 |
Note: Another way to configure sp-1/0/0 to generate cflowd records is to use only the sampling configuration, but include a firewall filter sample action instead of a port-mirror action. |
A special situation arises when you configure unit 0 of a services interface (AS or MultiServices PIC) to be the port-mirroring logical interface, as in the following example:
- [edit forwarding-options]
- port-mirroring {
-
- family inet {
-
- input {
- rate 1;
- }
-
- output {
- interface sp-1/0/0.0;
- }
- }
- }
Since any traffic directed to unit 0 on a services interface is targeted for monitoring (cflowd packets are generated for it), the sample port-mirroring configuration indicates that the customer would like to have cflowd records generated for the port-mirrored traffic.
However, generation of cflowd records requires the following additional configuration; if it is missing, the port-mirrored traffic is simply dropped by the services interface without generating any cflowd packets.
- [edit forwarding-options]
- sampling {
-
- input {
-
- family inet {
- rate 1;
- }
- }
-
- output {
-
- cflowd 172.16.28.65 {
- port 1230;
- }
- interface sp-1/0/0 { # If the port-mirrored traffic
requires monitoring, this
-
# interface must be same as that specified in the
- #
port-mirroring configuration.
-
- source-address 3.1.2.3;
- }
- }
|
Note: Another way to configure sp-1/0/0 to generate cflowd records is to use only the sampling configuration, but include a firewall filter sample action instead of a port-mirror action. |
 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |