Monday, October 20, 2014

In search of SFlow data plus a great perk!

 
As usual our team is looking to add new user-requested features in our solutions. On this occasion we are very close to finalizing support for SFlow for our OpsMgr solution "Xian Network Manager". So our engineering team is looking for customers interested in sharing SFlow data from real environments. What is your perk?  Your perk is a Xian SNMPDevice Simulator license for FREE!


If you are interested in participating please follow the steps below and send any data collected to sales@jalasoft.com.

Collecting Flow data

There are 2 tools that listen for Flow raw data and the overall procedure to get it is the following one:
  1. Configure the Network devices to send the SFlow traffic to the computer where the listening tool is installed.
  2. Capture the data packets using either "WireShark" or "Microsoft Network Monitor" tools.
  3. Below the basic steps for both tools are described.
  4. Send the captured traffic to Jalasoft: sales@jalasoft.com with subject line: SFlow data.

Wireshark


  1. Install Wireshark ( download installer from this link)
  2. Open Wireshark and set a filter criteria on "Filter" field:
    E.g.

    ip.src_host==192.168.2.100&&udp.dstport==6343&&ip.dst_host==10.31.0.70

    ip.src_host: The Network Device’s IP address that is sending the SFlow packages.
    udp.dstport: The destination port number where the network device is sending packages
    ip.dst_host: The destination host IP address
  3. Go to "Capture" menu and select "Interfaces" menu item, then select the interface to capture packages from the interfaces list and Start capturing for 5 minutes.
  4. Go to "Capture" menu and select "Stop" menu item.
  5. Go to File menu, click on Save menu item.

Microsoft Network Monitor


  1. Install Microsoft Network Monitor ( download installer from this link) 
  2. Open Microsoft Network Monitor and write a filter and apply.
  3. E.g.
    Source == "MTANCARA-DV0231" or  OR Source == "10.31.2.30"

    Source: The network device IP address that is sending the SFlow traffic.
  4. Go to the tool bar and click "Start" item to collect data.(collect package by 5 minutes).
  5. Go to the tool bar and click "Stop" item.
  6. Save the capture.