SRX Services Gateway
SRX Services Gateway

How to monitor Classes of IP address on SRX

‎05-20-2014 11:50 AM

Hi dear,

I'd like to monitor Classes Of IP address on my SRX.

I have 3 network 192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24

these classes of IP passthrough my Box to go on Internet.

Now I'd monitor them to know the bandwidth usage for each of them.

regards.

2 REPLIES 2
SRX Services Gateway

Re: How to monitor Classes of IP address on SRX

‎05-20-2014 07:57 PM

You can create and apply a ff to log and count packets. something like this


set firewall family inet filter chk_internet_usage term network1 from source-address 192.168.1.0/24
set firewall family inet filter chk_internet_usage term network1 then count Network1_Usage
set firewall family inet filter chk_internet_usage term network1 then log
set firewall family inet filter chk_internet_usage term network2 from source-address 192.168.2.0/24
set firewall family inet filter chk_internet_usage term network2 then count Network2_Usage
set firewall family inet filter chk_internet_usage term network2 then log
set firewall family inet filter chk_internet_usage term network3 from source-address 192.168.3.0/24
set firewall family inet filter chk_internet_usage term network3 then count Network3_Usage
set firewall family inet filter chk_internet_usage term network3 then log
set firewall family inet filter chk_internet_usage term accept-all then accept

set ge-0/0/0.0 family inet filter output chk_internet_usage <assuming ge-0/0/0.0 is egress to Internet>
Apply this as an output filter on the external interface going to the the internet.
You could create another to log and count the return packets, but that filter would be far more complex, because you would have specify in details a lot more of exactly what protocols and services you would allow through the interface.

I think you could use the accounting feature with RADIUS but I have no idea how to configure that feature.

[KUDOS PLEASE! If you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]
SRX Services Gateway

Re: How to monitor Classes of IP address on SRX

‎05-23-2014 05:09 AM

You really need to setup an snmp polling server like Nagios or Open NMS to get traffic bandwidth data.

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home