Configuração do encaminhamento e monitoramento do tráfego
Para configurar opções de encaminhamento e monitoramento de tráfego, inclua declarações no nível de [edit forwarding-options]
hierarquia:
[edit forwarding-options] accounting group-name { output { cflowd [ hostnames ] { aggregation { autonomous-system; destination-prefix; protocol-port; source-destination-prefix { caida-compliant; } source-prefix; } autonomous-system-type (origin | peer); port port-number; version format; } flow-active-timeout seconds; flow-inactive-timeout seconds; interface interface-name { engine-id number; engine-type number; source-address address; } } } enhanced-hash-key { family inet { gtp-tunnel-endpoint-identifier; incoming-interface-index; no-destination-port; no-source-port; type-of-service; } family inet6 { gtp-tunnel-endpoint-identifier; incoming-interface-index; no-destination-port; no-source-port; traffic-class; } family mpls { incoming-interface-index; label-1-exp; no-payload; } family multiservice { incoming-interface-index; no-payload; outer-priority; } services-loadbalancing { family inet layer-3-services { incoming-interface-index; source-address; } } } family family-name { filter { input filter-name; output filter-name; } route-accounting; } flood { input filter-name; } hash-key { family inet { layer-3; layer-4; } family mpls { no-interface-index; label-1; label-2; label-3; no-labels; no-label-1-exp; payload { ether-pseudowire; ip { layer-3-only; port-data { source-msb; source-lsb; destination-msb; destination-lsb; } } } } family multiservice } destination-mac; label-1; label-2; payload { ip { layer-3-only; } } source-mac; } } helpers { bootp { client-response-ttl; description text-description; interface interface-group { client-response-ttl number; description text-description; maximum-hop-count number; minimum-wait-time seconds; no-listen; server address { logical-system logical-system-name <routing-instance [ <default> routing-instance-names ]>; routing-instance [ <default> routing-instance-names ]; } } maximum-hop-count number; minimum-wait-time seconds; relay-agent-option; server [ addresses ]; } domain { description text-description; server < [ routing-instance routing-instance-names ] >; interface interface-name { description text-description; no-listen; server < [ routing-instance routing-instance-names ] >; } } tftp { description text-description; server < [ routing-instance routing-instance-names ] >; interface interface-name { description text-description; no-listen; server < [ routing-instance routing-instance-names ] >; } } traceoptions { file <filename> <files number> <match regular-expression> <size size> <world-readable | no-world readable>; flag flag; level severity-level; no-remote-trace; } } load-balance { indexed-load-balance; per-flow { hash-seed number; } per-prefix { hash-seed number; } } monitoring group-name { family inet { output { cflowd hostname { port port-number; } export-format cflowd-version-5; flow-active-timeout seconds; flow-export-destination { cflowd-collector; } flow-inactive-timeout seconds; interfaceinterface-name { engine-id number; engine-type number; input-interface-index number; output-interface-index number; source-address address; } } } } next-hop-group [ group-names ] { interface interface-name { next-hop [ addresses ]; } } port-mirroring { family (ccc | inet | inet6 | vpls) { output { interface interface-name { next-hop address; } no-filter-check; } input { maximum-packet-length bytes; rate number; run-length number; } } traceoptions { file <filename> <files number> <match regular-expression> <size bytes> <world-readable | no-world-readable>; no-remote-trace; } }
Quando uma rota apontando para mais de um serviço PIC está disponível, e com gateways de camada de aplicativo (ALGs) configurados, você deve sempre configurar a distribuição de tráfego em PICs com base no endereço IP de origem, incluindo a family inet layer-3-services source-address
declaração no nível [edit forwarding-options enhanced-hash-key services-loadbalancing
] de hierarquia para tráfego IPv4 e a family inet6 layer-3-services source-address
declaração no nível de hierarquia [editar opções de encaminhamento aprimoradas com hash-key services-loadbalancing] para tráfego IPv6. Com as ALGs usadas para gerenciar uma relação entre pais e filhos das sessões, tanto as sessões dos pais quanto das crianças devem ser processadas pelo mesmo tipo de serviços PIC.