 |
Note: You can specify both host (cflowd) sampling and port mirroring in the same configuration; however, only one action takes effect at any one time. Port mirroring takes precedence. For more information, see Configuring Port Mirroring. |
To enable the collection of cflowd version 5 or version 8 flow formats, include the cflowd statement:
-
cflowd hostname {
-
-
aggregation {
- autonomous-system;
- destination-prefix;
- protocol-port;
-
- source-destination-prefix {
- caida-compliant;
- }
- source-prefix;
- }
-
autonomous-system-type (origin | peer);
- (local-dump | no-local-dump);
-
port port-number;
-
version format;
- }
You can include this statement at the following hierarchy levels:
You can also configure cflowd version 5 for flow-monitoring applications by including the cflowd statement at the [edit forwarding-options monitoring name family inet output] hierarchy level:
-
cflowd hostname {
-
port port-number;
- }
The following restrictions apply to cflowd flow formats:
In the cflowd statement, specify the name or identifier of the host that collects the flow aggregates. You must also include the User Datagram Protocol (UDP) port number on the host and the version, which gives the format of the exported cflowd aggregates. To collect cflowd records in a log file before exporting, include the local-dump statement.
|
Note: You can specify both host (cflowd) sampling and port mirroring in the same configuration; however, only one action takes effect at any one time. Port mirroring takes precedence. For more information, see Configuring Port Mirroring. |
For cflowd version 8 only, you can specify aggregation of specific types of traffic by including the aggregation statement. This conserves memory and bandwidth by enabling cflowd to export targeted flows rather than all aggregated traffic. To specify a flow type, include the aggregation statement:
-
aggregation {
- autonomous-system;
- destination-prefix;
- protocol-port;
-
- source-destination-prefix {
- caida-compliant;
- }
- source-prefix;
- }
You can include this statement at the following hierarchy levels:
The autonomous-system statement configures aggregation by the AS number; this statement might require setting the separate cflowd autonomous-system-type statement to include either origin or peer AS numbers. The origin option specifies to use the origin AS of the packet source address in the Source Autonomous System cflowd field. The peer option specifies to use the peer AS through which the packet passed in the Source Autonomous System cflowd field. By default, cflowd exports the origin AS number.
The destination-prefix statement configures aggregation by the destination prefix only.
The protocol-port statement configures aggregation by the protocol and port number; requires setting the separate cflowd port statement.
The source-destination-prefix statement configures aggregation by the source and destination prefix. Version 2.1b1 of CAIDA’s cflowd application does not record source and destination mask length values in compliance with CAIDA’s cflowd Configuration Guide, dated August 30, 1999. If you configure the caida-compliant statement, the JUNOS software complies with Version 2.1b1 of cflowd. If you do not include the caida-compliant statement in the configuration, the JUNOS software records source and destination mask length values in compliance with the cflowd Configuration Guide.
The source-prefix statement configures aggregation by the source prefix only.
Collection of sampled packets in a local ASCII file is not affected by the cflowd statement.
 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |