Today we’ll focus on ZyXEL sFlow Configuration, in order for the switch to monitor traffic and export sFlow to a collector for analysis. Supporting our international customers and future customers, I was unaware of the presence that ZyXEL has internationally. It’s the first choice of many tier-one service providers, connecting hundreds of thousands of companies and millions of end users.
ZyXEL sFlow configuration is available for on the XS3700, XGS1910/GS1910, XS3900, XGS3700/GS3700, XGS-4528F/XGS-4526, XGS4700, MES3500 and ES3500 series.
To begin click on Advanced Application > sFlow > Collector:
Collector Address – Enter the IP address of your collector.
UDP Port – Enter a UDP Port number to send sFlow to the collector. ZyXEL’s default port is 6343, but you can use any of the other standard ports, 2055, 2056, 4432, 4739, 9995, or 9996.
Add – save your changes in run-time memory. Use the Save link, to save in non-volatile memory.
You can add up to 4 collectors, if you have a distributed collection architecture.
Now let’s configure all, or specific ports we want to monitor.
Advanced Application > sFlow:
Select Active to enable the sFlow agent on the switch
Click Apply to save to the switches run-time memory.
The Port column displays the port number. Here you have the option of selecting which ports to monitor.
The * row is to make the setting for all ports. You can use it first and then make changes to individual ports. Changes in this row will be copied to all the ports.
Select Active to monitor traffic on the ports you want and send sFlow to your collector.
Sample-rate valid numbers (X) are 256 – 65535. This will capture one out of X packets for the port and create an sFlow datagram. The lover the sample rate, the more accurate the data will be.
poll-interval specifies a time interval before the sFlow datagram is sent to the collector. Valid numbers are 20 to 120 seconds.
Collector Address – enter IP address of the collector, or one of the IP addresses of the above configured collectors.
Apply – save your changes in run-time memory. Use the Save link, to save in non-volatile memory.
CLI Commands:
zyxel(config)# sflow zyxel(config)# sflow collector x.x.x.x udp-port 6343 zyxel(config)# interface port-channel 1-24 zyxel(config-interface)# sflow collector x.x.x.x poll-interval 20 sampling-rate 256 zyxel(config-interface)# exit zyxel(config)# exit
There you have it. Now you’re ready to start monitoring your ZyXEL devices and get insight into your network traffic.
If you want to offload Flow monitoring to a FlowPro Defender appliance, capable of detailed layer-7 analysis, along with monitoring DNS traffic, give our team a call.