Junos OS

Hello,

I am having trouble getting flow monitoring to work properly on Juniper MX204. After applying configuration on the router, I can see about 6Mb/s of flow (which is too less) on flow server. It supposes to be Gb/s. I would much appreciate if anyone could help and advise if the following config is correct or not.

set forwarding-options sampling input rate 1024
set forwarding-options sampling instance NFSEN1 input rate 1024
set forwarding-options sampling instance NFSEN1 family inet output flow-server 172.16.1.112 port 2055
set forwarding-options sampling instance NFSEN1 family inet output flow-server 172.16.1.112 version9 template NFSEN1
set forwarding-options sampling instance NFSEN1 family inet output inline-jflow source-address 192.168.1.1

set services flow-monitoring version9 template NFSEN1 ipv4-template
set chassis fpc 0 sampling-instance NFSEN1
set chassis fpc 0 inline-services flow-table-size ipv4-flow-table-size 5

set interfaces et-0/0/0 unit 0 family inet sampling input
set interfaces et-0/0/0 unit 0 family inet sampling output

Also, from Juniper document, they mention as below

NOTE: Monitoring Services PICs, AS PICs, and Multiservices PICs must be mounted on an Enhanced Flexible PIC Concentrator (FPC) in an M Series or T Series router.
Multiservices DPCs installed in Juniper Networks MX Series 5G Universal Routing Platforms support the same functionality, with the exception of the passive monitoring and flow-tap features.

Does this mean Juniper MX  Seriees 5G does not support passive monitoring and flow-tap features?

Thanks,

Hi Seyma,

In this case rate it is configured 1024 which mean 1 out of 1024 packets will be sampled.Rate indicates the sampling rate.

Jflow exports the Flow records to collector. Are you doing high flow scale and the flows are exporting to collector in less rate?

Are you seeing any errors on MX?

• show services accounting status inline-jflow fpc-slot 3
• show services accounting flow inline-jflow fpc-slot 3
• show services accounting errors inline-jflow fpc-slot 3

Regards,
Rahul

Hello Rahul,

Rate 1024 is what I get from our previous router and it was working fine with that value. So you mean if I lower the rate value, more flow would be sent to collector, is that what you suggested?

Here is the output from some show commands

> show services accounting status inline-jflow fpc-slot 0  
  Status information
    FPC Slot: 0
    IPV4 export format: Version9, IPV6 export format: Not set
    VPLS export format: Not set, MPLS export format: Not set
    IPv4 Route Record Count: 725062, IPv6 Route Record Count: 0, MPLS Route Record Count: 0
    Route Record Count: 725062, AS Record Count: 218394
    Route-Records Set: Yes, Config Set: Yes
    Service Status: PFE-0: Steady 
    Using Extended Flow Memory?: PFE-0: No 
    Flex Flow Sizing ENABLED?: PFE-0: No 
    IPv4 MAX FLOW Count: 1831940, IPv6 MAX FLOW Count: 1024
    VPLS MAX FLOW Count: 1024, MPLS MAX FLOW Count: 1024

> show services accounting flow inline-jflow fpc-slot 0  
  Flow information
    FPC Slot: 0
    Flow Packets: 256950401, Flow Bytes: 189918607240
    Active Flows: 36406, Total Flows: 219539779
    Flows Exported: 479584424, Flow Packets Exported: 96384248
    Flows Inactive Timed Out: 105479689, Flows Active Timed Out: 113646563
    Total Flow Insert Count: 105893216

    IPv4 Flows:
    IPv4 Flow Packets: 256950401, IPv4 Flow Bytes: 189918607240
    IPv4 Active Flows: 36406, IPv4 Total Flows: 219539779
    IPv4 Flows Exported: 479584424, IPv4 Flow Packets exported: 96384248
    IPv4 Flows Inactive Timed Out: 105479689, IPv4 Flows Active Timed Out: 113646563
    IPv4 Flow Insert Count: 105893216

> show services accounting errors inline-jflow fpc-slot 0 
  Error information
    FPC Slot: 0
    Flow Creation Failures: 1891898
    Route Record Lookup Failures: 344604, AS Lookup Failures: 344604
    Export Packet Failures: 1024
    Memory Overload: No, Memory Alloc Fail Count: 0

    IPv4:
    IPv4 Flow Creation Failures: 1891898
    IPv4 Route Record Lookup Failures: 344604, IPv4 AS Lookup Failures: 344604
    IPv4 Export Packet Failures: 1024

Is there any missing point you could advise?

Thanks and regards,

 Hi,

That throughput for flow packets is reasonable for that sampling rate.

Normally you adjust the sampling rate depending on the flow appliance license limit. So yes, if your flow analysis platform can handle it then you can make the sampling more aggressive.

So in as much as you want to see more flow packets be aware that if the flow rate license is exceeded then those packets would be aggressively dropped as well.

Regards,

Francis.

Hello,

Please see if this helps https://puck.nether.net/pipermail/juniper-nsp/2019-January/036920.html

HTH

Thx
Alex

Hi Alex,

You have pointed to a link that shows test on an MX960.

Not sure how close MX960 and MX204 are in terms of hardware relevance for jFLOW.

I am also having some issues with flow.

Here is a summary of my hardware:

Hardware inventory:
Item Version Part number Description
Chassis JNP204 [MX204]
Routing Engine 0 BUILTIN RE-S-2X00x6
CB 0 REV 31 750-069579 JNP204 [MX204]
FPC 0 BUILTIN MPC
PIC 0 BUILTIN 4XQSFP28 PIC
PIC 1 BUILTIN 8XSFPP PIC
PEM 0 REV 03 740-070749 AC AFO 650W PSU
PEM 1 REV 03 740-070749 AC AFO 650W PSU
Fan Tray 0 Fan Tray, Front to Back Airflow - AFO
Fan Tray 1 Fan Tray, Front to Back Airflow - AFO
Fan Tray 2 Fan Tray, Front to Back Airflow - AFO

Flow Config:

set chassis fpc 0 inline-services flow-table-size ipv4-flow-table-size 4
set forwarding-options sampling family inet output flow-server 10.1.1.1 port 2056
set forwarding-options sampling family inet output flow-server 10.1.1.1 version 5

However, when I run some show commands, I get the follwoing error:

root@MX204>show services accounting errors inline-jflow fpc-slot 0
error: picinfo: connect failed after 5 retries

ANy ideas on how to go about fixing this issue?

Thanks in advance

CC