[Contents][Prev][Next][Index][Report an Error]

Example: Dynamic Flow Capture Configuration

The following example configurations show all the parts of a complete dynamic flow capture configuration.

Configuring the DFC PIC interface:

interfaces dfc-0/0/0 {
unit 0 {
family inet {
address 2.1.0.0/32 { # DFC PIC address
destination 10.36.100.1; # DFC PIC address used by
# the control sources to correspond with
# the monitoring platform
}
}
}
}
unit 1 { # receive data packets on this logical interface
family inet;
}
unit 2 { # send out copies of matched packets on this logical interface
family inet;
}

Configuring the capture group:

services dynamic-flow-capture {
capture-group g1 {
interfaces dfc-0/0/0;
input-packet-rate-threshold 90k;
pic-memory-threshold percentage 80;
control-source cs1 {
source-addresses 10.36.41.1;
service-port 2400;
notification-targets {
10.36.41.1 port 2100;
}
shared-key "$9$ASxdsYoX7wg4aHk";
allowed-destinations cd1;
}
content-destination cd1 {
address 10.36.70.2;
ttl 244;
}
}
}

Configuring filter-based forwarding (FBF) to the DFC PIC interface, logical unit 1:

interfaces so-1/2/0 {
encapsulation ppp;
unit 0 {
passive-monitor-mode;
family inet {
filter {
input catch;
}
}
}
}

For more information about configuring passive monitoring interfaces, see Enabling Passive Flow Monitoring.

Configuring the firewall filter:

firewall {
filter catch {
interface-specific;
term def {
then {
count counter;
routing-instance fbf_inst;
}
}
}
}

Configuring a forwarding routing instance:

routing-instances fbf_inst {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop dfc-0/0/0.1;
}
}
}

This next hop should point specifically to the logical interface corresponding to unit 1, because only this particular logical unit is expected to relay monitored data to the DFC PIC.

Configuring routing table groups:

routing-options {
interface-routes {
rib-group inet common;
}
rib-groups {
common {
import-rib [ inet.0 fbf_inst.inet.0 ];
}
}
forwarding-table {
export pplb;
}
}

Configuring interfaces to the control source and content destination:

interfaces fe-4/1/2 {
description "to cs1 from dfc";
unit 0 {
family inet {
address 10.36.41.2/30;
}
}
}
interfaces ge-7/0/0 {
description "to cd1 from dfc";
unit 0 {
family inet {
address 10.36.70.1/30;
}
}
}
[Contents][Prev][Next][Index][Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.