[j-nsp] ex-series: counters for transit traffic ?
Alexandre Snarskii
snar at paranoia.ru
Fri Aug 1 10:39:22 EDT 2008
Hi!
It looks like ex-series switches does not count nor packets nor
bytes, nor ingress nor egress, for transit traffic.
For example, on physical interfaces all I can get is Local statistics:
snar> show interfaces ge-0/0/0 detail statistics
[...]
Traffic statistics:
Input bytes : 121945
Output bytes : 883419
Input packets: 1248
Output packets: 10316
Local statistics:
Input bytes : 121945
Output bytes : 883419
Input packets: 1248
Output packets: 10316
Transit statistics:
Input bytes : 0 0 bps
Output bytes : 0 0 bps
Input packets: 0 0 pps
Output packets: 0 0 pps
and for logical interfaces situation is even worse:
snar> show interfaces vlan.69 detail statistics
Logical interface vlan.69 (Index 90) (SNMP ifIndex 90) (Generation 156)
Description: Management
Flags: SNMP-Traps 0x0 Encapsulation: Unspecified
Traffic statistics:
Input bytes : 0
Output bytes : 0
Input packets: 0
Output packets: 0
Local statistics:
Input bytes : 0
Output bytes : 0
Input packets: 0
Output packets: 0
however, attached filter (with counter and policer) shows that there
were some transit traffic (from vlan.69 over ge-0/0/23 to vlan.901 over
ge-0/0/0):
snar> show firewall filter inbound
Filter: inbound
Counters:
Name Bytes Packets
v901-ingress-policer 15480761 10191
Policers:
Name Packets
512k 1461
Can anybody enlighten me, is it hardware limitation, software bug (running
9.1R2.10) or something other (like some feature not configured) ?
Configuration is pretty straightforward:
snar> show configuration vlans v69
description Management;
vlan-id 69;
interface {
ge-0/0/23.0;
}
l3-interface vlan.69;
snar> show configuration interfaces ge-0/0/23
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members all;
}
}
}
snar> show configuration interfaces vlan unit 69
description Management;
family inet {
filter {
input inbound;
}
address 10.0.88.231/24;
}
snar> show configuration firewall family inet filter inbound
term v901 {
from {
destination-address {
10.1.89.0/24;
}
}
then {
policer 512k;
count v901-ingress-policer;
}
}
term final {
then accept;
}
PS: snmp counters (both 32- and 64-bit ones) also shows zero.
PS: yet another interesting feature of that platform/JunOS is that even
firewall counters unable to count traffic destined to or generated
by vlan.N interfaces..
More information about the juniper-nsp
mailing list