[j-nsp] Sampling Traffic Problem--- Urgent

Ramesh Karki rameshkarki at gmail.com
Wed Mar 3 05:49:12 EST 2010 

hello,

I have configured sampling traffic input on all the interfaces, and
configured forwarding-option with max-packet per second 7000, rate 100 and
run-length 0, means 1 packet out of 100. I am using RE based sampling. On
the server side we are using flow-tool FlowScan as a data collector. In my
view the router is exporting exactly as we have configured on the
forwarding-option. But we want exact ( our total BW as we can see on MRTG)
traffic graph on flow-tool flowScan data collector. To do this I think there
can be an option on flow-tool so it can calculate the exported data and show
exact traffic.

Is there any idea how ??

Thank you,



On Tue, Mar 2, 2010 at 8:54 PM, Uttam Shrestha Rana <
uttam.shrestha.rana at gmail.com> wrote:

> Hello,
>
> Here is what we have configured.
>
>
> show configuration interfaces fe-0/0/0
> description " Connected to NTT Singapore ";
> unit 0 {
>    family inet {
>        filter {
>            input filter-ntt;
>        }
>        sampling {
>            input;
>        }
>        address 116.51.XX.XX/30;
>    }
> }
> -----------------------------------------
> show configuration interfaces fe-0/0/3
> description " Connected to NTT London ";
> fastether-options {
>    ignore-l3-incompletes;
> }
> unit 0 {
>    family inet {
>        filter {
>            input filter-ntt;
>        }
>        sampling {
>            input;
>        }
>        address 83.231.XX.XX/30;
>    }
> }
>
> -----------------------------------------
> show configuration interfaces so-0/1/1
> traceoptions {
>    flag media;
> }
> hold-time up 200 down 15000;
> clocking external;
> encapsulation cisco-hdlc;
> framing {
>    sonet;
> }
> sonet-options {
>    fcs 32;
>    path-trace nep-so-0/1/1;
>    trigger {
>        lol ignore;
>        pll ignore;
>        lof ignore;
>        los ignore;
>        ais-l ignore;
>        rfi-l ignore;
>        ber-sd {
>            hold-time up 100 down 1000;
>        }
>        ber-sf {
>            hold-time up 100 down 1000;
>        }
>        ais-p hold-time up 100 down 10000;
>        lop-p hold-time up 100 down 10000;
>        rfi-p ignore;
>        uneq-p hold-time up 100 down 10000;
>        plm-p hold-time up 100 down 10000;
>    }
>    payload-scrambler;
>    bytes {
>        c2 1;
>    }
> }
> unit 0 {
>    family inet {
>        filter {
>            input filter-tata;
>        }
>        sampling {
>            input;
>        }
>        address 209.58.xx.xx/30;
>    }
> }
> --------------------------------------------
>
> show configuration forwarding-options
> sampling {
>    input {
>        family inet {
>            rate 1;
>            run-length 0;
>            max-packets-per-second 7000;
>        }
>    }
>    output {
>        cflowd 202.51.XXX.XXX {
>            port 9990;
>            source-address 202.51.XX.XX;
>            version 5;
>            autonomous-system-type origin;
>        }
>        cflowd 202.63.XX.XXX {
>            port 9998;
>            source-address 116.66.XX.XXX;
>            version 5;
>            autonomous-system-type origin;
>        }
>        flow-inactive-timeout 300;
>        flow-active-timeout 300;
>    }
> }
>
> ------------------------------------------------
> show configuration firewall filter sampling
> term 1 {
>    then {
>        sample;
>        accept;
>    }
> }
>
> and hardware of our M10i: we don;t have PIC/MS-Pic
>
>
>
> Hoping for your suggestions  and support.
>
> Regards,
> Uttam
>
> On Tue, Mar 2, 2010 at 8:08 PM, Felix Schueren <
> felix.schueren at hosteurope.de
> > wrote:
>
> > Uttam,
> >
> >
> >  On juniper M10i with JUNOS 9.2, we have flow exported by the routing
> >> engine
> >> sampling packets headers and had aggregated them into flows.We have two
> >> upstream and peered number of customers, we have packet sampling done by
> >> defining a firewall filter to accept and sample all traffic and that
> rule
> >> has been applied to the provider facing interfaces.
> >>
> >>  please paste your current "forwarding-options sampling" configuration.
> >
> >
> >  In our case, when we had two upstream previously and sampled, it was
> quite
> >> related to the flow extracted but recently we get peered with another
> >> upstream and did the same configuration for sampling but we are not
> >> getting
> >> the exact flow , we are getting it decreased by half. What can be the
> >> reason
> >> behind this?
> >>
> > it could be that you're hitting the built-in rate limit for sampling, or
> > maybe your firewall filters aren't working right, or your multipathing
> isn't
> > what you'd want it to be. Do you have an advanced services pic / MS-PIC
> in
> > the m10i? If in doubt, paste a  "show chassis hardware clei-models"
> > (clei-models to easily obscure the serial numbers).
> >
> > Kind regards,
> >
> > Felix
> >
> > --
> > Felix Schüren
> > Head of Network
> >
> > -----------------------------------------------------------------------
> > Host Europe GmbH - http://www.hosteurope.de
> > Welserstraße 14 - 51149 Köln - Germany
> > Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
> > HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
> > Geschäftsführer:
> > Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller
> >
> > (*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend
> >
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list