[j-nsp] Netflow Export - MX running 10.x

OBrien, Will ObrienH at missouri.edu
Fri Sep 17 12:52:34 EDT 2010


Do you have a ms-dpc blade? You can't do it without that card.

Will O'Brien

On Sep 17, 2010, at 11:19 AM, Paul Stewart <paul at paulstewart.org> wrote:

> Hi there..
> 
> 
> 
> I'm working with an MX480 running 10.0R3.10 trying to get Netflow 5
> exporting up and running.... been reading some of the docs from Juniper and
> must be reading the wrong info because what they talk about I don't see ;)
> 
> 
> 
> First, firewall filter:
> 
> 
> 
> filter cflowd {
> 
>    term sampled_packets {
> 
>        from {
> 
>            source-address {
> 
>                0.0.0.0/0;
> 
>            }
> 
>        }
> 
>        then accept;
> 
>    }
> 
>    term other {
> 
>        then accept;
> 
>    }
> 
> }
> 
> 
> 
> 
> 
> Then forwarding options:
> 
> 
> 
> sampling {
> 
>    input {
> 
>        rate 1;
> 
>        run-length 0;
> 
>        max-packets-per-second 7000;
> 
>    }
> 
>    family inet {
> 
>        output {
> 
>            flow-server xx.xxx.xx.2 {
> 
>                port 5000;
> 
>                source-address xx.xx.xxx.59;
> 
>                version 5;
> 
>            }
> 
>        }
> 
>    }
> 
> }
> 
> 
> 
> 
> 
> When I apply this as input on an interface I see nothing hitting the netflow
> system.... the docs talk about "sampling output" instead of "sampling family
> inet" but I have no option for "sampling output" 
> 
> 
> 
> Confused I am ;)  Doesn't take much ... (oh, and yes I want 1:1 sampling at
> this point simply because the traffic levels will allow it in the short
> term)
> 
> 
> 
> Paul
> 
> 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list