[j-nsp] Flow accounting on an M7i

Andy M. andy at ctdam.com
Thu Aug 19 09:26:07 EDT 2010 

Thanks for all the input.  In the end, I decided to let it sit for an  
hour or so and the flows started working.  I'm not sure if this is  
normal, but not what I expected.  The flow errors cleared and there  
are no memory issues now.

andy at er01> show services accounting flow
Service Accounting interface: sp-1/2/0, Local interface index: 142
Service name: (default sampling)
Interface state: Accounting
   Flow information
     Flow packets: 188567, Flow bytes: 33001278
     Flow packets 10-second rate: 2, Flow bytes 10-second rate: 572
     Active flows: 120, Total flows: 156524
     Flows exported: 156404, Flows packets exported: 8987
     Flows inactive timed out: 156404, Flows active timed out: 0

andy at er01> show services accounting errors
Service Accounting interface: sp-1/2/0, Local interface index: 142
Service name: (default sampling)
Interface state: Accounting
   Error information
     Packets dropped (no memory): 0, Packets dropped (not IP): 0
     Packets dropped (not IPv4): 0, Packets dropped (header too  
small): 0
     Memory allocation failures: 0, Memory free failures: 0
     Memory free list failures: 0
     Memory warning: No, Memory overload: No, PPS overload: No, BPS  
overload: No

Thank you to everyone for the assistance.

-Andy

On Aug 19, 2010, at 12:08 AM, Doan Nguyen wrote:

> Starting JUNOS XXXX a requirement for cflowd to work is to configure  
> NTP as Stefan pointed out a few emails earlier.
>
> --- On Wed, 8/18/10, sthaug at nethelp.no <sthaug at nethelp.no> wrote:
>
> From: sthaug at nethelp.no <sthaug at nethelp.no>
> Subject: Re: [j-nsp] Flow accounting on an M7i
> To: andy at ctdam.com
> Cc: juniper-nsp at puck.nether.net
> Date: Wednesday, August 18, 2010, 2:39 PM
>
> > I'm trying to enable flow accounting on one of our M7is.  JunOS
> > version is 9.1R8.  No matter what I do, I can't get a flow to  
> export.
> > I'd appreciate any input to obvious errors, or tips on other  
> things to
> > try.  I've also tried removing sampling from the interface and doing
> > it with a firewall rule.
>
> Have you tried RE-based sampling? We use
>
> input {
>     family inet {
>         rate 1000;
>         run-length 0;
>         max-packets-per-second 1000;
>     }
> }
> output {
>     cflowd a.b.c.d {
>         port 2055;
>         version 5;
>         no-local-dump;
>         autonomous-system-type origin;
>     }
> }
>
> and then for the relevant interfaces we have a firewall filter which
> includes the "sample" keyword.
>
> Steinar Haug, Nethelp consulting, sthaug at nethelp.no
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list