[j-nsp] Sampling Traffic Problem--- Urgent

Uttam Shrestha Rana uttam.shrestha.rana at gmail.com
Tue Mar 2 10:09:09 EST 2010


Hello,

Here is what we have configured.


show configuration interfaces fe-0/0/0
description " Connected to NTT Singapore ";
unit 0 {
    family inet {
        filter {
            input filter-ntt;
        }
        sampling {
            input;
        }
        address 116.51.XX.XX/30;
    }
}
-----------------------------------------
show configuration interfaces fe-0/0/3
description " Connected to NTT London ";
fastether-options {
    ignore-l3-incompletes;
}
unit 0 {
    family inet {
        filter {
            input filter-ntt;
        }
        sampling {
            input;
        }
        address 83.231.XX.XX/30;
    }
}

-----------------------------------------
show configuration interfaces so-0/1/1
traceoptions {
    flag media;
}
hold-time up 200 down 15000;
clocking external;
encapsulation cisco-hdlc;
framing {
    sonet;
}
sonet-options {
    fcs 32;
    path-trace nep-so-0/1/1;
    trigger {
        lol ignore;
        pll ignore;
        lof ignore;
        los ignore;
        ais-l ignore;
        rfi-l ignore;
        ber-sd {
            hold-time up 100 down 1000;
        }
        ber-sf {
            hold-time up 100 down 1000;
        }
        ais-p hold-time up 100 down 10000;
        lop-p hold-time up 100 down 10000;
        rfi-p ignore;
        uneq-p hold-time up 100 down 10000;
        plm-p hold-time up 100 down 10000;
    }
    payload-scrambler;
    bytes {
        c2 1;
    }
}
unit 0 {
    family inet {
        filter {
            input filter-tata;
        }
        sampling {
            input;
        }
        address 209.58.xx.xx/30;
    }
}
--------------------------------------------

show configuration forwarding-options
sampling {
    input {
        family inet {
            rate 1;
            run-length 0;
            max-packets-per-second 7000;
        }
    }
    output {
        cflowd 202.51.XXX.XXX {
            port 9990;
            source-address 202.51.XX.XX;
            version 5;
            autonomous-system-type origin;
        }
        cflowd 202.63.XX.XXX {
            port 9998;
            source-address 116.66.XX.XXX;
            version 5;
            autonomous-system-type origin;
        }
        flow-inactive-timeout 300;
        flow-active-timeout 300;
    }
}

------------------------------------------------
show configuration firewall filter sampling
term 1 {
    then {
        sample;
        accept;
    }
}

and hardware of our M10i: we don;t have PIC/MS-Pic



Hoping for your suggestions  and support.

Regards,
Uttam

On Tue, Mar 2, 2010 at 8:08 PM, Felix Schueren <felix.schueren at hosteurope.de
> wrote:

> Uttam,
>
>
>  On juniper M10i with JUNOS 9.2, we have flow exported by the routing
>> engine
>> sampling packets headers and had aggregated them into flows.We have two
>> upstream and peered number of customers, we have packet sampling done by
>> defining a firewall filter to accept and sample all traffic and that rule
>> has been applied to the provider facing interfaces.
>>
>>  please paste your current "forwarding-options sampling" configuration.
>
>
>  In our case, when we had two upstream previously and sampled, it was quite
>> related to the flow extracted but recently we get peered with another
>> upstream and did the same configuration for sampling but we are not
>> getting
>> the exact flow , we are getting it decreased by half. What can be the
>> reason
>> behind this?
>>
> it could be that you're hitting the built-in rate limit for sampling, or
> maybe your firewall filters aren't working right, or your multipathing isn't
> what you'd want it to be. Do you have an advanced services pic / MS-PIC in
> the m10i? If in doubt, paste a  "show chassis hardware clei-models"
> (clei-models to easily obscure the serial numbers).
>
> Kind regards,
>
> Felix
>
> --
> Felix Schüren
> Head of Network
>
> -----------------------------------------------------------------------
> Host Europe GmbH - http://www.hosteurope.de
> Welserstraße 14 - 51149 Köln - Germany
> Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
> HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
> Geschäftsführer:
> Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller
>
> (*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend
>


More information about the juniper-nsp mailing list