HP ProCurve Networking

» Kontakt

ProCurve Networking by HP - Anwendungshinweise



Contents
» 1. Introduction
» 2. Prerequisites
» 3. Network diagram
» 4. sFlow configuration on ProCurve switches
» 4.1 Configure destination collectors
» 4.2 View destination information
» 4.3 Activate sampling and polling
» 4.4 View sampling and polling statistics
» 5. Traffic monitoring with InMon Traffic Sentinel
» 5.1 Configure basic settings
» 5.2 Set up traffic monitoring
» 5.3 Traffic views
» 5.4 Reporting
» 6. Reference documents

Downloads
» Traffic monitoring on ProCurve switches with sFlow and InMon Traffic Sentinel (PDF)

1. Introduction

This application note presents the monitoring and reporting capabilities of InMon Traffic Sentinel on ProCurve network equipment using the sFlow protocol.
The application note focuses on InMon Traffic Sentinel configuration. For more information on the sFlow protocol (history, protocol description, and benefits) and its implementation and configuration on ProCurve switches, please refer to ProCurve Application Note AN-S6, Traffic Monitoring with sFlow and ProCurve Manager Plus.

» Return to top

2. Prerequisites

This procedure assumes you have a network containing ProCurve switches, with traffic monitored by InMon Traffic Sentinel.

» Return to top

3. Network diagram
Figure 1 details the hardware configuration referenced in this section.

To view the power consumption of the phone, issue the following command on the switch
Figure 1. Setup for monitoring traffic flow with InMon Traffic Sentinel

The platform used to illustrate traffic monitoring consists of:

  • One or more servers with the following services: Active Directory, DHCP, DNS, Certificate Authority, IAS
  • ProCurve switches: 5406zl, 3500yl, 2610-PWR
  • InMon Traffic Sentinel version 3_0_22

» Return to top

4. sFlow configuration on ProCurve switches

InMon Traffic Sentinel uses the sFlow protocol for traffic monitoring. This section provides the command syntax for configuring sFlow on a ProCurve switch.

» Return to top

4.1 Configure destination collectors
On each switch, three destinations (collectors) can be configured:

To view the power consumption of the phone, issue the following command on the switch

For example, to configure destination 1 to be 10.3.108.36:

To view the power consumption of the phone, issue the following command on the switch

The default UDP port used for sFlow is 6343.

» Return to top

4.2 View destination information
To view information about a destination:

To view the power consumption of the phone, issue the following command on the switch

For example:

To view the power consumption of the phone, issue the following command on the switch

» Return to top

4.3 Activate sampling and polling
To activate sampling on a set of switch ports, use:

To view the power consumption of the phone, issue the following command on the switch
Where N is the number of sampled packets. N can vary between 0 (sampling disabled) and 16441700.

For example:

To view the power consumption of the phone, issue the following command on the switch

To activate polling on a set of switch ports:

To view the power consumption of the phone, issue the following command on the switch
Where P is the interval in seconds between two polls of counters. P can vary between 0 (polling disabled) and 16777215.

» Return to top

4.4 View sampling and polling statistics
To view sampling and polling statistics:

To view the power consumption of the phone, issue the following command on the switch

» Return to top

5. Traffic monitoring with InMon Traffic Sentinel
This section uses a data center example to explain how to set up traffic monitoring using InMon Traffic Sentinel.

5.1 Configure basic settings
To configure basic settings for InMon Traffic sentinel:

  1. Access Traffic Sentinel from its web interface.
  2. Browse to the File | Configure menu. There you have three options:
    • The Show tab shows you the actual configuration.
    • The Edit tab allows you to modify the configuration.
    • The XML tab enables you to import or export a configuration in XML format.
  3. Select the Edit tab. In the Edit tab you have the following options:
    To view the power consumption of the phone, issue the following command on the switch
    • Edit Site enables you to define the name and contact information, and also to input your license key:
      To view the power consumption of the phone, issue the following command on the switch
    • Edit Zones allows you to divide your network into different logical zones, and within these zones to define groups of subnets, agents, interfaces.

      For example, a zone can physically correspond to a site, and groups can correspond to different buildings within the site.
  4. In this data center example, you create one zone, corresponding to the whole data center, and 10 groups (labeled Area 1, Area 2, etc.) corresponding to the different solution areas. You create a distinct group, called BackBone, for the network backbone:
    To view the power consumption of the phone, issue the following command on the switch
  5. For each group you can define agent ranges. Then you go to Edit Agents to define the individual agents corresponding to the network equipment:
To view the power consumption of the phone, issue the following command on the switch
  1. Within the File | Configure | Edit view, you can define threshold settings and SNMP parameters.
  2. Finally, you can go to Edit Sampling Settings to define sampling rates for the different interface speeds:
    To view the power consumption of the phone, issue the following command on the switch

» Return to top

5.2 Set up traffic monitoring
To set up traffic monitoring:

  1. 1. Select Traffic | Status to see an overview of status of the different traffic metrics for each zone and group:
    To view the power consumption of the phone, issue the following command on the switch
  2. To view more details about a particular metric, click on one of the colored square indicators.

    For example, you notice that the BackBone group is experiencing heavy multicast traffic (in red) and you want to determine which machines or applications are causing this multicast. Click on the square red BackBone indicator to display the list of sFlow agents, corresponding to the switches of the group. In this example, the top 10 interfaces with multicast traffic are listed:
To view the power consumption of the phone, issue the following command on the switch
  1. Another way to have a good overview of what is generating traffic on the network is to use the circles function (Traffic | Circles):
    To view the power consumption of the phone, issue the following command on the switch
    This gives a graphical representation of the most important connections between machines on the network.
  2. You can then click on a particular connection to display a Path Between Hosts screen with information about the corresponding flow:
    To view the power consumption of the phone, issue the following command on the switch
  3. To obtain more information about a particular host, in the Path Between Hosts window click on one of the MAC Source or MAC Destination addresses. You then see a Find Host window, where you can choose between different views of the traffic:
To view the power consumption of the phone, issue the following command on the switch

» Return to top

5.3 Traffic views
Here are some of the traffic views that are available.

Clicking Connections gives top connections to and from this machine:

To view the power consumption of the phone, issue the following command on the switch

Clicking Protocols gives a view of the most used protocols for this MAC address over time:

To view the power consumption of the phone, issue the following command on the switch

Factors view gives the proportion of each connection in percent of the flows, total frames and total bytes of the link to this machine:

To view the power consumption of the phone, issue the following command on the switch

A Circles view for this machine is also available:

To view the power consumption of the phone, issue the following command on the switch

You have a wide variety of traffic types to display in charts:

To view the power consumption of the phone, issue the following command on the switch

» Return to top

5.4 Reporting
To view the trends for a particular flow over a longer period, the reporting function is useful. To specify the type of reports:

  1. On the Traffic Sentinel menu bar click on Reports. You see the available reports arranged by Category:
To view the power consumption of the phone, issue the following command on the switch
  1. Then you can choose a custom report.

    For example if you select IP Multicast, you see a report that displays the IP Multicast activity on the network. You see activity reports for the top Multicast Groups, Multicast Sources, and Multicast Trends. This report can be exported as a .PDF or a .HTML file. For example:
    • IP Multicast: Shows IP multicast activity on the network.
    • Top Multicast Groups: Shows top IP multicast addresses by amount of traffic. For example:
      To view the power consumption of the phone, issue the following command on the switch
    • Top Multicast Sources: Shows Top IP multicast sources by amount of traffic. For example:
      To view the power consumption of the phone, issue the following command on the switch
    • Multicast Trend: Shows trends for total IP multicast activity over time:
To view the power consumption of the phone, issue the following command on the switch

» Return to top

6. Reference documents

This concludes the procedure for traffic flow monitoring on ProCurve switches using InMon Traffic Sentinel and sFlow.

For further information about how to configure ProCurve switches to support security, please refer to the following links:

» Return to top