Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[QFX] Commit error occurs when sflow is enabled on Layer 3 VLAN-tagged interface

0

0

Article ID: KB36076 KB Last Updated: 04 Oct 2021Version: 2.0
Summary:

This article describes the behavior of sflow when it is enabled on Layer 3 VLAN-tagged interface. This is applicable to QFX10k only.

Symptoms:

When sflow is enabled on Layer 3 VLAN-tagged interface, the following commit error occurs:

root@QFX10k# show protocols sflow
interfaces et-0/0/2.1;
interfaces et-0/0/2.2;
 
[master:0][edit]
root@QFX10k# commit
[edit protocols sflow]
'interfaces et-0/0/2.2'
only one ifl is allowed  <---
error: configuration check-out failed
Cause:

QFX10k is supports sflow on L3 VLAN-tagged interfaces, but does not support enabling sflow on multiple sub interfaces on the same port.

Solution:

Please configure sflow on one of the sub interfaces for Layer 3 VLAN-tagged interface. Then sflow will be enabled for other sub interfaces as well.

Note: You can enable sflow on any one of the sub interfaces.

Example 1: (resolution to error shown in symptoms above)

root# set protocols sflow interfaces et-0/0/2.1

[edit]
root# commit
[edit protocols]
  'bgp'
    warning: requires 'bgp' license
[edit vlans v10]
  'vxlan'
    warning: requires 'vxlan' license
commit complete

 

Example 2:

This example shows the full sflow and interface configuration as a test performed on QFX10002 running Junos 20.4R3.  As shown below, sflow is enabled only on one IFL, perform and collector shows samples for other IFLs as well.

labroot@qfx10002# show protocols sflow | display set
set protocols sflow polling-interval 0
set protocols sflow sample-rate ingress 1
set protocols sflow sample-rate egress 1
set protocols sflow source-ip 192.168.1.1
set protocols sflow collector 10.219.42.73
set protocols sflow interfaces et-0/0/1.10 polling-interval 1
--------------
labroot@qfx10002# show interfaces et-0/0/1 | display set
set interfaces et-0/0/1 vlan-tagging
set interfaces et-0/0/1 unit 10 vlan-id 10
set interfaces et-0/0/1 unit 10 family inet address 10.10.10.1/24
set interfaces et-0/0/1 unit 20 vlan-id 20
set interfaces et-0/0/1 unit 20 family inet address 10.10.20.1/24
set interfaces et-0/0/1 unit 30 vlan-id 30
set interfaces et-0/0/1 unit 30 family inet address 10.10.30.1/24
--------------

Checked the sflow collector and was able to see flow sample for other IFL, et-0/0/1.30.

--------------
No.     Time                          Source                Destination           Protocol Length Info
      3 2021-09-15 16:04:50.669752    192.168.1.1           10.219.42.73          sFlow    1244   V5, agent 10.219.40.238, sub-agent ID 0, seq 12225, 6 samples
 
Frame 3: 1244 bytes on wire (9952 bits), 1244 bytes captured (9952 bits)
Juniper Ethernet
Ethernet II, Src: JuniperN_e8:09:20 (4c:6d:58:e8:09:20), Dst: JuniperN_21:f4:fd (cc:e1:7f:21:f4:fd)
Internet Protocol Version 4, Src: 192.168.1.1, Dst: 10.219.42.73
User Datagram Protocol, Src Port: 61550, Dst Port: 6343
InMon sFlow
    Datagram version: 5
    Agent address type: IPv4 (1)
    Agent address: 10.219.40.238
    Sub-agent ID: 0
    Sequence number: 12225
    SysUptime: 8 days, 4 hours, 22 minutes, 23 seconds (706943708ms)
    NumSamples: 6
    Flow sample, seq 1575
        0000 0000 0000 0000 0000 .... .... .... = Enterprise: standard sFlow (0)
        .... .... .... .... .... 0000 0000 0001 = sFlow sample type: Flow sample (1)
        Sample length (byte): 184
        Sequence number: 1575
        0000 0000 .... .... .... .... .... .... = Source ID class: 0
        .... .... 0000 0000 0000 0010 0000 0001 = Index: 513
        Sampling rate: 1 out of 1 packets
        Sample pool: 1576 total packets
       Dropped packets: 0
        Input interface (ifIndex): 513
        Output interface: 0x00000000
        Flow record: 2
        Raw packet header
            0000 0000 0000 0000 0000 .... .... .... = Enterprise: standard sFlow (0)
            Format: Raw packet header (1)
            Flow data length (byte): 120
            Header protocol: Ethernet (1)
            Frame Length: 106
            Payload removed: 4
            Original packet length: 102
            Header of sampled packet: ec94d599c3e268f38e9cbda08100001e080045000054661d00004001c3790a0a1efe0a0a…
        Extended switch data
            0000 0000 0000 0000 0000 .... .... .... = Enterprise: standard sFlow (0)
            Format: Extended switch data (1001)
            Flow data length (byte): 16
            Incoming 802.1Q VLAN: 30
            Incoming 802.1p priority: 0
            Outgoing 802.1Q VLAN: 0
            Outgoing 802.1p priority: 0
~snip~
--------------
Modification History:
2021-10-04: Updated solution with example 2.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search