Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Same MAC on multiple infrastructures is partly "ignored" in sflow stats #517

Closed
rasssta opened this issue Mar 22, 2019 · 5 comments
Closed

Same MAC on multiple infrastructures is partly "ignored" in sflow stats #517

rasssta opened this issue Mar 22, 2019 · 5 comments

Comments

@rasssta
Copy link

rasssta commented Mar 22, 2019

Briefly discussed this with nick previously.

SUMMARY

If customer A has MAC address 1.1.1 and is connected to 2 infrastructrues in the same IXP Manager installation, sflow statistics will only work for 1 of these infrastructures.

It happens in different cases. One is where the customer is using a Cisco 6500/7600 with SFP line cards where all ports have the same MAC address, and the customer is connected to a local infrastructure and remotely connected to another infrastructure (different ports, but same MAC).
@nickhilliard
Copy link
Member

are you using the same 802.1q VLAN id for your different infrastructures?

@rasssta
Copy link
Author

rasssta commented Mar 22, 2019

Yes!

@nickhilliard
Copy link
Member

ok, don't do that then.

The reason why is that IXP Manager uses the source and destination 802.1q VLAN ID, and the srcmac / dstmac fields in the sflow packets to work out which infrastructure the frame was received on. If you use a unique 802.1q vlan id on your different infrastructures, this set of data points will uniquely identify which infrastructure and peering LAN the frame was received on.

Unfortunately, we can't easily use any of the other data fields in the sflow header. Here's an sflowtool output sample:

FLOW,193.242.111.152,2,21,0013136f2fc0,0010a52f261f,0x0800,10,10,94.1.115.114,80.1.2.222,6,0x00,124,1863,750,0x18,179,165,1024

The obvious candidate for this is the sflow Agent ID, but unfortunately this value could be anything depending on implementation. E.g. we've seen stuff like fe80::/64 IP addresses and ipv6 privacy addresses in that field. In other words, information in this field can change without notice to new values which can't be determined in advance. So there's no way of taking an agent ID and deterministically working out what switch / infrastructure it belongs too, unless you can guarantee that the agent ID is static. There are options to pin this down on some sflow implementations, but implementing this in code is messy.

After that, the interface IDs could be possible candidates, but only if you knew which switch they were coming from, i.e. what switch the agent ID was referring to. So these aren't useful either.

So your only option at the moment is to use different VLAN IDs on your different infrastructures. This would also solve issue #509.

@rasssta
Copy link
Author

rasssta commented Mar 22, 2019

Ok, thanks!

@rasssta
Copy link
Author

rasssta commented Mar 22, 2019

Btw, might be a good idea to add an info text, when adding infrastructures, about the advantage of unique VLAN IDs :-)

barryo added a commit that referenced this issue May 29, 2019
@barryo
Add note about uniqueness of VLAN tag across infrastructures - re #517
62dd4c6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nickhilliard @rasssta