[j-nsp] Getting traffic details

Mark Fullmer maf at eng.oar.net
Thu Feb 17 23:33:08 EST 2005 

To configure:

  set interfaces sp-1/2/0 unit 0 family inet address 10.1.1.1/32 destination 10.1.1.2

  set forwarding-options sampling input family inet rate 100
  set forwarding-options sampling output cflowd <collector ip> port <collector port>
  set forwarding-options sampling output flow-inactive-timeout 15
  set forwarding-options sampling output flow-active-timeout 60
  set forwarding-options sampling output interface sp-1/2/0 source-address <loopback IP>

"sh ip ca fl" then is "show services accounting flow-detail terse"

maf at clmbo-r4> show services accounting flow-detail terse 
Service Accounting interface: sp-1/2/0, Local interface index: 129
Service name: (default sampling)
Interface state: Accounting
Protocol   Source         Source  Destination Destination    Packet        Byte
           address          port  address            port     count       count
tcp(6)     164.107.X.X       22  69.133.X.X          2257       265      365312
tcp(6)     130.108.X.X     3064  66.55.X.X             80       231        9240
...

--
mark

On Thu, Feb 17, 2005 at 05:56:01PM -0700, Michael Loftis wrote:
> 
> 
> --On Thursday, February 03, 2005 15:32 -0500 "mail.ag" 
> <mail.ag at foghorn.nit.gwu.edu> wrote:
> 
> > Check out the '...Services Interfaces Configuration Guide' for your
> > software version for specifics on the above configs.
> >
> > This wont give you the 'show ip cache flow' you are used to in IOS.
> >
> > To get that level of detail, and to greatly increase your sampling
> > ability, you'll want to look at one of the service PICs such as the
> > Adaptive Services (lots of features) or Monitoring Services (better
> > performance for monitoring).  Then, in the cli, you'll be able to use a
> > number of 'show passive-monitoring ' commands.
> > Monitoring PIC:
> > http://www.juniper.net/products/modules/monitoring_pic.html
> > AS PIC:
> > http://www.juniper.net/products/modules/as_pic.html
> >
> > Good luck.
> 
> Old thread i know, but the forwarding-option stuff takes place on the RE 
> then?  In order to use the M7i ASM I have to use different syntax, correct? 
> Just making sure....Still not exactly sure how to do that personally, the 
> docs are a little confusing.  Like you have to mention the fact you want 
> sampling done on the ASM in atleast two different places (the interfaces 
> statement and then service-interface elsewhere?)
> 
> Just trying to get clear on this is all...
> 
> Filters happen on the PIC, correct?
> 
> It'd be nice to find a documentation that explains what setup affects what 
> parts, I'm getting it, but slowly, yeah, I come from Cisco land.  The devil 
> is in the details!
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list