), 4 bytes
flowTrackingType (1001), 2 bytes
This command shows hardware flow tracking IPFIX template option-table.
switch# show flow tracking hardware ipfix options-table
Tracker: myFtr
Observation domain: myFtr, ID: 1
Active interval: 5sec
Inactive timeout: 60sec
Selector algorithm: random(3)
Sampling: 1/1
Flow tracking type: hardware(2)
VRF Table, Template ID: 256, Scope: ingressVRFID
VRF ID VRF Name
-------------- ---------------
0 default
1 vrf1
2 vrf2
3 fake-management
4 vrf500
16777215
Interface Table, Template ID: 257, Scope: ingressInterface
Interface ID Interface Name
------------------ --------------
0 unknown
1 Ethernet1
2 Ethernet2
3 Ethernet3
4 Ethernet4
5 Ethernet5
6 Ethernet6
7 Ethernet7
8 Ethernet8
9 Ethernet9
10 Ethernet10
11 Ethernet11
12 Ethernet12
13 Ethernet13
14 Ethernet14
15 Ethernet15
16 Ethernet16
17 Ethernet17
18 Ethernet18
19 Ethernet19
20 Ethernet20
21 Ethernet21
22 Ethernet22
23 Ethernet23
24 Ethernet24
25 Ethernet25
26 Ethernet26
27 Ethernet27
28 Ethernet28
29 Ethernet29
30 Ethernet30
31 Ethernet31
32 Ethernet32
33 Ethernet33
34 Ethernet34
35 Ethernet35
36 Ethernet36
37 Ethernet37
38 Ethernet38
39 Ethernet39
40 Ethernet40
41 Ethernet41
42 Ethernet42
43 Ethernet43
44 Ethernet44
45 Ethernet45
46 Ethernet46
47 Ethernet47
48 Ethernet48
49 Ethernet49
50 Ethernet50
51 Ethernet51
52 Ethernet52
53001 Ethernet53/1
53002 Ethernet53/2
53003 Ethernet53/3
53004 Ethernet53/4
54001 Ethernet54/1
54002 Ethernet54/2
54003 Ethernet54/3
54004 Ethernet54/4
999001 Management1
2000002 Vlan2
2000048 Vlan48
2000049 Vlan49
2000100 Vlan100
7000000 vxlan1
1073741823 CPU
1073741824 discard
2147483648 multicast
Flow Keys Table, Template ID: 258, Scope: templateId
Template ID Flow Key Indicator
----------------- ------------------
263 0x1f8
264 0x3e8
265 0x1f8
266 0x3e8
Postcard Telemetry
The postcard telemetry gathers per flow telemetry information like path and per hop latency. The path, latency and congestion information for flows at different times help in troubleshooting and monitoring flows. Postcard telemetry samples flows at every switch, aggregates them and sends the samples to a collector with path and latency information using GRE encapsulation. For calculating latency information, switches in the network need to be in PTP sync.
- Length of the truncated samples in bytes.
- 48-bit timestamp.
- SNMP OID values of Ingress and Egress ports.
- 16 bit IP payload checksum, uniquely identify the sample of the same packet from different switches at the collector.
- Sample Rate (Multiplier is 1K).
- Sample data, packet inclusive of L2 header, truncated to 256 bytes.
Configuring Postcard Telemetry for Collector
switch(config)# monitor telemetry postcard policy
switch(config-tele-postcard-policy)# no disabled
switch(config-tele-postcard-policy)# ingress collection gre source 10.10.10.10 destination 172.16.1.1
switch(config)# interface Ethernet1/1
switch(config-if-Et1/1)# telemetry postcard policy profile default
- 16384 Set sample rate to 1 in 16k packets
- 32768 Set sample rate to 1 in 32k packets
- 65536 Set sample rate to 1 in 64k packets
This example configures sample policy for matching two different flow sets.
- Destination IP prefix 10.1.1.0/24 and Source IP prefix 10.2.2.0/24
- TCP source port number 100 and destination source port number 200
- Destination IP prefix 172.16.2.0/24
- Source IP prefix 172.16.3.0/24
switch(config)# monitor telemetry postcard policy
switch(config-tele-postcard-policy)# sample policy mypolicy
switch(config-postcard-sample-policy-mypolicy)# match myrule1 ipv4
switch(config-postcard-sample-policy-match-mypolicy-myrule1-ipv4)# destination prefix 10.1.1.0/24
switch(config-postcard-sample-policy-match-mypolicy-myrule1-ipv4)# source prefix 10.2.2.0/24
switch(config-postcard-sample-policy-match-mypolicy-myrule1-ipv4)# protocol tcp source port 100 destination port 200
switch(config-postcard-sample-policy-mypolicy)# match myrule2 ipv4
switch(config-postcard-sample-policy-match-mypolicy-myrule1-ipv4)# destination prefix 172.16.2.0/24
switch(config-postcard-sample-policy-match-mypolicy-myrule1-ipv4)# source prefix 172.16.3.0/24
switch(config-postcard-sample-policy-mypolicy)# profile myprofile
switch(config-postcard-profile-myprofile)# ingress sample policy mypolicy
switch(config)# interface Ethernet2/1
switch(config-if-Et1/1)# telemetry postcard policy profile myprofile
switch(config)# monitor telemetry postcard policy
switch(config-tele-postcard-policy)# sample policy mypolicy
switch(config-postcard-sample-policy-mypolicy)# match myrule1 ipv4
switch(config-postcard-sample-policy-match-mypolicy-myrule1-ipv4)# actions
switch(config-postcard-sample-policy-actions-mypolicy-myrule1)# sample
Sampling can also be done based on user specified checksum value and mask in TCP/UDP header.
switch(config)# monitor telemetry postcard policy
switch(config-tele-postcard-policy)# ingress sample tcp-udp-checksum value <val> mask <mask>
Show Commands
switch# show monitor telemetry postcard policy
Enabled: true
Ingress collection sample rate: 16384
Ingress collection type: GRE
Ingress collection source: 10.10.10.10
Ingress collection destination: 172.16.1.1
switch# show monitor telemetry postcard sample policy
Sample policy default
Total number of rules configured: 1
match ipv4 ipv4-all-default:
Actions: sample
Sample policy mypolicy
Total number of rules configured: 3
match ipv4 myrule1:
Source: 10.2.2.0/24
Destination: 10.1.1.0/24
Protocol: tcp
Source port: 100
Destination port: 200
match ipv4 myrule2:
Source: 172.16.2.0/24
Destination: 172.16.2.0/24
match ipv4 ipv4-all-default:
switch# show monitor telemetry postcard policy profiles
Profiles
Name: default
Sample policy: default
Configured on: Et1/1
Active on: Et1/1
Name: myprofile
Sample policy: mypolicy
Configured on: Et2/1
Active on: Et2/1
switch# show monitor telemetry postcard policy profile myprofile
Profiles
Name: myprofile
Sample policy: mypolicy
Configured on: Et2/1
Active on: Et2/1
Configuring a TCAM Profile for Postcard Telemetry
The postcard telemetry requires the system TCAM profile to enable Postcard Telemetry by creating a user-defined TCAM profile.
The system TCAM profile must support the telemetry postcard policy ipv4 to support postcard telemetry for IPv4 packets for IPv4 packets in copied or newly created TCAM profiles.
Creating the User Defined TCAM profile
switch(config)# hardware tcam
switch(config-hw-tcam)# profile <profile name> copy default
switch(config-hw-tcam-profile-<profile>)# feature telemetry postcard policy ipv4 copy
switch(system-feature-source-profile) #
switch(config-hw-tcam-profile-<profile>-feature-<feature>)# packet ipv4 forwarding bridged
switch(config-hw-tcam-profile-<profile>-feature-<feature>)# packet ipv4 forwarding routed
switch(config-hw-tcam-profile-<profile>-feature-<feature>)# key size limit 160
switch(config-hw-tcam-profile-<profile>-feature-<feature>)# exit
switch(config-hw-tcam-profile-<profile>)# no feature mirror ip
switch(config-hw-tcam-profile-<profile>)#
Applying the User-defined TCAM Profile
switch(config-hw-tcam)# system profile <profilename>
When the system TCAM profile change, expected some of the agents to restart. This removes the unused features to ensure Postcard Telemetry allocation on theTCAM DB.
Limitations
- Supports the IPv4 collector on default VRF only.
- Supports the IPv4 match rules in sample policy only.
- Supports sampling packets with matching TCP control flags.
- Supports IPv4 PBR forwarded packets for sampling.
- Supports Postcard Telemetry for DirectFlow forwarded packets.
- Does not support vxlan-encapsulated packets.
- Does not support packets with IP options.
- Does not support multi-destination packets.
- Does not support packets dropped or consumed by switch.
- DCS-7280 and DCS-7500 platforms supports up to three (3) postcard policies.
Inband Network Telemetry (INT) Support
The Inband Network Telemetry, eXport Data (INT-XD) gathers flow, queue, drop telemetry information like network path, hop latency, queue congestion, drop reasons and more which are used for network monitoring and troubleshooting.
- Flow telemetry report generates from flow events. Flow events include new flows, change in the attributes of flow like ingress/egress port or latency. Flow reports include information about the path that packets traverse as well as other telemetry metadata such as hop latency and queue occupancy.
- Drop reports provide visibility into the impact of packet drops on user traffic. Drop reports include information about the path that packets traversed as well as other telemetry metadata such as drop reason code and queue id.
- Queue congestion reports are generated from queue-related events, like packets exceeding the queue depth or latency. This provides visibility into the traffic causing and prolonging queue congestion.
Platform Compatibility
- DCS-7170-64C-F
- DCS-7170-64C-R
- DCS-7170-64C#
- DCS-7170-64C-M#
- DCS-7170-32C-F
- DCS-7170-32C-R
- DCS-7170-32C#
- DCS-7170-32C-M-F
- DCS-7170-32C-M-R
- DCS-7170-32C-M#
- DCS-7170-32CD-F
- DCS-7170-32CD-R
- DCS-7170-32CD#
configuration
switch(config)# platform barefoot profile default
switch(config)# monitor telemetry postcard int-xd
switch(config-tele-postcard-int-xd)# no disabled
switch(config-tele-postcard-int-xd)# report flow
switch(config-tele-postcard-int-xd)# report flow refresh-interval <value> seconds
switch(config-tele-postcard-int-xd)# report drop
switch(config-tele-postcard-int-xd)# report queue
switch(config-tele-postcard-int-xd)# report queue depth 10 percent
switch(config-tele-postcard-int-xd)# report queue latency 1024 nanoseconds
switch(config-tele-postcard-int-xd)# report queue rate-limit 1000 reports-per-second
switch(config-tele-postcard-int-xd)# device id 25
switch(config-tele-postcard-int-xd)# exit
Show Commands
switch(config)# show platform barefoot int drop codes
Code Reason
------ -------------------------------------------------------------
1 Ingress STP blocked
2 Ingress invalid VLAN
switch(config)# show platform barefoot registers seqNumber
Limitations
- Specific flow watchlist to filter flows is not supported in this release.
- A 5-tuple of outer header is used for tracking the flows.
- Collector reachability through overlay networks is not supported.
- Packets punted to the CPU are not exported to the collector.
- Collector reachability over non default vrf is not supported.
- Collector reachability via out of band management port is not supported.
- Only unicast packet tail drops are exported to collectors.
- INT reports are sent to a single collector reachable via IPv4.
Sampled Flow Tracking configuration Examples
This section describes the command configurations required to configure sampled flow tracking.
Sampled Flow Tracking Basic configuration
The following commands enable a basic configuration.
Sampled Flow Tracking Commands
This section contains descriptions of Sampled flow tracking commands.
configuration Commands
Interface configuration Command
Privileged EXEC Command
Sampled Flow Tracking Display Commands
clear flow tracking sampled counters
The clear flow tracking sampled counters command clears the flow tracking counters for all trackers, a specified tracker, or a specified tracker and exporter.
Command Mode
Privileged EXEC
Command Syntax
clear flow tracking sampled counters [tracker tracker_name [exporter exporter_name]]
- tracker tracker_name Specifies the flow tracker.
- exporter exporter_name Specifies the exporter.
Example
switch# clear flow tracking sampled counters tracker ftr1 exporter exp1
switch#
collector
The collector command configures a collector to receive flow records from a specified exporter.
The no collector and default collector commands remove the configured collector from running-config.
Command Mode
Sampled Flow Tracking Exporter configuration
Command Syntax
collector {ipv4_address | ipv6_address} [port port_number]
no collector {ipv4_address | ipv6_address} [port port_number]
default collector {ipv4_address | ipv6_address} [ port port_number ]
- ipv4_addressSpecifies the IPv4 address of the collector.
- ipv6_addressSpecifies the IPv6 address of the collector.
- port port_number Specifies the port number for the collector. Values range from 1 to 65535. The default value is 4739.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# collector 192.0.2.0 port 10
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# exit
switch(config-ftr-sampled-tr-ftr1)# exit
switch(config-flow-tracking-sampled)# exit
switch(config)#
dscp
The dscp command configures the Differentiated Services Code Point (DSCP) value for a specific exporter.
The no dscp and default dscp commands reset the DSCP value to the default of 0.
Command Mode
Sampled Flow Tracking Exporter configuration
Command Syntax
dscp dscp_value
no dscp dscp_value
default dscp dscp_value
Parameter
dscp_value the DSCP value assigned to the exporter. Value ranges from 0 to 63. Default value is 0.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# dscp 10
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# exit
switch(config-ftr-sampled-tr-ftr1)# exit
switch(config-flow-tracking-sampled)# exit
switch(config)#
exporter
The exporter command places the switch in sampled flow tracking exporter configuration mode for the specified exporter and creates the exporter if it does not yet exist.
The no exporter and default exporter commands remove the specific exporter from running-config.
Command Mode
Sampled Flow Tracking Tracker configuration
Command Syntax
exporter exporter_name
no exporter exporter_name
default exporter exporter_name
Parameter
exporter_name the name of the exporter.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)#exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)#
flow tracker sampled
The flow tracker sampled command configures an interface to be part of a flow tracker. An interface can belong to only one flow tracker.
The no flow tracker sampled and default flow tracker sampled commands remove the specified interface from the specified tracker.
Command Mode
Interface-Ethernet configuration
Command Syntax
flow tracker sampled tracker_name
no flow tracker sampled tracker_name
default flow tracker sampled tracker_name
Parameter
tracker_name the name of the flow tracker to which the interface is to be added.
Example
switch(config)# interface ethernet 1
switch(config-if-Et1)# flow tracker sampled ftr1
switch(config-if-Et1)#
flow tracking sampled
The flow tracking sampled command places the switch in sampled flow tracking configuration mode. Sampled flow tracking configuration mode is a group-change mode; changes made in a group-change mode are saved by exiting the mode.
The no flow tracking sampled and default flow tracking sampled commands remove all sampled flow tracking configuration from running-config.
Command Mode
Global configuration
Command Syntax
flow tracking sampled
no flow tracking sampled
default flow tracking sampled
Parameters
- abort - Exits mode without saving changes.
- exit - Exits mode and saved changes.
- sample - Configures sample parameters.
- shutdown (sampled flow tracking) - Enables or disables sampled flow tracking
- tracker - Configures a flow tracker.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)#
format ipfix version
The format ipfix version command configures the IPFIX version and maximum packet size for a specific exporter.
The no format ipfix version and default format ipfix version commands remove the previously configured IPFIX version and the maximum packet size value from running-config.
Command Mode
Sampled Flow Tracking configuration
Command Syntax
format ipfix version ipfix_version [max-packet-size max-packet-size value]
no format ipfix version ipfix_version [max-packet-size]
default format ipfix version ipfix_version [max-packet-size]
- ipfix_version the IPFIX version. Default value is 10.
- max-packet-size max-packet-size value the IPFIX maximum packet size. Value ranges from 512 to 65472. Default value is 9152.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# format ipfix version 10 max-packet-size 854
local interface
The local interface command configures the local source interface for the specific exporter.
The no local interface and default local interface commands remove the local interface for the specific exporter from running-config.
Command Mode
Sampled Flow Tracking configuration
Command Syntax
local interface interface
no local interface
default local interface
Parameters
- Ethernet eth_num displays the information of the specified Ethernet interface. The value ranges from 1 to 64.
- Loopback lb_num displays the information of the specified loop back interface. The value ranges from 0 to 2100.
- Management m_num displays the information of the specified Management interface. The management port number ranges from 1 to 2.
- Port-Channel pc_num displays the interface or sub-interface information of the specified port channel. The interface and sub-interface values of port channel ranges from 1-1000 and 1-2000, 1-4094 respectively.
- Tunnel t_num displays the information of the specified tunnel. The value ranges from 0 to 255.
- Vlan vlan_num displays the information of the specified VLAN interface. The value ranges from 1 to 4094.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# local interface Ethernet1
record export on inactive timeout
The record export on inactive timeout command configures the interval at which inactive flow records time out and are exported for a flow tracker.
The no record export on inactive timeout and default record export on inactive timeout commands remove the timeout interval from running-config.
Command Mode
Sampled Flow Tracking configuration
Command Syntax
record export on inactive timeout timeout_value
no record export on inactive timeout
default record export on inactive timeout
Parameters
timeout_value the flow record inactive export timeout value in milliseconds. Value ranges from 3000 to 900000. The default value is 15000 milliseconds.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# record export on inactive timeout 6000
record export on interval
The record export on interval command configures the interval at which active flow records are exported for a flow tracker.
The no record export on interval and default record export on interval commands remove the interval from running-config.
Command Mode
Sampled Flow Tracking configuration
Command Syntax
record export on interval interval_value
no record export on interval
default record export on interval
Parameter
interval_value the flow record export interval in milliseconds. Value ranges from 5000 to 36000000. The default value is 300000 milliseconds.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# record export on interval 9000
sample
The sample command enables the sample rate for a specific sampled flow tracker.
The no sample and default sample commands remove the sample rate configured for a specific sampled flow tracker from running-config.
Command Mode
Sampled Flow configuration
Command Syntax
sample sample_rate
no sample
default sample
Parameter
sample_rate the sample flow tracking rate to be assigned for a sampled flow tracker. Value ranges from 1024 to 16777216. Default value is 1048576.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# sample 2056
show flow tracking sampled
The show flow tracking sampled tracker command displays information about the status of a specific tracker and the status of a specified exporter within that tracker. If no tracker is specified in the command, then all information about all trackers is displayed.
Command Mode
EXEC
Command Syntax
show flow tracking sampled [tracker tracker_name [exporter exporter_name]]
- tracker tracker_name the specific flow tracker.
- exporter exporter_name the specific exporter within the tracker.
Example
switch# show flow tracking sampled tracker ftr1 exporter exp1
Flow tracking status
Type: Sampled
Running: yes
Sample rate: 1024
Tracker: ftr1
Active interval: 30000ms
Inactive timeout: 120000ms
Groups: IPv4, IPv6
Exporter: exp1
VRF: default
Local interface: Management1 (172.30.150.179)
Export format: IPFIX version 10, MTU 1500
DSCP: 48
Template interval: 3600000ms
Collectors:
172.31.22.131 port 4739
Active interfaces:
Et1
show flow tracking sampled counters
The show flow tracking sampled counters command displays information about the flow tracking counters of a specific tracker and the counters of a specified exporter within that tracker.
Command Mode
EXEC
Command Syntax
show flow tracking sampled counters [tracker tracker_name [exporter exporter_name]]
- tracker tracker_name the specific flow tracker.
- exporter exporter_name the specific exporter within the tracker.
Example
switch# show flow tracking sampled counters tracker ftr1 exporter exp1
Tracker: ftr1
1 flows, 22 RX packets
Flows created: 1, expired: 0
Group: IPv4
1 flows, 22 RX packets
Group: IPv6
0 flows, 0 RX packets
Exporter: exp1 (IPFIX)
Collector: 172.31.24.133 port 4739
52 messages, last sent 0:00:27 ago
0 flow records
2350 options data records, last sent 0:00:27 ago
6 templates, last sent 0:12:27 ago
Collector: 172.31.22.131 port 4739
52 messages, last sent 0:00:27 ago
0 flow records
2350 options data records, last sent 0:00:27 ago
6 templates, last sent 0:12:27 ago
show flow tracking sampled flow-table
The show flow tracking sampled flow-table command displays information about the active flows maintained in the eos.
Command Mode
EXEC
Command Syntax
show flow tracking sampled flow-table [ detail | dst-ip | dst-port | group | interface | protocol | src-ip | src-port | tracker | vlan | vrf ]
- detail displays detailed flow records.
- dst-ip displays flow records based on destination IPv4 or IPv6 address.
- dst-port displays flow records based on a specified destination port.
- group displays flow records based on IPv4 or IPv6 flow groups.
- interface displays flow records based on ingress interface.
- protocol displays flow records based on the flow IP protocol.
- src-ip displays flow records based on source IPv4 or IPv6 address.
- src-port displays flow records based on a specified source port.
- tracker displays flow records based on flow tracker.
- vlan displays flow records based on a specified flow VLAN ID.
- vrf displays flow records based on flow VRF.
- This command displays information about the active flows on the device.
switch# show flow tracking sampled flow-table Tracker: ftr1, Flows: 1 Group: IPv4, Flows: 1 VRF VLAN Source Destination Protocol Start Time Pkts Bytes ---- ------ ------------- ------------- ---------- --------------------- ------ ------ red 42 10.10.1.1:0 10.20.1.2:0 UDP 2019-04-18 15:06:50 7 700
- This command displays detailed information about the active flows on the
device.
switch# show flow tracking sampled flow-table detail Tracker: ftr1, Flows: 1 Group: IPv4, Flows: 1 Flow: UDP 10.10.1.1:0 - 10.20.1.2:0, VRF: red, VLAN: 42 Start time: 2019-04-18 15:06:50.268734, Last packet time: 2019-04-18 15:07:03.607900 Packets: 15, Bytes: 1500, TOS: 0, TCP flags: none Source MAC: 001c.73ee.bfe4, Destination MAC: 001c.7374.3b85 Ingress Interface: 'Ethernet1', Egress VLAN: routed, Egress Interface: CPU Next hop: unknown, BGP next hop: unknown (AS unknown), Source AS: unknown Source prefix length: 24, Destination prefix length: 32
show flow tracking sampled ipfix options-table
The show flow tracking sampled ipfix options-table command displays information about the sampled IPFIX options table available.
Command Mode
EXEC
Command Syntax
show flow tracking sampled ipfix options-table tracker [flow-key | flow-tracker | interface | vrf]
- tracker displays the output for a specific flow tracker.
- flow-key displays the flow keys options table.
- flow-tracker displays the flow tracker options table.
- interface displays the interface options table.
- vrf displays the VRF options table.
Example
switch# show flow tracking sampled ipfix options-table
Tracker: ftr1
Observation domain: ftr1, ID: 1
Active interval: 30sec
Inactive timeout: 120sec
Selector algorithm: random(3)
Sampling: 1/1024
Flow tracking type: sampled(1)
VRF Table, Template ID: 256, Scope: ingressVRFID
VRF ID VRF Name
-------------- --------
0 default
1 red
16777215
Interface Table, Template ID: 257, Scope: ingressInterface
Interface ID Interface Name
------------------ ----------------
0 unknown
3013 Ethernet1
3014 Ethernet2
1073741823 CPU
1073741824 discard
1074029945 Ethernet3/36/1.1
1074292089 Ethernet3/36/1.2
2147483648 multicast
Flow Keys Table, Template ID: 258, Scope: templateId
Template ID Flow Key Indicator
----------------- ------------------
261 0x7f
262 0x7f
show flow tracking sampled ipfix template
The show flow tracking sampled ipfix template command displays information about the exported IPFIX data templates and options templates.
Command Mode
EXEC
Command Syntax
show flow tracking sampled ipfix template [data | options | tracker]
- data displays the data templates.
- options displays the flow options template.
- tracker displays the flow tracker template.
Example
switch# show flow tracking sampled ipfix template
Tracker: ftr1
Data Template, Group: IPv4, Fields: 26, Template ID: 261
ingressVRFID (234), 4 bytes
vlanId (58), 2 bytes
sourceIPv4Address (8), 4 bytes
destinationIPv4Address (12), 4 bytes
protocolIdentifier (4), 1 bytes
sourceTransportPort (7), 2 bytes
destinationTransportPort (11), 2 bytes
sourceMacAddress (56), 6 bytes
postDestinationMacAddress (57), 6 bytes
octetDeltaCount (1), 8 bytes
packetDeltaCount (2), 8 bytes
flowStartMilliseconds (152), 8 bytes
flowEndMilliseconds (153), 8 bytes
flowEndReason (136), 1 bytes
tcpControlBits (6), 2 bytes
ingressInterfaceType (368), 4 bytes
ingressInterface (10), 4 bytes
postVlanId (59), 2 bytes
egressInterface (14), 4 bytes
ipClassOfService (5), 1 bytes
bgpSourceAsNumber (16), 4 bytes
bgpDestinationAsNumber (17), 4 bytes
bgpNextHopIPv4Address (18), 4 bytes
ipNextHopIPv4Address (15), 4 bytes
sourceIPv4PrefixLength (9), 1 bytes
destinationIPv4PrefixLength (13), 1 bytes
<-------OUTPUT OMITTED FROM EXAMPLE-------->
shutdown (sampled flow tracking)
The shutdown command disables sampled flow tracking for the specific exporter.
The no shutdown command enables sampled flow tracking for the specific exporter.
Command Mode
Sampled Flow Tracking configuration
Command Syntax
shutdown
no shutdown
default shutdown
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# local interface Ethernet1
switch(config-ftr-sampled-tr-ftr1-exp-exp1)# no shutdown
template interval
The template interval command configures the interval at which templates are exported for a specific exporter. The default template interval is 3600000 milliseconds.
The no template interval and default template interval commands reset the interval rate to the default.
Command Mode
Sampled Flow Tracking configuration
Command Syntax
template interval interval
no template interval
default template interval
Parameter
interval the interval rate in milliseconds. The value ranges between 5000 and 3600000 milliseconds. The default rate is 3600000 milliseconds.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)# tracker ftr1
switch(config-ftr-sampled-tr-ftr1)# exporter exp1
switch(config-ftr-sampled-tr-exp-ftr1-exp1)# template interval 3400000
tracker
The tracker command configures a sampled flow tracker for a device.
The no tracker and default tracker commands remove the sampled flow tracker from the running config.
Command Mode
Sampled Flow configuration
Command Syntax
tracker tracker_name
no tracker tracker_name
default tracker tracker_name
Parameter
tracker_name the flow tracker name.
Example
switch(config)# flow tracking sampled
switch(config-flow-tracking-sampled)#tracker ftr1