[j-nsp] Netflow Export - MX running 10.x
Paul Stewart
paul at paulstewart.org
Fri Sep 17 12:57:15 EDT 2010
Really? Crap... no, we have dual RE-S-2000 and a pair of DPC with 20 gig
and 2 10 gig ports on them (R)....
-----Original Message-----
From: OBrien, Will [mailto:ObrienH at missouri.edu]
Sent: September-17-10 12:53 PM
To: Paul Stewart
Cc: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] Netflow Export - MX running 10.x
Do you have a ms-dpc blade? You can't do it without that card.
Will O'Brien
On Sep 17, 2010, at 11:19 AM, Paul Stewart <paul at paulstewart.org> wrote:
> Hi there..
>
>
>
> I'm working with an MX480 running 10.0R3.10 trying to get Netflow 5
> exporting up and running.... been reading some of the docs from Juniper
and
> must be reading the wrong info because what they talk about I don't see ;)
>
>
>
> First, firewall filter:
>
>
>
> filter cflowd {
>
> term sampled_packets {
>
> from {
>
> source-address {
>
> 0.0.0.0/0;
>
> }
>
> }
>
> then accept;
>
> }
>
> term other {
>
> then accept;
>
> }
>
> }
>
>
>
>
>
> Then forwarding options:
>
>
>
> sampling {
>
> input {
>
> rate 1;
>
> run-length 0;
>
> max-packets-per-second 7000;
>
> }
>
> family inet {
>
> output {
>
> flow-server xx.xxx.xx.2 {
>
> port 5000;
>
> source-address xx.xx.xxx.59;
>
> version 5;
>
> }
>
> }
>
> }
>
> }
>
>
>
>
>
> When I apply this as input on an interface I see nothing hitting the
netflow
> system.... the docs talk about "sampling output" instead of "sampling
family
> inet" but I have no option for "sampling output"
>
>
>
> Confused I am ;) Doesn't take much ... (oh, and yes I want 1:1 sampling
at
> this point simply because the traffic levels will allow it in the short
> term)
>
>
>
> Paul
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list