配置流量转发和监控
要配置转发选项和流量监控,请在层次结构级别包含语句 [edit forwarding-options] :
[edit forwarding-options] accounting group-name { output { cflowd [ hostnames ] { aggregation { autonomous-system; destination-prefix; protocol-port; source-destination-prefix { caida-compliant; } source-prefix; } autonomous-system-type (origin | peer); port port-number; version format; } flow-active-timeout seconds; flow-inactive-timeout seconds; interface interface-name { engine-id number; engine-type number; source-address address; } } } enhanced-hash-key { family inet { gtp-tunnel-endpoint-identifier; incoming-interface-index; no-destination-port; no-source-port; type-of-service; } family inet6 { gtp-tunnel-endpoint-identifier; incoming-interface-index; no-destination-port; no-source-port; traffic-class; } family mpls { incoming-interface-index; label-1-exp; no-payload; } family multiservice { incoming-interface-index; no-payload; outer-priority; } services-loadbalancing { family inet layer-3-services { incoming-interface-index; source-address; } } } family family-name { filter { input filter-name; output filter-name; } route-accounting; } flood { input filter-name; } hash-key { family inet { layer-3; layer-4; } family mpls { no-interface-index; label-1; label-2; label-3; no-labels; no-label-1-exp; payload { ether-pseudowire; ip { layer-3-only; port-data { source-msb; source-lsb; destination-msb; destination-lsb; } } } } family multiservice } destination-mac; label-1; label-2; payload { ip { layer-3-only; } } source-mac; } } helpers { bootp { client-response-ttl; description text-description; interface interface-group { client-response-ttl number; description text-description; maximum-hop-count number; minimum-wait-time seconds; no-listen; server address { logical-system logical-system-name <routing-instance [ <default> routing-instance-names ]>; routing-instance [ <default> routing-instance-names ]; } } maximum-hop-count number; minimum-wait-time seconds; relay-agent-option; server [ addresses ]; } domain { description text-description; server < [ routing-instance routing-instance-names ] >; interface interface-name { description text-description; no-listen; server < [ routing-instance routing-instance-names ] >; } } tftp { description text-description; server < [ routing-instance routing-instance-names ] >; interface interface-name { description text-description; no-listen; server < [ routing-instance routing-instance-names ] >; } } traceoptions { file <filename> <files number> <match regular-expression> <size size> <world-readable | no-world readable>; flag flag; level severity-level; no-remote-trace; } } load-balance { indexed-load-balance; per-flow { hash-seed number; } per-prefix { hash-seed number; } } monitoring group-name { family inet { output { cflowd hostname { port port-number; } export-format cflowd-version-5; flow-active-timeout seconds; flow-export-destination { cflowd-collector; } flow-inactive-timeout seconds; interfaceinterface-name { engine-id number; engine-type number; input-interface-index number; output-interface-index number; source-address address; } } } } next-hop-group [ group-names ] { interface interface-name { next-hop [ addresses ]; } } port-mirroring { family (ccc | inet | inet6 | vpls) { output { interface interface-name { next-hop address; } no-filter-check; } input { maximum-packet-length bytes; rate number; run-length number; } } traceoptions { file <filename> <files number> <match regular-expression> <size bytes> <world-readable | no-world-readable>; no-remote-trace; } }
注意:
当指向多个服务 PIC 的路由可用且配置了应用层网关 (ALG) 时,您必须始终根据源 IP 地址配置跨 PIC 的流量分配,方法是将语句包含在 IPv4 流量的 [edit forwarding-options enhanced-hash-key services-loadbalancing] 层次结构级别,并将family inet6 layer-3-services source-address语句包含在 family inet layer-3-services source-address IPv6 流量的 [编辑转发选项增强型哈希键服务负载平衡] 层次结构级别。对于用于管理会话父子关系的 ALG,父会话和子会话必须由相同类型的服务 PIC 处理。