Enhancements
Release M.10.04 Enhancements
ProCurve# show sflow
sflow destination Enabled
Port | Sampling | Rate | Header | Dropped | Polling | Interval | ||
Enabled | Samples | Enabled | ||||||
1 | Yes | 6500000 | 128 | 5671234 |
| Yes | 60 | |
2 | No | 50 | 128 | 0 |
| Yes | 300 | |
3 | Yes | 2000 | 100 | 24978 |
| No | 30 | |
4 | Yes | 200 | 100 | 4294967200 |
| Yes | 40 | |
5 | Yes | 20000 | 128 | 34 |
| Yes | 500 |
Figure 15. Example of Viewing sFlow Sampling and Polling Information
The show sflow all command combines the outputs of the preceding three show commands including sFlow status information for all the ports on the switch.
Release M.10.04 Enhancements
Release M.10.04 includes the following enhancements:
■Enhancement (PR_1000330743) - Instrumentation Monitor, which includes Denial of Service (DoS) logging enhancement.
■Enhancement (PR_1000331027) - TCP/UDP port closure enhancement.
■Enhancement (PR_1000330532) - Improved the "show" command display of STP port detail information to assist in monitoring and troubleshooting of the spanning tree protocol.
Instrumentation Monitor
The 3400cl switches have instrumentation to monitor many operating parameters at
Parameter Name | Description |
The count of packets per minute sent to closed TCP/UDP ports. An excessive amount | |
| of packets could indicate a port scan, in which an attacker is attempting to expose a |
| vulnerability in the switch. |
The count of ARP requests processed per minute. A large amount of ARP request | |
| packets could indicate an host infected with a virus that is trying to spead itself. |
70