[j-nsp] j4350 not reporting destination interface in netflow records *BUMP*

[Anton Smith]

Hi,

Sorry to bump this.. but surely somebody out there is using netflow with 
J series routers and getting both input and output interface IDs in 
their records?

-------------

Hi,

I am having problems with missing destination interface index numbers.
They are always set to 0. Source interface index numbers appear to be
fine and correct.

My configuration is roughly as follows:

      ge-0/0/1 {
          speed 10m;
          link-mode full-duplex;
          gigether-options {
              no-auto-negotiation;
          }
          unit 0 {
              family inet {
                  no-redirects;
                  sampling {
                      input;
                      output;
                  }
                  address x.x.x.x/30;
              }
          }
      }

forwarding-options {
      sampling {
          input {
              family inet {
                  rate 20;
              }
          }
          output {
              file filename samples;
              cflowd y.y.y.y {
                  port 1500;
                  source-address z.z.z.z;
                  version 8;
                  aggregation {
                      source-destination-prefix;
                  }
              }
              flow-active-timeout 900;
          }
      }
}

However, when using local dump, all I get are records like this
(regardless of the source interface, the dest interface is always 0 -
although in this copy/paste I only show two records from the same source
interface):

Jul 14 02:51:13 v8 flow entry
Jul 14 02:51:13    Num of flows: 1
Jul 14 02:51:13    Pkts in flow: 1
Jul 14 02:51:13    Bytes in flow: 91
Jul 14 02:51:13    Start time of flow: 2066780464
Jul 14 02:51:13    End time of flow: 2066780464
Jul 14 02:51:13 Src/Dst prefix aggregation
Jul 14 02:51:13    Src prefix x.x.x.x
Jul 14 02:51:13    Dst prefix y.y.y.y
Jul 14 02:51:13    Src Mask 0x0
Jul 14 02:51:13    Dst Mask 0x18
Jul 14 02:51:13    Src AS xxx
Jul 14 02:51:13    Dst AS xxxxx
Jul 14 02:51:13    Src Interface 43
Jul 14 02:51:13    Dst Interface 0
Jul 14 02:51:13 v8 flow entry
Jul 14 02:51:13    Num of flows: 1
Jul 14 02:51:13    Pkts in flow: 1
Jul 14 02:51:13    Bytes in flow: 126
Jul 14 02:51:13    Start time of flow: 2066740843
Jul 14 02:51:13    End time of flow: 2066740843
Jul 14 02:51:13 Src/Dst prefix aggregation
Jul 14 02:51:13    Src prefix x.x.x.x
Jul 14 02:51:13    Dst prefix y.y.y.y
Jul 14 02:51:13    Src Mask 0x0
Jul 14 02:51:13    Dst Mask 0x1b
Jul 14 02:51:13    Src AS xxx
Jul 14 02:51:13    Dst AS xxxxx
Jul 14 02:51:13    Src Interface 43
Jul 14 02:51:13    Dst Interface 0


On my flow capture machine, running flow-filter on output interfaces
gives me nothing except for output interface '0', so the output
interface information simply is not there.

I am wondering if the information will be included if I sample from a
firewall filter rather than using the 'sample' directive on the
interface, although I am yet to try this.

I also wonder what information is given to the sampling daemon from the
forwarding daemon, is the sample packet given after the forwarding
decision is made, or before? If before, then I can understand why it
cannot note the output interface...

Any ideas?