Recent FortiOS release adds sFlow support to Fortinet’s FortiGate® appliances. The following commands configure a FortiGate to sample packets at 1-in-10, poll counters every 20 seconds, and send sFlow to an analyzer (10.0.0.35) over UDP using the default sFlow port (6343) :
config system sflow set collector-ip 10.0.0.35 set collector-port 6343 end
Then for each interface :
config sys interface edit interfacename set sflow-sampler enable set sample-rate 10 set sample-direction both set polling-interval 20 next end
Configure sFlow monitoring on all interfaces on the switch for full visibility. Packet sampling is implemented in hardware so all the interfaces can be monitored with very little overhead.