Routing
Routing

inline JFlow two Sampling instances

‎04-16-2015 11:33 AM

All,

 

I want to have two inline Jflow sampling instances on an MX-2020, I thought it should be possible to configure this, eventually I have the option two send both sampling instances towards different collectors.

 

 

Whith commiting the config I get the below error:

 

[edit chassis fpc 0]
'sampling-instance'
number of elements exceeds limit of 1
error: configuration check-out failed: (number of elements exceeds limit)

 

anyone else having an idea how to achieve this ? Or telling me that I can achieve this in an other way (My ideas are bit dryed out )

 

Config below.

[edit chassis fpc 0]

  'sampling-instance'

    number of elements exceeds limit of 1

error: configuration check-out failed: (number of elements exceeds limit)

 

[edit chassis]

+   fpc 0 {

+       sampling-instance Test1;

+       sampling-instance Test2;

+   }

[edit services]

+   flow-monitoring {

+       version-ipfix {

+           template ipv4 {

+               flow-active-timeout 30;

+               flow-inactive-timeout 30;

+               option-refresh-rate {

+                   packets 1000;

+                   seconds 10;

+               }

+               ipv4-template;

+           }

+       }

+   }

[edit]

+  forwarding-options {

+      sampling {

+          instance {

+              Test1 {

+                  input {

+                      rate 1000;

+                  }

+                  family inet {

+                      output {

+                          flow-server 10.134.13.9 {

+                              port 9995;

+                              version-ipfix {

+                                  template {

+                                      ipv4;

+                                  }

+                              }

+                          }

+                          inline-jflow {

+                              source-address 10.10.10.13;

+                          }

+                      }

+                  }

+              }

+              Test2 {

+                  input {

+                      rate 1;

+                  }

+                  family inet {

+                      output {

+                          flow-server 10.134.13.10 {

+                              port 9995;

+                              version-ipfix {

+                                  template {

+                                      ipv4;

+                                  }

+                              }

+                          }

+                          inline-jflow {

+                              source-address 10.10.10.30;

+                          }

+                      }

+                  }

+              }

+          }

+      }

+  }

Marc



-----------------------------------------------------------------
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too
-----------------------------------------------------------------
2 REPLIES 2
Routing

Re: inline JFlow two Sampling instances

‎04-18-2015 10:35 AM

Hello,

 

If Your idea is to sample identically same trafic but to replicate jflow packets towards 2 different collectors, then this is the rough algorithm:

1/ configure sampling as usual

2/ grab jflow packets with forwarding-table filter and port-mirror them into lt- interface pair

3/ after port-mirroring, send each original jflow packet along its way to the 1st flow collector

4/ after port-mirroring, inline-dst-NAT each copy of jflow packet using interface-style inline dst NAT on the "far" end' LT unit

5/ to make Your life easier, use LT with "encapsulation frame-relay" and martian addressing as below:

interfaces {
    lt-0/0/0 {
        unit 100 {
            encapsulation frame-relay;
            dlci 100;
            peer-unit 101;
            family inet {
                address 127.0.0.5/30;
            }
        }
        unit 101 {
            encapsulation frame-relay;
            dlci 100;
            peer-unit 100;
            family inet {
                service {
                    input {
                        service-set syslog_static_dnat_svc_set;
                    }
                    output {
                        service-set syslog_static_dnat_svc_set;
                    }
                }
            }
        }
    }

 The unit 101 does not need IP address at all, unit 100 only needs it to route port-mirrored packets into :

 

forwarding-options {
    port-mirroring {
        input {
            rate 1;
            run-length 0;
        }
        family inet {
            output {
                interface lt-0/0/0.100 {
                    next-hop 127.0.0.6;
                }
                no-filter-check;
            }
        }
    }

 

The similar config has been working fine in production since 2014.

You need a license to do inline NAT though.

HTH

Thanks

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Routing

Re: inline JFlow two Sampling instances

‎04-18-2015 02:10 PM

Hi,

 

Thanks! That could be it. I will give it a try in the lab to see if this is what "the customer" wants :-)

 

 

Marc



-----------------------------------------------------------------
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too
-----------------------------------------------------------------