Unfortunately, the MLX doesnâ€™t support forwarding sFlow traffic out its management port; this limitation has to do with how the Management Module works. These ports are closer to a serverâ€™s iLO port than an actual Ethernet port.
On the MLX, the MM doesnâ€™t actually connect to the routerâ€™s data-plane fabric. Each line card runs a copy IronWare locally, so they behave like individual routers for each card (this is what each LP has its own CPU, RAM, and Flash in addition to the Traffic Manager and Packet Processor chips). The Management Moduleâ€™s job is to make sure table data stays in sync across all the cards, but its really not making the forwarding decisions for each LP.
The MM talks to each LP through a separate internal network that only connects to the CPU in each LP; this is called the IPC Buss. Since the connections between the MM and LPs arenâ€™t part of the data-plane inside the box, thereâ€™s no way to get the sFlow data to the Management Moduleâ€™s Ethernet port. Even if we could do this, we wouldnâ€™t want toâ€¦too much sFlow traffic could overwhelm the IPC Buss and lock up the router.
Although this architecture is a bit limiting for sFlow, itâ€™s what allows someone to SSH into the MLX even if thereâ€™s a L2 loop or heavy load. Itâ€™s also why the MLX can run at 100% capacity on the backplane and still have the CPUs run at 1%.
If your router is out of ports, Iâ€™d see if you can create a seprate management vlan to move sFlow data through. You can sonfigure sFlow to only forward traffic out of a specific VE, so this would give you a way to keep the sFlow data away from existing traffic.
From: foundry-nsp [mailto:email@example.com] On Behalf Of i3D.net - Martijn Schmidt
Sent: Thursday, May 21, 2015 12:16 PM
To: firstname.lastname@example.org; email@example.com; i3D.net - Martijn Schmidt
Subject: Re: [f-nsp] sflow through management interface
Is there any special reason why you can't just send the sFlow samples to
your collector server as in-line traffic? You don't need a dedicated
interface for sFlow, it's not port mirroring. :-)
On 05/21/2015 08:07 PM, firstname.lastname@example.org<mailto:elecks.nl> wrote: > Hi,
> We use a NI-XMR-MR with NI-XMR-10GX4.
> Has it pro/cons to run sFlow through the management interface (slow
> down?) ?
> We setting up sFLOW but we have no ports free only the mangement
> interface from the XMR-MR card.
> foundry-nsp mailing list
Martijn Schmidt http://www.i3D.net
[cid:image002.jpg@01D093C1.DB8B1200]i3D.net is a private company registered in The Netherlands at Meent 93b, Rotterdam. Registration #: 14074337 - VAT # NL 8202.63.886.B01. i3D.net is CDSA certified on Content Protection and Security and provides hosting from 16 global ISO-certified datacenters. We are ranked in the Deloitte Technology Fast 500 EMEA as one of the fastest growing technology companies.