[j-nsp] MX80 JFlow Setup
Eric Van Tol
eric at atlantech.net
Tue Dec 23 12:34:58 EST 2014
Be aware that modifying the 'table-size' parameters will cause the tfeb to reboot. You will want to do this during a maintenance period if this is a production router.
-evt
> -----Original Message-----
> From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
> Of Scott Granados
> Sent: Tuesday, December 23, 2014 12:31 PM
> To: Levi Pederson
> Cc: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] MX80 JFlow Setup
>
> Hi there, what you have will work well with a few modifications.
>
> If you're using inline sampling you might as well set the rate to 1, the
> sampling is happening at 1:1 regardless and all the rate adjusts in this
> config is the scaling factor.
> You're config also needs sample points so something like
>
> set interfaces xe-0/0/0.0 family inet sampling input
> place an input sampling statement on the interfaces that face your
> upstream and that face your inside network, do not sample on the output
> channel.
>
> You also don't need to define everything on the template level
> you can just do services monitoring flow sampling template ipv4 ipv4-
> template
>
> you can set your flow sizes on the forwarding options sampling instance
> input section and finally you want to define an ipv4 and ipv6 flow-table
> size on the tfeb.
>
> set chassis tfeb slot 0 sampling instance blah ipv4 and ipv6 table-size
>
> note that the tfeb will restart when configured to reprogram with the
> new flow table size settings.
>
> Settings are 1-15 where the number is x*256K flows. You can define ipv4
> only if you do not have any ipv6.
>
> Hope that helps.
>
>
> On Dec 23, 2014, at 12:16 PM, Levi Pederson
> <levipederson at mankatonetworks.net> wrote:
>
> > All,
> >
> > Trying to get an MX80 to output Flow to an external collector. I've
> been
> > reading several pieces of documentation and I keep getting differing
> views
> > and opinions on how this is supposed to be done. I'm looking for the
> > simplest option right now and if I need to expand I can move to more
> > detailed processes after
> >
> > I'm currently using the following
> >
> > [edit chassis]
> > - tfeb {
> > - slot 0 {
> > - sampling-instance calix;
> > - }
> > - }
> > [edit]
> > - forwarding-options {
> > - sampling {
> > - instance {
> > - calix {
> > - input {
> > - rate 50;
> > - }
> > - family inet {
> > - output {
> > - flow-server [ipaddress] {
> > - port 2058;
> > - version-ipfix {
> > - template {
> > - ipv4;s
> > - }
> > - }
> > - }
> > - inline-jflow {
> > - source-address [ipaddress];
> > - }
> > - }
> > - }
> > - }
> > - }
> > - }
> > - }
> > - services {
> > - flow-monitoring {
> > - version-ipfix {
> > - template ipv4 {
> > - flow-active-timeout 60;
> > - flow-inactive-timeout 70;
> > - template-refresh-rate {
> > - seconds 30;
> > - }
> > - option-refresh-rate {
> > - seconds 30;
> > - }
> > - ipv4-template;
> > - }
> > - }
> > - }
> > - }
> >
> >
> > Edited for Anonymity.
> >
> > Thank you,
> > .
> > *Levi Pederson*
> > Mankato Networks LLC
> > cell | 612.481.0769
> > work | 612.787.7392
> > levipederson at mankatonetworks.net
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list