Closed disaster123 closed 8 years ago
pavel-odintsov
commented
8 years ago Hello!
It's already possible. FNM just merge all received data into single unified flow. Actually you could mix mirror, sflow and netflow from multiple source and analyze them together.
disaster123
commented
8 years ago hui very fast answer. You mean i should just point multiple sflow sources to the same target port (6344 in my case) in fastnetmon?
sflow_port = 6344 sflow_host = A.B.C.D
pavel-odintsov
commented
8 years ago Yes, right. Also you could run sflow collector with multiple ports. sflow_port = 6344, 6345, 6346
But this option could be available only in git version. Please check it before.
disaster123
commented
8 years ago Great i'm already runing the git version
disaster123
commented
8 years ago The incoming traffic shown by fastnetmon is far below the real one. Is this correct?
Fastnetmon shows 42mbps real port traffic is around 600mbps.
pavel-odintsov
commented
8 years ago Traffic bandwidth accuracy is strictly related with sflow sampling rate.
You should configure your switches for well accuracy depends on your traffic.
disaster123
commented
8 years ago I've 4 routers and all of them send their sflow samples to fastnetmon each to one port. All of them are configured to have a sample rate of 1000 which is the lowest they support.
pavel-odintsov
commented
8 years ago Just check this http://blog.sflow.com/2009/06/sampling-rates.html Sampling rate deeply depends on amount of transferred bytes per second and not related with maximum link capacity.
I've multiple sflow sources form multiple uplinks. It would be great to be able to analyze them all.