[j-nsp] netflow sampling problem in 10.2
Matjaž Straus Istenič
juniper at arnes.si
Thu May 19 14:05:43 EDT 2011
Hi Chris,
On 19.5.2011, at 16:30, Chris Tracy wrote:
> Hi Matjaž,
>
> Are you doing RE-based sampling, or using an MS-DPC? Can you post a sanitized version of your config?
It is RE-based. We don't have a $MS-DPC :-(
The config is very simple and it worked for us in 9.6. In firewall filters we use terms like that:
term Sample {
then {
count cntrS_Sample;
sample;
next term;
}
}
(all these filters are ingress/input)
...and we sample with:
[ forwarding-options sampling ]
input {
rate 256;
run-length 0;
max-packets-per-second 8000;
}
family inet {
output {
flow-active-timeout 300;
flow-server *** {
port ***;
autonomous-system-type peer;
no-local-dump;
source-address x.y.z.w;
version 5;
}
}
}
> You might want to look at some of the previous posts to the list on this topic, such as:
>
> https://puck.nether.net/pipermail/juniper-nsp/2010-July/017293.html
>
> This thread was specific to NetFlow v9 using an MS-DPC though...
>
> -Chris
Kind regards,
Matjaž
More information about the juniper-nsp
mailing list