[j-nsp] Netflow config for MX204
Alain Hebert
ahebert at pubnix.net
Wed Apr 8 10:18:47 EDT 2020
Hi,
IMHO,
Directly on the interface permit to use plugins in Elastiflow
(example) to highlight odd traffic behavior (Scans/DDoS)
-----
Alain Hebert ahebert at pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 2020-04-08 08:56, Mark Tinka wrote:
>
> On 8/Apr/20 14:51, Mark Tinka wrote:
>
>> Looks good.
> The only other thing I would do different is to sample directly on the
> interface, rather than through a firewall filter:
>
> xe-0/1/0 {
> unit 0 {
> family inet {
> sampling {
> input;
> output;
> }
> family inet6 {
> sampling {
> input;
> output;
> }
> }
> }
>
> But either works. Just haven't sampled in firewall filters for some time
> now.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list