[j-nsp] Inline jflow - No hash table changes
Scott Harvanek
scott.harvanek at login.com
Fri Sep 12 13:32:50 EDT 2014
We turned this up this morning with no service hits and flows are
exporting correctly;
- MX480 Virtual-Chassis
- Enabled on member 1 / FPC 0
- Junos 14.1
:)
Scott H.
On 9/11/14, 7:00 PM, Hugo Slabbert wrote:
> Forgot to note: we were running 11.4R7.5 on both that MX480 and MX5,
> in case that's relevant to you at all.
>
> On Thu 2014-Sep-11 18:49:27 -0400, Scott Harvanek
> <scott.harvanek at login.com> wrote:
>
>> Thanks for all the input guys, we're going to give this a go early
>> tomorrow morning. We're running 14.1, I'll report back my findings
>> for reference.
>>
>> Scott H.
>>
>> On 9/11/14, 5:59 PM, Hugo Slabbert wrote:
>>> We did not get a hit on enabling inline sampling with a config very
>>> similar yours, though we're running dual-RE MX480 on a single
>>> chassis, not VC. We did take a hit on an MX-5, but I believe that
>>> was due to touching defaults, as you mentioned.
>>>
>>> So, I can offer you an anecdote but I don't have an official word on
>>> it.
>>>
>>> On Thu 2014-Sep-11 16:42:34 -0400, Scott Harvanek
>>> <scott.harvanek at login.com> wrote:
>>>
>>>> Hey guys,
>>>>
>>>> Quick question, if we setup inline jflow on a MX480 and do not
>>>> adjust the hash table sizes, will the FPC still restart?*
>>>>
>>>> Specifically the config change would look like this ( MX480 VC,
>>>> member 1, FPC 0(VC FPC 12) would be put into this but not member 0 ):
>>>>
>>>>
>>>> [edit chassis]
>>>> + member 1 {
>>>> + fpc 0 {
>>>> + sampling-instance 480flows;
>>>> + }
>>>> + }
>>>> [edit]
>>>> + services {
>>>> + flow-monitoring {
>>>> + version-ipfix {
>>>> + template ipv4 {
>>>> + flow-active-timeout 60;
>>>> + flow-inactive-timeout 60;
>>>> + template-refresh-rate {
>>>> + packets 1000;
>>>> + seconds 10;
>>>> + }
>>>> + option-refresh-rate {
>>>> + packets 1000;
>>>> + seconds 10;
>>>> + }
>>>> + ipv4-template;
>>>> + }
>>>> + }
>>>> + }
>>>> + }
>>>> [edit interfaces xe-12/1/0 unit 716 family inet]
>>>> + sampling {
>>>> + input;
>>>> + }
>>>> [edit]
>>>> + forwarding-options {
>>>> + sampling {
>>>> + instance {
>>>> + 480flows {
>>>> + input {
>>>> + rate 1;
>>>> + }
>>>> + family inet {
>>>> + output {
>>>> + flow-server x.x.x.x {
>>>> + port 2055;
>>>> + version-ipfix {
>>>> + template {
>>>> + ipv4;
>>>> + }
>>>> + }
>>>> + }
>>>> + inline-jflow {
>>>> + source-address x.x.x.x;
>>>> + }
>>>> + }
>>>> + }
>>>> + }
>>>> + }
>>>> + }
>>>> + }
>>>>
>>>>
>>>> * I find it pretty annoying the FPC will restart on the hash
>>>> updates if you want to adjust the defaults...
>>>> _______________________________________________
>>>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>>
>>
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list