[j-nsp] Netflow config for MX204

Liam Farr liam at maxumdata.com
Thu Apr 9 02:20:00 EDT 2020 

Hi,

I'm using the config example at
https://github.com/jtkristoff/junos/blob/master/flows.md (many thanks) with
a couple of exceptions.

However I am getting export packet failures.

Exceptions / changes from the example are the use of
*flex-flow-sizing* and *sampling
on the interface* rather than firewall.

Config is as follows;

chassis {
    fpc 0 {
        sampling-instance default;
        inline-services {
            flex-flow-sizing;
        }
    }
}
services {
    flow-monitoring {
        version-ipfix {
            template v4 {
                ipv4-template;
            }
            template v6 {
                ipv6-template;
            }
        }
    }
}
forwarding-options {
    sampling {
        sample-once;
        instance {
            default {
                input {
                    rate 100;
                }
                family inet {
                    output {
                        flow-server 103.247.xxx.xxx {
                            port 6363;
                            version-ipfix {
                                template {
                                    v4;
                                }
                            }
                        }
                        inline-jflow {
                            source-address 43.252.xxx.xxx;
                        }
                    }
                }
                family inet6 {
                    output {
                        flow-server 103.247.xxx.xxx {
                            port 6363;
                            version-ipfix {
                                template {
                                    v6;
                                }
                            }
                        }
                        inline-jflow {
                            source-address 43.252.xxx.xxx;
                        }
                    }
                }
            }
        }
    }
}
interfaces {
    xe-0/1/7 {
        unit 442 {
            vlan-id 442;
            family inet {
                mtu 1998;
                sampling {
                    input;
                    output;
                }
                address 111.69.xxx.xxx/30;
            }
            family inet6 {
                mtu 1998;
                sampling {
                    input;
                    output;
                }
                address 2406:xxxx:xxxx:xxxx::xxxx/64;
            }

        }
    }
}

For the source address I had originally used the internal management
network address on fxp0 but was receiving no flows at the collector so
changed to a loopback address on one of the VRF's, both the internal
management IP and the VRF loopback have reachability to the flow-server
address.

The below is the error output;

show services accounting errors inline-jflow fpc-slot 0
  Error information
    FPC Slot: 0
    Flow Creation Failures: 0
    Route Record Lookup Failures: 0, AS Lookup Failures: 0
    Export Packet Failures: 137
    Memory Overload: No, Memory Alloc Fail Count: 0

    IPv4:
    IPv4 Flow Creation Failures: 0
    IPv4 Route Record Lookup Failures: 0, IPv4 AS Lookup Failures: 0
    IPv4 Export Packet Failures: 134

    IPv6:
    IPv6 Flow Creation Failures: 0
    IPv6 Route Record Lookup Failures: 0, IPv6 AS Lookup Failures: 0
    IPv6 Export Packet Failures: 3

show services accounting flow inline-jflow fpc-slot 0
  Flow information
    FPC Slot: 0
    Flow Packets: 7976, Flow Bytes: 1129785
    Active Flows: 83, Total Flows: 2971
    Flows Exported: 1814, Flow Packets Exported: 1477
    Flows Inactive Timed Out: 1020, Flows Active Timed Out: 1725
    Total Flow Insert Count: 1246

    IPv4 Flows:
    IPv4 Flow Packets: 7821, IPv4 Flow Bytes: 951645
    IPv4 Active Flows: 82, IPv4 Total Flows: 2912
    IPv4 Flows Exported: 1776, IPv4 Flow Packets exported: 1439
    IPv4 Flows Inactive Timed Out: 1003, IPv4 Flows Active Timed Out: 1687
    IPv4 Flow Insert Count: 1225

    IPv6 Flows:
    IPv6 Flow Packets: 155, IPv6 Flow Bytes: 178140
    IPv6 Active Flows: 1, IPv6 Total Flows: 59
    IPv6 Flows Exported: 38, IPv6 Flow Packets Exported: 38
    IPv6 Flows Inactive Timed Out: 17, IPv6 Flows Active Timed Out: 38
    IPv6 Flow Insert Count: 21

show services accounting status inline-jflow fpc-slot 0
  Status information
    FPC Slot: 0
    IPV4 export format: Version-IPFIX, IPV6 export format: Version-IPFIX
    BRIDGE export format: Not set, MPLS export format: Not set
    IPv4 Route Record Count: 1698135, IPv6 Route Record Count: 247572, MPLS
Route Record Count: 0
    Route Record Count: 1945707, AS Record Count: 167101
    Route-Records Set: Yes, Config Set: Yes
    Service Status: PFE-0: Steady
    Using Extended Flow Memory?: PFE-0: No
    Flex Flow Sizing ENABLED?: PFE-0: Yes
    IPv4 MAX FLOW Count: 5242884, IPv6 MAX FLOW Count: 5242884
    BRIDGE MAX FLOW Count: 5242884, MPLS MAX FLOW Count: 5242884

Not sure specifically what I am doing wrong here, it seems to be collecting
the flows ok, but exporting is the issue?

I'd appreciate any advice or pointers thanks :)


On Thu, 9 Apr 2020 at 04:20, Tarko Tikan <tarko at lanparty.ee> wrote:

> hey,
>
> > Does one need to reboot the box if you switch to "flex-flow-sizing"? The
> > documentation seems to say so if you're going from the old format to the
> > new one.
>
> AFAIR no. You can verify via "show jnh 0 inline-services
> flow-table-info" from the PFE shell.
>
> --
> tarko
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


-- 
Kind Regards


Liam Farr

Maxum Data
+64-9-950-5302

More information about the juniper-nsp mailing list