Junos
Junos

Exporting netflow data on mx960 second part

‎11-24-2015 11:08 AM

 Hi guys , after some research about getting my mx960 exporting netflow traffic to my collector; I got the lines bellow. This config passed the "commit check" test, but has not been tested yet, Im planning to cmmit them during this week.
First I would like to ask some questions regarding my config , then I will list the lines.
1) Which interface is used to send the data flow packets ? So far I only set an ip source on the forwarding options.
Does it mean that it is enough to set this ip on an interface for the router to bind the data with this interface?
In my case I have:
set forwarding-options sampling instance PEERING family inet output inline-jflow source-address 10.0.0.1
And for the interface:
set interfaces ge-0/0/3 unit 0 family inet address 10.0.0.1/30.
Does those interface need to be on the same routing instance?

 

Mine is a juniper mx960 running 11.1R4.4 version.

Thanks for your comments;
Leandro.

Now the lines:

[edit chassis]
+   fpc 0 {
+       sampling-instance PEERING;
+   }
[edit interfaces xe-0/2/0 unit 0 family inet filter]
-        input port-mirror;
+        input SAMPLE-ALL;
-        output port-mirror;
+        output SAMPLE-ALL;
[edit forwarding-options]
+   sampling {
+       instance {
+           PEERING {
+               input {
+                   rate 1;
+               }
+               family inet {
+                   output {
+                       flow-server 10.0.0.2 {
+                           port 9995;
+                           version-ipfix {
+                               template {
+                                   TEMPLATEv4;
+                               }
+                           }
+                       }
+                       inline-jflow {
+                           source-address 10.0.0.1;
+                       }
+                   }
+               }
+           }
+       }                               
+   }
[edit firewall family inet]
      filter cpe_block { ... }
+     filter SAMPLE-ALL {
+         term 1 {
+             then sample;
+         }
+         term ALLOW-ALL {
+             then accept;
+         }
+     }
[edit services]
+   flow-monitoring {
+       version-ipfix {
+           template TEMPLATEv4 {
+               flow-active-timeout 150;
+               flow-inactive-timeout 100;
+               template-refresh-rate {
+                   seconds 10;
+               }
+               option-refresh-rate {
+                   seconds 10;
+               }
+               ipv4-template;
+           }
+       }
+   }
1 REPLY 1
Junos

Re: Exporting netflow data on mx960 second part

‎11-26-2015 07:25 AM

Ok,  Config is running.

I seems to be working, I  got the neflow packets on the collector.

Now the problem is that my collector tool does not recognize the netflow ipfix (version 10) format.

 

When I try to set version9 on the PEERING sampling instance it returns an error:
First I create another template1 and then commit checj:

 

leandro@mx960# commit check 
re1: 
[edit forwarding-options sampling instance PEERING family inet output inline-jflow]
  sampling inline configuration error
    Can't configure inline output with V5, V8 or V9 collector configured

error: configuration check-out failed

{master}[edit]
leandro@mdz-gc-he-mx960# 

If I delete the inline-jflow statement it gives me the warning :

 

{master}[edit forwarding-options sampling instance PEERING family inet output]
leandro@mdz-gc-he-mx960# show 
##
## Warning: Output 'interface' or 'inline Jflow' should be configured with flow-server
##
flow-server 10.0.0.2 {
    port 9995;
    ##
    ## Warning: Service PIC or inline-jflow (j-series and SRX only) must be specified for version9
    ##
    version9 {
        template {
            template1;
        }
    }
}

I think -i need to set an especial interface from where send the netflow packets.

I will read about ir a little bit more.
Any help about it would be preciated.
Leandro.