[an error occurred while processing this directive][an error occurred while processing this directive]

Example: Configuring Dynamic Flow Capture

The following example includes all parts of a complete dynamic flow capture configuration.

Configure the DFC PIC interface:

interfaces dfc-0/0/0 {unit 0 {family inet {address { # DFC PIC addressdestination; # DFC PIC address used by# the control sources to correspond with# the monitoring platform}}}}unit 1 { # receive data packets on this logical interfacefamily inet;}unit 2 { # send out copies of matched packets on this logical interfacefamily inet;}

Configure the capture group:

services dynamic-flow-capture {capture-group g1 {interfaces dfc-0/0/0;input-packet-rate-threshold 90k;pic-memory-threshold percentage 80;control-source cs1 {source-addresses;service-port 2400;notification-targets { port 2100;}shared-key "$9$ASxdsYoX7wg4aHk";allowed-destinations cd1;}content-destination cd1 {address;ttl 244;}}}

Configur3 filter-based forwarding (FBF) to the DFC PIC interface, logical unit 1.

For more information about configuring passive monitoring interfaces, see Enabling Passive Flow Monitoring.

interfaces so-1/2/0 {encapsulation ppp;unit 0 {passive-monitor-mode;family inet {filter {input catch;}}}}

Configure the firewall filter:

firewall {filter catch {interface-specific;term def {then {count counter;routing-instance fbf_inst;}}}}

Configure a forwarding routing instance. The next hop points specifically to the logical interface corresponding to unit 1, because only this particular logical unit is expected to relay monitored data to the DFC PIC.

routing-instances fbf_inst {instance-type forwarding;routing-options {static {route next-hop dfc-0/0/0.1;}}}

Configure routing table groups:

[edit]routing-options {interface-routes {rib-group inet common;}rib-groups {common {import-rib [ inet.0 fbf_inst.inet.0 ];}}forwarding-table {export pplb;}}

Configure interfaces to the control source and content destination:

interfaces fe-4/1/2 {description "to cs1 from dfc";unit 0 {family inet {address;}}}interfaces ge-7/0/0 {description "to cd1 from dfc";unit 0 {family inet {address;}}}

Published: 2010-04-28

[an error occurred while processing this directive]