[j-nsp] clarification of enabling sample
Brian Spade
bitkraft at gmail.com
Sun Oct 26 01:42:14 EDT 2008
On Sat, Oct 25, 2008 at 6:53 PM, Stefan Fouant <sfouant at gmail.com> wrote:
>
> For all intents and purposes there are no practical differences
> between the two methods you have proposed, since your firewall filter
> term is essentially a match all... The main difference is when you
> want to sample a subset of the traffic traversing a given interface.
> This is when matching on particular flows using a firewall filter
> comes in handy. If you have a particularly large amount of traffic
> traversing your interfaces and you don't have a requirement to sample
> all traffic, sampling via the use of firewall filters will also allow
> you to have more fine-grained control over your AS-PIC/MS-PIC/etc.
> resources.
Thanks Steve for answering my question.
I have been a little frustrated finding solid documentation on Juniper's web
site about their netflow implementation. I prefer to sample everything but
set a sampling rate of say 1:50. The only place I was able to find
interesting aspects of the sampling rate was in someone's presentation I
found through searching google. This presentation stated the software based
sampling was limited to 8000 pps and to adjust your sampling rate with this
limitation in mind and the interface utilization. Is there some secret
grail for finding good documention on Juniper's site besides the CLI
commands with regards to netflow? :-)
/b
More information about the juniper-nsp
mailing list