cancel
Showing results for 
Search instead for 
Did you mean: 

Sending flow data from a switch direct to ExtremeAnalytics (without a flowcollector engine)

Sending flow data from a switch direct to ExtremeAnalytics (without a flowcollector engine)

Yves_Haslimann
New Contributor III
Hello everybody

I would like to configure the Extreme Switches (x440-G2, with version 22.4) to sending sflow/netflow data direct to the Extreme Analytics. I heard this is now possible without having a flowcollector enginge like PV FC-180 installed. Is this true? Because I couldn't find any referenced documentation to this. Thank you very much for your feedback.

Best regards, Yves
41 REPLIES 41

Jason_Miceli
New Contributor
Just tried it....I get the same failure, posted below. My SE said this should work fine...as well as with two VSP 4450s I have in my lab environment. I can see flows, but only by typing in the sflow instructions into the CLI of the VSPs and the 440G2...I cannot seem to have analytics automatically configure them via XMC because it doesn't even see the VSPs, and the error when I try and add it to the app telemetry section of the engine:

2018-11-23 12:45:23,159 ERROR [com.enterasys.netsight.appid.server.webapps.monitor.AppIdDwr] javax.script.ScriptException:
*** Script Error ***
Die command issued: Script failed : * X440G2-12p-10G4.17 # configure access-list telemetry.pol any ingress

Error: ACL install operation failed - filter hardware full for vlan *, port *
* X440G2-12p-10G4.18 #

Tomasz
Valued Contributor II
Same here with 22.6.1 patch 1.1.
Couple of X440-G2 stacks, all are ok but one.
Policy (simple at the moment, not much rules, HTTP redirect, no qos yet qos enabled on each), telemetry.
Telemetry was ok on all of these but on one I was receiving a lot of such logs, for different ACL entries:
code:
HAL.IPv4ACL: Slot-1: Mirroring instance EAN was disabled, hence mirror action in telemetry policy entry CITRIXICA was disabled on port 1:1


I've decided to re-add this telemetry source but was unsuccessful, not sure if because of an error in XMC like this (based on my browser history):
code:
EXOS application attempting to install incompatible ACL: filter vlan *, port * (rule "bjnp", index 14)


Rebooted the switch (btw after trying to add a telemetry source before the stack got config internally synced, it disappeared from a list of allowed devices, I had to reboot entire XMC eventually) and... ah (...), here we go again. 😉
No luck with changing vlan-acl-precedence, no luck with removing qos meters and disabling/enabling CoS via Policy in XMC.

Drop some CLI:
code:
Slot-1 SW_STACK-1.45 # show access-list usage acl-slice port 1:1
Ports 1:1-1:24, 1:51, 1:52
Stage: INGRESS
Reserved slices:
Type Used Available
Policy P/D 1 1
Policy CoS 0 2

Slices: Used: 7 Available: 1
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 256 Policy CoS reserved
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 256 Policy CoS reserved
Virtual Slice * (physical slice 5) Rules: Used: 0 Available: 256 Policy P/D reserved
Virtual Slice * (physical slice 6) Rules: Used: 0 Available: 256
Virtual Slice 4 (physical slice 0) Rules: Used: 14 Available: 242 system
Virtual Slice 5 (physical slice 1) Rules: Used: 2 Available: 254 system
Virtual Slice 6 (physical slice 4) Rules: Used: 76 Available: 180 Policy P/D reserved
Virtual Slice 7 (physical slice 7) Rules: Used: 4 Available: 252 user/other
Stage: EGRESS
Slices: Used: 0 Available: 4
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 128
Stage: LOOKUP
Reserved slices:
Type Used Available
Policy Profile 0 4

Slices: Used: 4 Available: 0
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128 Policy Profile reserved
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128 Policy Profile reserved
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128 Policy Profile reserved
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 128 Policy Profile reserved
Stage: EXTERNAL

Virtual Slice : (*) Physical slice not allocated to any virtual slice.

* Slot-1 SW_STACK-1.46 # show access-list dynamic
Dynamic Rules: ((*)- Rule is non-permanent )

(*)hclag_arp_2_4_96_9e_e3_41 Bound to 0 interfaces for application HealthCheckLAG
(*)policy.rule.df.1.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.10 Bound to 1 interfaces for application Policy
(*)policy.rule.df.10.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.11.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.12.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.13 Bound to 1 interfaces for application Policy
(*)policy.rule.df.13.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.14.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.15.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.16.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.17.22.8 Bound to 1 interfaces for application Policy
(*)policy.rule.df.18.22.8 Bound to 1 interfaces for application Policy
(*)policy.rule.df.19.25.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.2.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.20.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.21.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.22.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.23.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.24.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.25.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.26.25.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.27.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.28.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.29.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.3.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.30.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.31.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.32.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.33.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.34.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.35.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.36.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.37.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.38.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.39.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.4 Bound to 1 interfaces for application Policy
(*)policy.rule.df.4.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.40.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.41.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.42.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.43.22.8 Bound to 1 interfaces for application Policy
(*)policy.rule.df.44.22.8 Bound to 1 interfaces for application Policy
(*)policy.rule.df.45.25.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.46.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.47.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.48.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.49.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.5 Bound to 1 interfaces for application Policy
(*)policy.rule.df.5.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.50.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.51.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.52.25.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.53.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.54.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.55.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.56.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.57.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.58.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.59.25.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.6 Bound to 1 interfaces for application Policy
(*)policy.rule.df.6.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.60.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.61.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.62.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.63.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.64.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.65.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.66.25.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.67.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.68.16.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.69.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.7.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.70.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.71.25.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.8.18.16 Bound to 1 interfaces for application Policy
(*)policy.rule.df.9.18.16 Bound to 1 interfaces for application Policy
(*)policy.webredir.server.13.0 Bound to 1 interfaces for application Policy
(*)policy.webredir.sock.13.0 Bound to 1 interfaces for application Policy
(*)policy.webredir.sock.13.1 Bound to 1 interfaces for application Policy
(*)policy.webredir.sock.13.2 Bound to 1 interfaces for application Policy
* Slot-1 SW_STACK-1.47 # show sflow hardware-utilization

sFlow Hardware Table Utilization Statistics

Slot: 1
Type: X440G2-48p-10G4
Resource Type Current Maximum % Util.
-------------------- ------- ------- -------
MAC Entries 387 16384 2
Host Entries 16 4096 0
IPv4 Entries 0 4096 0
IPv6 Entries 0 2048 0
Long IPv6 Entries 0 2048 0
Total Routes 2 512 0
IPv4 Neighbors 1 N/A N/A
IPv6 Neighbors 0 N/A N/A
IPv4 Routes 2 N/A N/A
IPv6 Routes 0 N/A N/A
ECMP Next Hops 0 N/A N/A
ACL Ingress Entries 96 2048 4
ACL Ingress Counters 0 2048 0
ACL Ingress Meters 0 2048 0
ACL Ingress Slices 7 8 87
ACL Egress Entries 0 512 0
ACL Egress Counters 0 512 0
ACL Egress Meters 0 512 0
ACL Egress Slices 0 4 0

Slot: 2
Type: X440G2-48t-10G4
Resource Type Current Maximum % Util.
-------------------- ------- ------- -------
MAC Entries 388 16384 2
Host Entries 16 4096 0
IPv4 Entries 0 4096 0
IPv6 Entries 0 2048 0
Long IPv6 Entries 0 2048 0
Total Routes 0 512 0
IPv4 Neighbors 0 N/A N/A
IPv6 Neighbors 0 N/A N/A
IPv4 Routes 0 N/A N/A
IPv6 Routes 0 N/A N/A
ECMP Next Hops 0 N/A N/A
ACL Ingress Entries 95 2048 4
ACL Ingress Counters 0 2048 0
ACL Ingress Meters 0 2048 0
ACL Ingress Slices 7 8 87
ACL Egress Entries 0 512 0
ACL Egress Counters 0 512 0
ACL Egress Meters 0 512 0
ACL Egress Slices 0 4 0

... up to the rest of slots


I've lost any clue for the moment based on the fact that couple of stacks have the same EXOS version and Policy domain and there are no issues with Telemetry. 😞

Did somebody get through it recently?

Kind regards,
Tomasz

Tomasz
Valued Contributor II
[it doesn't let me edit the post] I see two slices reserved for CoS but I hope there is a workaround different than default&redo...

Tomasz
Valued Contributor II
Hi @Jason Miceli,

Were you successful with the setup over that time? I was successful now thanks to our local SE advice, here's what I did to get this working on the last stack of X440-G2s:
  • uploaded configuration as script,
  • left essentials, without any Policy, AAA and named the file default.xsf,
  • put the script back to the switch and did unconfigure switch; the script started just a moment after booting from defaults so I had minimum downtime,
  • set the stack as a telemetry source in Analytics first,
  • removed the stack from Policy domain (otherwise had issues), saved, added back, saved, enforced,
  • re-enforced NAC appliance with "force reconfiguration for all switches" just to be sure I didn't remove too much of it when preparing default.xsf parachute.
That helped, but still gotta have in mind that X440-G2 has quite limited resources for all-inclusive scenario.

The only thing that concerns me now is 75 pages of syslog in XMC with that kind of messages just for this 1 out of 8 stacks:
code:
HAL.IPv4ACL: Slot-1: Mirroring instance EAN was disabled, hence mirror action in telemetry policy entry BITTORRENT was disabled on port 1:1



I thought it stopped but after a few moments does the same for tons of entries and for different ports.
Show mirror when it happens:
code:
DefaultMirror   (Disabled)
Description: Default Mirror Instance, created automatically
Mirror to port: -

EAN (Enabled)
Description:
Mirror to remote IP: x.x.x.x VR : VR-Default
From IP : y.y.y.y Ping check: On
Status : Up

Mirrors defined: 2
Mirrors enabled: 1 (Maximum 4)
HW filter instances used: 0 (Maximum 128)
HW mirror instances used: 0 ingress, 0 egress (Maximum 4 total, 1 egress)



Will keep an eye on this but if somebody already walked through this that would be much appreciated. 🙂

Kind regards,
Tomasz
GTM-P2G8KFN