[j-nsp] PIC Based Active Monitoring/Sampling (Netflow export) on JunOS 9.6
Scott Berkman
scott at sberkman.net
Thu Dec 31 13:29:40 EST 2009
All,
I am trying to configure active flow monitoring similar to the following
link with an AS PIC on an M160 running 9.6:
http://www.juniper.net/techpubs/software/junos/junos95/feature-guide/id-1137
6518.html
I have checked all of the 9.6 documents such as this:
http://www.juniper.net/techpubs/en_US/junos9.6/information-products/topic-co
llections/config-guide-policy/id-11391310.html
However all of the guides are in the incorrect format for the newer JunOS
codes as discussed in this previous post:
http://www.gossamer-threads.com/lists/nsp/juniper/19361
Is there an updated guide that actually has the correct command syntax?
More specifically, I am having trouble understanding the configuration of
the interface for the AS itself. I am using something like the following:
>show configuration interfaces sp-7/0/0
unit 0 {
family inet {
address 172.16.1.1/32 {
destination 172.16.1.2;
}
}
}
But I don't know what addresses to use for the "source" and "destination"
here. Should these be private IPs that aren't on any other interface?
Should they match the source address to be used for the PIC interface under
[forwarding-options sampling]?
The current status is that the account service seems to be running normally,
but no netflow packets are arriving at the configured flow-server. There is
no connectivity or routing problems and I can ping between the source
address and the flow-server just fine. Here is the rest of my config,
addresses modified to protect the innocent:
forwarding-options {
sampling {
input {
rate 1;
}
family inet {
output {
flow-server 10.1.1.2 {
port 2055;
autonomous-system-type peer;
version 5;
}
interface sp-7/0/0 {
source-address 10.1.1.1;
}
}
}
}
}
Here are some of the show services accounting outputs:
>show services accounting status
Service Accounting interface: sp-7/0/0, Local interface index: 156
Service name: (default sampling)
Interface state: Accounting
Service ID: 0
Export interval (in seconds): 60, Export format: cflowd v5
Protocol: IPv4, Engine type: 188, Engine ID: 23
Route record count: 306719, IFL to SNMP index count: 12, AS count: 151299
Time set: Yes, Configuration set: Yes
Route record set: Yes, IFL SNMP map set: Yes
> show services accounting usage
Service Accounting interface: sp-7/0/0, Local interface index: 156
Service name: (default sampling)
Interface state: Accounting
CPU utilization
Uptime: 74409324 milliseconds, Interrupt time: 0 microseconds
Load (5 second): 66%, Load (1 minute): 63%
> show services accounting memory
Service Accounting interface: sp-7/0/0, Local interface index: 156
Service name: (default sampling)
Interface state: Accounting
Memory utilization
Allocation count: 48776505, Free count: 48702927, Maximum allocated: 0
Allocations per second: 0, Frees per second: 0
Total memory used (in bytes): 186178160, Total memory free (in bytes):
294069272
> show services accounting errors
Service Accounting interface: sp-7/0/0, Local interface index: 156
Service name: (default sampling)
Interface state: Accounting
Error information
Packets dropped (no memory): 0, Packets dropped (not IP): 0
Packets dropped (not IPv4): 0, Packets dropped (header too small): 0
Memory allocation failures: 0, Memory free failures: 0
Memory free list failures: 0
Memory warning: No, Memory overload: No, PPS overload: No, BPS overload:
No
> show services accounting flow
Service Accounting interface: sp-7/0/0, Local interface index: 156
Service name: (default sampling)
Interface state: Accounting
Flow information
Flow packets: 957825306, Flow bytes: 375757478595
Flow packets 10-second rate: 45742, Flow bytes 10-second rate: 13294092
Active flows: 96942, Total flows: 48807590
Flows exported: 48791666, Flows packets exported: 1638159
Flows inactive timed out: 48710648, Flows active timed out: 81447
Finally, the following does produce what seems to be valid entries:
> show services accounting flow-detail limit 10
Thanks!
-Scott
More information about the juniper-nsp
mailing list