Configuring flow monitoring
- Create a flow-monitoring exporter and specify the IP address and UDP port of the NetFlow collector.
user@system# set service flow-monitoring exporter foo udp-collector address 192.168.122.200 user@system# set service flow-monitoring exporter foo udp-collector port 9995 - Create a packet selector named
fooand specify a sampling size of 10 packets.The sampling rate in this case is 1:10, which means that the router randomly selects one packet from every 10 packets that flow through any data plane interface with which the selector is associated.user@system# set service flow-monitoring selector foo randomly out-of 10 - Create a packet aggregator named
fooand specify an expiration time of 1,800 seconds for active flows and 15 seconds for inactive flows.user@system# set service flow-monitoring aggregator foo expiration inactive-timeout 15 user@system# set service flow-monitoring aggregator foo expiration active-timeout 1800 - Connect the aggregator to the exporter.
user@system# set service flow-monitoring aggregator foo next exporter foo - Configure the aggregation rule for the
fooaggregator.user@system# set service flow-monitoring aggregator foo rule key destinationIPv4Address user@system# set service flow-monitoring aggregator foo rule key destinationTransportPort user@system# set service flow-monitoring aggregator foo rule key ipClassOfService user@system# set service flow-monitoring aggregator foo rule key protocolIdentifier user@system# set service flow-monitoring aggregator foo rule key sourceIPv4Address user@system# set service flow-monitoring aggregator foo rule key sourceTransportPort user@system# set service flow-monitoring aggregator foo rule non-key bgpDestinationAsNumber user@system# set service flow-monitoring aggregator foo rule non-key bgpSourceAsNumber user@system# set service flow-monitoring aggregator foo rule non-key destinationIPv4PrefixLength user@system# set service flow-monitoring aggregator foo rule non-key egressInterface user@system# set service flow-monitoring aggregator foo rule non-key flowEndMilliseconds user@system# set service flow-monitoring aggregator foo rule non-key flowStartMilliseconds user@system# set service flow-monitoring aggregator foo rule non-key ipNextHopIPv4Address user@system# set service flow-monitoring aggregator foo rule non-key octetDeltaCount user@system# set service flow-monitoring aggregator foo rule non-key packetDeltaCount user@system# set service flow-monitoring aggregator foo rule non-key sourceIPv4PrefixLength user@system# set service flow-monitoring aggregator foo rule non-key tcpControlBits - Apply the
fooselector andfooaggregator to thedp0s7data plane interface.user@system# set interfaces dataplane dp0s7 flow-monitoring selector foo user@system# set interfaces dataplane dp0s7 flow-monitoring aggregator foo - Commit the configuration.
user@system# commit - Verify the configuration.
user@system# show interfaces interfaces { dataplane dp0s7 { address 10.10.1.1/24 flow-monitoring { aggregator foo selector foo } } } user@system# show service service { flow-monitoring { aggregator foo { expiration { active-timeout 1800 inactive-timeout 15 } next { exporter foo } rule { key destinationIPv4Address key destinationTransportPort key ipClassOfService key protocolIdentifier key sourceIPv4Address key sourceTransportPort non-key bgpDestinationAsNumber non-key bgpSourceAsNumber non-key destinationIPv4PrefixLength non-key egressInterface non-key flowEndMilliseconds non-key flowStartMilliseconds non-key ipNextHopIPv4Address non-key octetDeltaCount non-key packetDeltaCount non-key sourceIPv4PrefixLength non-key tcpControlBits } } exporter foo { udp-collector { address 192.168.122.200 port 9995 } } selector foo { randomly { out-of 10 } } } } - Exit the configuration mode.
user@system# exit - Show exporter statistics.
user@system:~$ show flow-monitoring dataplane statistics: interface dp0s7: monitor default: application-id: disabled packets observed: 364 samples lost: 0 samples taken: 37 dataplane 0: flow data allocated: 0 reports sent: 37 samples dropped: 0 interface collector statistics: interface dp0s7: records received: 37 aggregator statistics: aggregator foo: flows in cache: 3 expired flows: 15 exporter statistics: exporter foo: samples exported: 30 flows exported: 15 flow packets sent: 8Note: If a data plane interface fails to gather samples because of resource constraints, show flow-monitoring displays the number of lost samples in the samples lost field (under the samples taken field) in the output.