[j-nsp] Policy accounting in SDX

Bjørn Mork bjorn at mork.no
Sat Oct 2 13:40:15 EDT 2004 

gautam m <gautam_4_7 at yahoo.co.in> writes:

> I have heard that the SDX is capable for doing accounting for each
> of the policies that it apllies on the interfaces in the ERX-700
> that it manages.  Is this possible and does anybody have the
> knowledge how different it is from the RADIUS based accounting.

RADIUS accounting will only give you interface totals while the SDX
accounting is based on matched policies.  You can e.g. choose not to
count some of the traffic, like traffic from your own server farms.

> Does SDX also use the inOctets and outOctets counter of the ERX
> interface to generate the accounting logs or is it something
> different..If anybody has knowledge of the above pls help.

The ERX will count the packets matching each rule (rate-limit, forward
etc) and report these to the SDX over the COPS connection.  An example
of SDX-pushed policies and counters:

  IP Policy input 2241040-ssc-0
    forward classifier-group SSC3AAABAAAAAAAB entry 1
      83285 Packets  11863916 Bytes forwarded
  IP Policy output 2241040-ssc-1
    rate-limit-profile SSC3AAABAAAAAABT classifier-group SSC3AAABAAAAAABW entry 1
      Committed: 0 Packets, 0 Bytes, Action: transmit
      Conformed: 0 Packets, 0 Bytes, Action: transmit
      Exceeded:  0 Packets, 0 Bytes, Action: drop
    rate-limit-profile SSC3AAABAAAAAABT classifier-group SSC3AAABAAAAAABU entry 1
      Committed: 0 Packets, 0 Bytes, Action: transmit
      Conformed: 0 Packets, 0 Bytes, Action: transmit
      Exceeded:  0 Packets, 0 Bytes, Action: drop
    rate-limit-profile SSC3AAABAAAAAACx classifier-group SSC3AAABAAAAAAB0 entry 1
      Committed: 116806 Packets, 42197333 Bytes, Action: transmit
      Conformed: 1351 Packets, 1466866 Bytes, Action: transmit
      Exceeded:  36 Packets, 39096 Bytes, Action: drop
    forward classifier-group SSC3AAABAAAAAAB0 entry 1
      118193 Packets  43703295 Bytes forwarded
    rate-limit-profile SSC3AAABAAAAAAGq classifier-group SSC3AAABAAAAAAGr entry 1
      Committed: 0 Packets, 0 Bytes, Action: transmit
      Conformed: 0 Packets, 0 Bytes, Action: transmit
      Exceeded:  0 Packets, 0 Bytes, Action: drop
    forward classifier-group SSC3AAABAAAAAAAB entry 1
      0 Packets  0 Bytes forwarded



Bjørn

More information about the juniper-nsp mailing list