[j-nsp] IPFIX Egress Flow not working - MX80
Andrew Nusbaum
Andrew.Nusbaum at mindspark.com
Wed Mar 21 10:59:19 EDT 2012
> What would be the issue in the second router which is not exporting
> output
> flows? Any bugs discovered so far?
I've got a couple of MX240s with MPC-1s running inline-jflow on 10.4R9 and actually ran into PR737472. Sampling input and output on all but one transit interface was working fine. Any traffic that ingressed this particular interface would have flows created with the InputInt and OutputInt marked '0' as opposed to the SNMP ID of the logical interface. Also got bogus AS numbers, no masks, and a 0.0.0.0 next-hop. Saw the same behavior even if I moved the sampling to the internal-facing interfaces. We were able to work around the problem by moving the affected interface to another PIC/Port until Juniper rolls the fix into production code. My understanding is that this affects 11.x code as well.
Example flow export before workaround:
> Flow 9
> SrcAddr: x.x.x.54 (x.x.x.54)
> DstAddr: y.y.y.128 (y.y.y.128) IP TOS: 0x00
> Protocol: 6
> SrcPort: 2001
> DstPort: 80
> ICMP Type: 0
> InputInt: 0
> SrcMask: 0
> DstMask: 0
> SrcAS: 21107
> DstAS: 21107
> NextHop: 0.0.0.0 (0.0.0.0)
> TCP Flags: 0x1b
> OutputInt: 0
> Octets: 943
> Packets: 16
> Duration: 1.916000000 seconds
Andy Nusbaum | Senior Network Engineer
One North Lexington Ave, 9th Floor - White Plains, NY 10601
E andrew.nusbaum at mindspark.com
Mindspark Interactive Network, Inc. is an IAC company.
More information about the juniper-nsp
mailing list