[j-nsp] Inline jflow - No hash table changes

Thu Sep 11 18:49:27 EDT 2014

Thanks for all the input guys, we're going to give this a go early 
tomorrow morning.  We're running 14.1, I'll report back my findings for 
reference.

Scott H.

On 9/11/14, 5:59 PM, Hugo Slabbert wrote:
> We did not get a hit on enabling inline sampling with a config very 
> similar yours, though we're running dual-RE MX480 on a single chassis, 
> not VC.  We did take a hit on an MX-5, but I believe that was due to 
> touching defaults, as you mentioned.
>
> So, I can offer you an anecdote but I don't have an official word on it.
>
> On Thu 2014-Sep-11 16:42:34 -0400, Scott Harvanek 
> <scott.harvanek at login.com> wrote:
>
>> Hey guys,
>>
>> Quick question, if we setup inline jflow on a MX480 and do not adjust 
>> the hash table sizes, will the FPC still restart?*
>>
>> Specifically the config change would look like this ( MX480 VC, 
>> member 1, FPC 0(VC FPC 12) would be put into this but not member 0 ):
>>
>>
>> [edit chassis]
>> +   member 1 {
>> +       fpc 0 {
>> +           sampling-instance 480flows;
>> +       }
>> +   }
>> [edit]
>> +  services {
>> +      flow-monitoring {
>> +          version-ipfix {
>> +              template ipv4 {
>> +                  flow-active-timeout 60;
>> +                  flow-inactive-timeout 60;
>> +                  template-refresh-rate {
>> +                      packets 1000;
>> +                      seconds 10;
>> +                  }
>> +                  option-refresh-rate {
>> +                      packets 1000;
>> +                      seconds 10;
>> +                  }
>> +                  ipv4-template;
>> +              }
>> +          }
>> +      }
>> +  }
>> [edit interfaces xe-12/1/0 unit 716 family inet]
>> +       sampling {
>> +           input;
>> +       }
>> [edit]
>> +  forwarding-options {
>> +      sampling {
>> +          instance {
>> +              480flows {
>> +                  input {
>> +                      rate 1;
>> +                  }
>> +                  family inet {
>> +                      output {
>> +                          flow-server x.x.x.x {
>> +                              port 2055;
>> +                              version-ipfix {
>> +                                  template {
>> +                                      ipv4;
>> +                                  }
>> +                              }
>> +                          }
>> +                          inline-jflow {
>> +                              source-address x.x.x.x;
>> +                          }
>> +                      }
>> +                  }
>> +              }
>> +          }
>> +      }
>> +  }
>>
>>
>> * I find it pretty annoying the FPC will restart on the hash updates 
>> if you want to adjust the defaults...
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>