Re: [c-nsp] Nexus 9300 sflow performance

Mon, 13 May 2019 10:59:04 -0700

--- Begin Message --- 
Im not totally sure about the N9300 architecture. But normally the mgmt 
interface is connected "directly" to the control plane cpu, thus having it 
process a lot of packets will take CPU resources and might impact control-plane 
protocols and jobs. Netflow is performed in the ASICs and I think it would be 
better to use an ASIC bounded interface if possible.

Best regards
 
Lasse Birnbaum Jensen
Network Architect
IT-services
 
T  +45 65 50 28 73
M  +45 60 11 28 73
[email protected]
http://www.sdu.dk/ansat/lbje
 
University of Southern Denmark
Campusvej 55
DK-5230 Odense M
www.sdu.dk <http://www.sdu.dk/>
Lasse Birnbaum Jensen

D. 20/03/2019 18.27 skrev "cisco-nsp på vegne af Satish Patel" 
<[email protected] på vegne af [email protected]>:

    Thanks Tim,
    
    Here is the output of show hardware rate-limiter.  ( i believe it's 40k)
    
    This is my first time dealing with SFLOW, Can you share some
    configuration parameter i should use for best practice would be great,
    What is 1-in-N sample actually?
    
    I am planning to use mgmt0 interface for SFLOW and its 1G so i assume
    it will handle all the flow. do you seeing any concern there?
    
    
    # show hardware rate-limiter
    
    Units for Config: packets per second
    Allowed, Dropped & Total: aggregated since last clear counters
    
    
    Module: 1
      R-L Class           Config           Allowed         Dropped            
Total
     
+------------------+--------+---------------+---------------+-----------------+
      L3 glean                 100               0               0              
   0
      L3 mcast loc-grp        3000               0               0              
   0
      access-list-log          100               0               0              
   0
      bfd                    10000               0               0              
   0
      exception                 50               0               0              
   0
      fex                     3000               0               0              
   0
      span                      50               0               0              
   0
      dpss                    6400               0               0              
   0
      sflow                  40000     25134089890               0       
25134089890
    
    On Wed, Mar 20, 2019 at 12:07 PM Tim Stevenson (tstevens)
    <[email protected]> wrote:
    >
    > Yes, this is 1st gen. The SFLOW/SPAN restriction should not apply there.
    >
    > Re: 60Gbps/24Mpps and SFLOW, SFLOW does not do aggregation of stats for 
flows in the switch like netflow does - it's just 1-in-n packet sampling. As 
such, the value of "n" should be high enough that both the switch & the 
collector are not overburdened. Note that we will rate limit SFLOW copies to 
the CPU so that's the first 'bottleneck'. If you end up tail-dropping samples, 
the statistical validity of your sampled set goes out the window, so you want 
to ensure that 1-in-n is a number that does not hit that rate limiter.
    >
    > I don't have a 1st gen switch handy to see what the defaults are for that 
value. It should show up in 'sh hardware rate-limiter'. In 9300-EX with 9.2.2 
it's 40Kpps.
    >
    > Beyond that, you also want to make sure the collector is able to consume 
everything coming from all sflow enabled switches without dropping, for the 
same reason mentioned above.
    >
    > Hope that helps,
    > Tim
    >
    >
    > -----Original Message-----
    > From: Satish Patel <[email protected]>
    > Sent: Wednesday, March 20, 2019 8:40 AM
    > To: Nick Cutting <[email protected]>
    > Cc: Tim Stevenson (tstevens) <[email protected]>; 
[email protected]
    > Subject: Re: [c-nsp] Nexus 9300 sflow performance
    >
    > We have cisco Nexus9000 C9396PX
    >
    > 60 Gbs is data traffic, and 24Mpps ( packet per second ) not sure how
    > to convert it into flows. Could you please share your sflow
    > configuration if you don't mind?
    >
    > I had nfsen in past with 8CPU / 4GB memory but it was damn slow :(
    > but it could be me.. i will set up again and see if it worth it or
    > not.
    >
    > On Wed, Mar 20, 2019 at 11:34 AM Nick Cutting <[email protected]> wrote:
    > >
    > > Good point.  We waited for the second Gen
    > >
    > > Regarding 60 Gbs, isn’t that is the data traffic, not the flows or 
sampled flows levels?
    > >
    > > Our NFSEn box is centos
    > >
    > > 4 vCPU and 4 GBrams
    > >
    > > Collecting flows from maybe only 30 devices, about 20Gbs and 3k flows 
per sec.
    > >
    > > -----Original Message-----
    > > From: Tim Stevenson (tstevens) <[email protected]>
    > > Sent: Wednesday, March 20, 2019 11:20 AM
    > > To: Nick Cutting <[email protected]>; Satish Patel 
<[email protected]>; [email protected]
    > > Subject: RE: [c-nsp] Nexus 9300 sflow performance
    > >
    > > This message originated from outside your organization.
    > >
    > > Make sure you distinguish between N9300 (1st generation) and 
N9300-EX/FX/FX2 (2nd generation). The SFLOW + SPAN limitation applies only to 
the latter. It's also on the latter that Netflow is supported, which can run 
concurrently with SPAN sessions.
    > >
    > > Tim
    > >
    > > -----Original Message-----
    > > From: cisco-nsp <[email protected]> On Behalf Of Nick 
Cutting
    > > Sent: Wednesday, March 20, 2019 6:19 AM
    > > To: Satish Patel <[email protected]>; [email protected]
    > > Subject: Re: [c-nsp] Nexus 9300 sflow performance
    > >
    > > We use sflow on 9300's, no performance hit - but you cannot use span 
sessions at the same time.
    > >
    > > Newer code revisions support netflow, without the SPAN session 
limitation, although we have not tried netflow on the 9300 yet.
    > >
    > > For a collector We use NFSEN - opensource, and quite a big install 
base, and it seems to handle a lot of flows.
    > >
    > > It supports sflow and netflow as we have a mix, just make sure you add 
the sflow option at build time as it’s a bit funky old linux to add it after.
    > >
    > >
    > >
    > > -----Original Message-----
    > > From: cisco-nsp <[email protected]> On Behalf Of Satish 
Patel
    > > Sent: Wednesday, March 20, 2019 8:21 AM
    > > To: [email protected]
    > > Subject: [c-nsp] Nexus 9300 sflow performance
    > >
    > > This message originates from outside of your organisation.
    > >
    > > Folks,
    > >
    > > I have L3 Nexus 9300 switch which is running 60Gbps traffic on ISP 
interface so I’m planning to run sflow on that specific interference to get 
flow.
    > >
    > > Does it going to create any performances issue on switch?
    > >
    > > Can I run sflow on Layer 3 LACP interface?
    > >
    > > Can anyone suggest free open source sflow collector?
    > >
    > > Sent from my iPhone
    > > _______________________________________________
    > > cisco-nsp mailing list  [email protected] 
https://puck.nether.net/mailman/listinfo/cisco-nsp
    > > archive at http://puck.nether.net/pipermail/cisco-nsp/
    > >
    > > _______________________________________________
    > > cisco-nsp mailing list  [email protected] 
https://puck.nether.net/mailman/listinfo/cisco-nsp
    > > archive at http://puck.nether.net/pipermail/cisco-nsp/
    _______________________________________________
    cisco-nsp mailing list  [email protected]
    https://puck.nether.net/mailman/listinfo/cisco-nsp
    archive at http://puck.nether.net/pipermail/cisco-nsp/

--- End Message ---
_______________________________________________
cisco-nsp mailing list  [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Reply via email to