[j-nsp] cflow cflowd problems
Rodrigo Santos
rodrigo.santos at quantiza.com
Wed Dec 7 08:51:42 EST 2005
I made the requested modification (set routing-options route-record) but
the result was the same...
Nhop addr: 0.0.0.0 <=== in all flows
Output interface: 0 <== in all flows
Rodrigo
Steven Wong wrote:
> Can you add this ?
>
>
>>set routing-options route-record
>
>
> - Steven
>
>
>>-----Original Message-----
>>From: Rodrigo Santos [mailto:rodrigo.santos at quantiza.com]
>>Sent: Wednesday, December 07, 2005 7:08 PM
>>To: Steven Wong
>>Cc: juniper-nsp at puck.nether.net
>>Subject: Re: [j-nsp] cflow cflowd problems
>>
>>static {
>> route x.x.192.0/24 discard;
>> route y.y.224.225/32 next-hop [ y.y.226.217 z.z.57.81 ];
>> route x.x.192.0/21 discard;
>> route y.y.141.128/25 next-hop x.x.192.42;
>> route x.x.193.0/24 discard;
>> route a.a.59.18/32 next-hop b.b.221.37;
>> route x.x.197.0/24 discard;
>>}
>>router-id y.y.y.y; <=== cflowd IP on forwarding-options
>>autonomous-system xxxx;
>>forwarding-table {
>> export load-balancing;
>>}
>>
>>Thanks,
>>Rodrigo
>>
>>Steven Wong wrote:
>>
>>>Hi Rodrigo,
>>>
>>>What's the configuration under "routing-options" ?
>>>
>>>Regards,
>>>Steven
>>>
>>>
>>>
>>>>-----Original Message-----
>>>>From: juniper-nsp-bounces at puck.nether.net
>>>>[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
>>>>Rodrigo Santos
>>>>Sent: Wednesday, December 07, 2005 6:40 AM
>>>>To: juniper-nsp at puck.nether.net
>>>>Subject: [j-nsp] cflow cflowd problems
>>>>
>>>>Hi all,
>>>>
>>>>I am trying to export the flows of a Juniper j6300, JUNOS Release
>>>>Software [ 7.2R1.7 ] (Export edition), to a external machine.
>>>>
>>>>Setiing "local-dump" parameter in the Juniper, is possible to verify
>>>>that the NextHop and OutPutInterfaceIndex are always with value 0:
>>>>
>>>>Nov 29 12:17:55 v5 flow entry
>>>>Nov 29 12:17:55 Src addr: x.x.x.x
>>>>Nov 29 12:17:55 Dst addr: y.y.y.y
>>>>Nov 29 12:17:55 Nhop addr: 0.0.0.0 <=========== always
>>>>Nov 29 12:17:55 Input interface: 47
>>>>Nov 29 12:17:55 Output interface: 0 <========== always
>>>>Nov 29 12:17:55 Pkts in flow: 2
>>>>Nov 29 12:17:55 Bytes in flow: 96
>>>>Nov 29 12:17:55 Start time of flow: 3546172797
>>>>Nov 29 12:17:55 End time of flow: 3546175877
>>>>Nov 29 12:17:55 Src port: 38662
>>>>Nov 29 12:17:55 Dst port: 48385
>>>>Nov 29 12:17:55 TCP flags: 0x2
>>>>Nov 29 12:17:55 IP proto num: 6
>>>>Nov 29 12:17:55 TOS: 0x0
>>>>Nov 29 12:17:55 Src AS: xxxx
>>>>Nov 29 12:17:55 Dst AS: yyyy
>>>>Nov 29 12:17:55 Src netmask len: 17
>>>>Nov 29 12:17:55 Dst netmask len: 24
>>>>
>>>>The question is that the parameters used for collecting software
>>>>(flowscan) are these to identify to which the traffic are
>>
>>of input and
>>
>>>>which is of output, but as the data are come zeroed are not
>>>>obtaining to
>>>>make the collection.
>>>>
>>>>PS.: This exactly process is functioning perfectly for the collected
>>>>flows of the Cisco.
>>>>
>>>>In the configuration of the Juniper, we are using:
>>>>
>>>>forwarding-options {
>>>> sampling {
>>>> input {
>>>> family inet {
>>>> rate 1;
>>>> run-length 0;
>>>> max-packets-per-second 5000;
>>>> }
>>>> }
>>>> output {
>>>> cflowd y.y.y.y {
>>>> port 10003;
>>>> source-address ;
>>>> version 5;
>>>> no-local-dump;
>>>> autonomous-system-type peer;
>>>> }
>>>> aggregate-export-interval 90;
>>>> flow-inactive-timeout 60;
>>>> flow-active-timeout 60;
>>>> }
>>>> }
>>>> hash-key {
>>>> family inet {
>>>> layer-3;
>>>> }
>>>> }
>>>>}
>>>>
>>>>firewall {
>>>> filter all {
>>>> term all {
>>>> then {
>>>> sample;
>>>> accept;
>>>> }
>>>> }
>>>> }
>>>>}
>>>>
>>>>
>>>>Can somebody help me to discover what it is happening and as
>>>>to correct
>>>>the problem?
>>>>
>>>>Thanks.
>>>>
>>>>--
>>>>
>>>>Rodrigo Santos
>>>>_______________________________________________
>>>>juniper-nsp mailing list juniper-nsp at puck.nether.net
>>>>http://puck.nether.net/mailman/listinfo/juniper-nsp
>>>>
>>
More information about the juniper-nsp
mailing list