Doing what I do here at the Support Desk, I’m always running across questions on how to enable NetFlow or sFlow on various models of switches and routers.
Most vendors remain relatively consistent in their configurations, so if you can enable flows on one, you can enable it on others.

But of course, there’s always the exception to the rule…

With that statement in mind, I’d like to introduce you to my nemesis; the H.P. Procurve 2800 series switch. This beast is nasty and can single-handedly eat up an entire day of your life trying to get to it to work.
Believe me, I know.

What you need to know:
To understand why this switch is so complicated to setup, you need to know that this switch does not follow the standards for sFlow sampling. For example, with this switch, your sFlow sampling has a lifespan. That means that after a specified amount of time, the switch just stops exporting sFlow samples.
Don’t ask me why it does that, but this option just supports my idea that H.P. didn’t anticipate anyone would want to use sFlow for continuous monitoring, as opposed to a quick troubleshooting solution.

So with this model, we need to come up with a way to keep that switch exporting sFlow, even when the configured sFlow lifespan has expired. To do this, we are going to make use of the CRONS scheduling application and also NET-SNMP to perform the SNMP GETS necessary to continuously re-enable sFlow sampling and polling on each of your ports.

To keep this blog viewer friendly, here are instructions on how to configure the H.P. 2800 switch for sFlow. Included in this download are the CRONS scheduler executable and the sample batch file that will perform the automated SNMP GETS to refresh the sFlow exports.

Please note that this batch file will need to be edited according to your personal network settings. Things such as the community string, IP address of the switch and preferred sampling rate will need to be adjusted.

I’ve included the four OID that will need to be run against every port on your switch in order to enable sFlow.

SNMP GET for sFlow sample rate:

snmpset -v1 -c public X.X.X.X 1.3.6.1.4.1.14706.1.1.5.1.3.11.1.3.6.1.2.1.2.2.1.1.port#.1 i: 1 —- This SNMP string will enable a port for sFlow sampling

snmpset -v1 -c public X.X.X.X 1.3.6.1.4.1.14706.1.1.5.1.4.11.1.3.6.1.2.1.2.2.1.1.port#.1 i: 50 —- This SNMP string will configure a port with a sampling rate of 1/50 packets

SNMP GET for sFlow polling interval:

snmpset -v1 -c public X.X.X.X 1.3.6.1.4.1.14706.1.1.6.1.3.11.1.3.6.1.2.1.2.2.1.1.port#.1 i: 1 —- This SNMP string will enable polling on a port

snmpset -v1 -c public X.X.X.X 1.3.6.1.4.1.14706.1.1.6.1.4.11.1.3.6.1.2.1.2.2.1.1.port#.1 i: 60 —- This SNMP string will configure a port to export sFlow every 60 seconds

May the Procurve gods watch over you.

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

In a bold and very aggressive move, Cisco this week announced its new line of commercial servers that specialize in virtualization.

I don’t know about you all, but I find this interesting, yet puzzling.

First off, this will be Cisco’s debut into an already competitive market. You wouldn’t imagine there would be much of a customer pool left when competing with giants such as Dell, HP and IBM, but Cisco seems to think so.

Of course, Cisco is no small player either boasting annual revenue $40 billion and 65% gross profits in the networking market.

However, the puzzling part is why it would want to start fresh in this fierce market where vendors generally only make a 25% profit margin anyway? Also, what kind of impact will this have on Cisco’s relationships/partnerships with companies like IBM, Dell and HP? I wouldn’t imagine there are a lot of fuzzy, good feelings about this.

I found a New York Times blog dedicated to Cisco’s announcement and it has a nice quote from James Staten, an analyst at Forrester Research who attended Cisco’s launch.

He said, “This is war and a direct frontal assault on IBM and HP.”

On top of that comment, HP also had some strong statements of its own regarding this launch: “It’s appropriate that Cisco launched their server in a museum.” taking jabs at the concept design of these servers.

Going in for the kill, HP added: “Would you let a plumber build your house?”

Ouch.

Personally, I don’t care about Cisco making servers. However, this manuever could have a significant impact on the networking market as we know it.

HP has already responded to Cisco’s announcement by increasing its investment in networking equipment. I don’t know what HP has planned, but I bet “hell hath no fury like a vendor scorned!”

But it does makes me wonder what HP has planned for its already affordable ProCurve line.

But what about vendors like Dell and IBM that have only a small presence in the networking field? I wonder if they will be so quick to advertise Cisco routers/switches along with their products?

I speculate that we may start seeing increased sales from networking companies like Juniper, Enterasys and Riverbed.

But I guess only time with tell.

What do you all think? Feel free to post a comment to this blog.

Related read: How open is Cisco Unified Computer System?

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!