1030 BigIron RX Series Configuration Guide53-1001810-01sFlow39ACL-based inbound sFlowNOTEThis feature is available only for IPv4.Beginning with release 02.5.00b, the Multi-Service IronWare software supports using an IPv4 ACLto select sample traffic to be sent to an sFlow collector. The data matching an ACL clause can becollected to observe traffic flow patterns and quantities between a set of switches and routers. Toaccommodate collecting sFlow through standard procedures and using ACL-filtered traffic, Brocadecreated the Proprietary Tag Type 1991 that encapsulates the sFlow samples obtained throughACLbased sFlow and separates them from the sequence flow of other sFlow samples. Figure 1shows the format of an sFlow packet, which illustrates the differences between a standard sFlowpayload and an ACL-based payload.As shown in Figure 1, sFlow is carried in a UDP packet. Within the UDP packet, the sFlow contentsare carried in individual samples that are identified by a Tag Type and a Length variable. Thestandard values for the Tag Types are 1 = sampled packet and 2 = counter sample. The lengthvariable describes the length of the sample. Within the sample are other variables including theSequence number and the Source ID.Brocade has introduced the proprietary Tag Type 1991 to identify ACL-based sFlow samples. Forthese samples, standard Tag Type 1 samples collected using ACL-based Inbound sFlow areencapsulated in a Tag Type 1991 sample. The length variable identifies the entire length of the TagType 1991 sample including the encapsulated Tag Type 1 sample. The encapsulated sample has alength variable of its own that only identifies the length of that sample.The Tag Type 1991 samples are sequenced separately from the unencapsulated Tag Type 1samples. For instance in the packet detail described in the "Sequence Flow for sFlow Records" inFigure 1, the top sFlow record with Tag Type 1 begins with the sequence number 1. The next sFlowrecord is of Tag Type 1991 which indicates that the sample contained is from ACL-based sFlow.Encapsulated within this ACL-based sFlow sample is an sFlow sample record of Tag Type 1. TheACL-based sFlow sample (which contains the Type 1 sample) is followed by an unencapsulated TagType 1 sFlow sample. That unencapsulated Tag Type 1 sFlow sample follows the sequencenumbering of the first unencapsulated Tag Type 1 sFlow sample which gives it a sequence numberof 2.