Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Load Balancing Among Multiple Monitoring Interfaces
The active monitoring application was initially intended for port-mirroring packets on an interface on a normal network router to single or multiple destinations. By port-mirroring these packets to a tunnel interface and using filter-based forwarding on the tunnel interface, port-mirrored packets can be load-balanced across set of interfaces. This method employs existing configuration statements for passive monitoring.
The configuration consists of the following parts; sample values are included for illustration only.
- Firewall filter configuration—Firewall filter PORT-MIRROR-TO-VT
is used to port-mirror the packet to a Tunnel PIC, and filter catch, applied on the virtual tunnel (vt) interface,
is used to send traffic to a filter-based routing instance.[edit firewall]filter PORT-MIRROR-TO-VT {term a {then {port-mirror;accept;}}}filter catch {term def {then {count counter;routing-instance fbf_instance;}}}
For more information about firewall filters, see the Junos Policy Framework Configuration Guide.
- Interface configuration—Apply filter PORT-MIRROR-TO-VT
to the interface on which traffic is to be monitored actively.[edit interfaces]ge-1/3/0 {unit 0 {family inet {filter {input PORT-MIRROR-TO-VT;}address 10.38.0.2/30;}}}vt-3/2/0 {unit 0 {family inet {filter {input catch;}}}}mo-6/1/0 {unit 0 {family inet;}}mo-6/2/0 {unit 0 {family inet;}}mo-6/3/0 {unit 0 {family inet;}}mo-7/1/0 {unit 0 {family inet;}}mo-7/2/0 {unit 0 {family inet;}}mo-7/3/0 {unit 0 {family inet;}}
For more information on configuring interface properties, see the Junos Network Interfaces Configuration Guide.
- Routing instance configuration for filter-based forwarding:[edit routing-instances fbf_instance]instance-type forwarding;routing-options {static {route 0.0.0.0/0 next-hop [ mo-7/1/0.0 mo-7/2/0.0 mo-7/3/0.0 mo-6/3/0.0 mo-6/2/0.0 mo-6/1/0.0 ];}}
For more information on routing instance configuration, see the Junos Routing Protocols Configuration Guide.
- Routing table groups—Configure the routing table
group to resolve the routes installed in the routing instances to
directly connected next hops on the interface:[edit routing-options]interface-routes {rib-group inet common;}rib-groups {common {import-rib [ inet.0 fbf_instance.inet.0 ];}}forwarding-table {export pplb;}
For more information on routing table groups, see the Junos Routing Protocols Configuration Guide.
- Policy for per-packet load balancing:[edit policy-options]policy-statement pplb {then {load-balance per-packet;}}
For more information on routing policy groups, see the Junos Policy Framework Configuration Guide.
- Port mirroring and monitoring groups—Configure the
monitoring services options, and also define hash-based load balancing:[edit forwarding-options]port-mirroring {input {rate 1;}family inet {output {interface vt-3/2/0.0;no-filter-check;}}}monitoring group1 {family inet {output {export-format cflowd-version-5;flow-active-timeout 60;flow-inactive-timeout 15;cflowd 10.36.252.1 port 2055;interface mo-6/1/0.0 {source-address 10.36.252.2;}interface mo-6/2/0.0 {source-address 10.36.252.2;}interface mo-6/3/0.0 {source-address 10.36.252.2;}interface mo-7/1/0.0 {source-address 10.36.252.2;}interface mo-7/2/0.0 {source-address 10.36.252.2;}interface mo-7/3/0.0 {source-address 10.36.252.2;}}}}hash-key {family inet {layer-3;}}
For more information on hash keys, see the Junos Policy Framework Configuration Guide.
