1

I need some advice about L2 traffic fetching.

Here's the situation :

  • I got 2 datacenters where both core switch (Cisco Nexus9000 C93240) are linked each other through a 1GB/s vPC where our VLANs are propagated.
  • These core switches are configured as L2 switches, routing is made by another device on each datacenter.
  • Between this, there's datacenter provider's router were I don't have any access at all.

At the moment, I planned to observe the top VLAN consumption. I naturally think about sFlow (and/or for a one shot test, SPAN/RSPAN). My idea is to setup sFlow agent on source and destination ports used by the vPC.

=> Does this makes sense for L2 traffic fetching or is there a better or different solution ? (I used to setup sFlow in a previous experience for L3 fetching to get the Top consuming IPs but I'd like to have some feedback for L2)

I made some test with another material, so sFlow agent successfully send samples to my sFlow server. However, I'd like to integrate some data in my Grafana.

Feel free to give me advice or comments on this situation.

Improve this question
4
  • 1
    sFlow is a good choice for this imho, but we don't do product recommendations here, generally. Commented Apr 15, 2025 at 12:23
  • 1
    As far as I know, the Nexus 9K does not support RSPAN. You have to use ERSPAN, and it will not work with traffic from the VPC. I had to configure that in a data center. SPAN and ERSPAN work, but RSPAN is not supported. Commented Apr 15, 2025 at 12:48
  • I removed the request for recommendation. Commented Apr 15, 2025 at 12:50
  • Has any answer solved your question? Then please accept it or your question will keep popping up here forever. Please also consider voting for useful answers. Commented Dec 13, 2025 at 14:15

2 Answers 2

Reset to default
1

sFlow or NetFlow seem to be good choices for monitoring port or VLAN utilization. Both use sampling and header-only submission between agent and collector, so they're rather light on bandwidth.

SPAN or RSPAN require direct or L2 (VLAN) connectivity to the monitored switch, likely making it difficult to cross between datacenters. ERSPAN should work but it is very heavy on the link bandwidth as frames are mirrored in their entirety.

Improve this answer
0

I finally ended up using sFlow with some custom filters. It allows me to get ingress and egress stats on any core switch I have to managed. Thanks everyone for the comment and advices !

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.