Technical Documentation

Example: Sampling Instance Configuration

You can configure active sampling using a sampling instance and associate that sampling instance to a particular Packet Forwarding Engine. In addition, you can define multiple sampling instances associated with multiple destinations (as many as the number of Packet Forwarding Engines in the chassis), with multiple protocol families per each sampling instance destination. This configuration example shows one sampling instance configured and associated with one Packet Forward Engine. Sampling instance configuration is supported on MX Series, M120, M320, and T Series routers.

Example Network Details

The following example shows the configuration of one sampling instance on an MX480 router running JUNOS Release 9.6.

Figure 1: Active Flow Monitoring—Sampling Instance Configuration Topology Diagram

Image g017433.gif

In Figure 1, packets from Router 1 arrive on the monitoring router's Gigabit Ethernet ge-0/1/0 interface, the packets are sampled by the services interface sp-2/0/0 and sent to the cflowd server by the export interface ge-1/0/4. Normal traffic flow from ge-0/1/0 to ge-1/0/0 and on to Router 2 continues undisturbed during the sampling process. In active flow monitoring, both the input interface and exit interface can be any interface type (such as SONET/SDH, Gigabit Ethernet, and so on).

The sampling configuration for this example includes the following:

  • A sampling instance configured to collect sampling data at the [edit forwarding-options] hierarchy level. The flow-server statement includes the IP address, port, and template of the flow server. The interface statement includes the services interface sp-2/0/0 for flow record processing.
  • The sampling instance associated with the Packet Forwarding Engine using the sampling-instance statement at the [edit chassis fpc slot] hierarchy level.
  • Sampling activated on the input interface ge-0/1/0 using the sampling statement at the [edit interfaces interface-name unit unit-number family family] hierarchy level.

In this example, the ping command is issued on Router 1 to Router 2 via the MX480 router to generate traffic. After the packets are generated, show commands are issued to verify that the sampling configuration is working as expected.

Example Router Configuration

The following output shows the configuration of an MX480 router with a sampling instance.

user@MX480–router> show configuration 
[...Output Truncated...]
}
chassis {
    fpc 0 { # The fpc number is associated with the interface on which sampling is enabled, ge-0/1/0 in this example.
        sampling-instance s0;
    }
}
interfaces {
    ge-0/1/0 { # This interfaces has sampling activated.
        unit 0 {
            family inet {
                sampling { # Here sampling is activated.
                    input;
                }
                address 10.0.0.1/30;
            }
        }
    }
    ge-1/0/0 { # The interface on which packets are exiting the router.
        unit 0 {
            family inet {
                address 20.0.0.1/30;
            }
        }
    }
    ge-1/0/4 { # The interface connected to the cflowd server.
        unit 0 {
            family inet {
                address 2.2.2.1/32;
            }
        }
    }
    sp-2/0/0 { # The service interface that samples the packets.
        unit 0 {
            family inet;
        }
    }
}
forwarding-options {
    sampling {
        instance {
            s0 {
                input {
                    rate 1;
                    run-length 0;
                }
                family inet {
                    output {
                        flow-server 2.2.2.2 { # The address of the external server.
                            port 2055;
                            version9 {
                                template {
                                    v4;
                                }
                            }
                        }
                        interface sp-2/0/0 {
                            source-address 1.1.1.1; # Source address of the sampled packets
                        }
                    }
                }
            }
        }
    }
}

routing-options {
    static {
        route 50.0.0.0/8 next-hop 20.0.0.2;
    }
}
services {
    flow-monitoring {
        version9 {
            template v4 {
                flow-active-timeout 30;
                flow-inactive-timeout 30;
                ipv4-template;
            }
        }
    }
}

Configuration Commands Used for the Configuration Example

The following set commands are used for the configuration of the sampling instance in this example. Replace the values in these commands with values relevant to your own network.

  • set chassis fpc 0 sampling-instance s0
  • set interfaces ge-0/1/0 unit 0 family inet sampling input
  • set interfaces ge-0/1/0 unit 0 family inet address
  • set interfaces ge-1/0/0 unit 0 family inet address
  • set interfaces sp-2/0/0 unit 0 family inet
  • set forwarding-options sampling instance s0 input rate 1
  • set forwarding-options sampling instance s0 input run-length 0
  • set forwarding-options sampling instance s0 family inet output flow-server 2.2.2.2 port 2055
  • set forwarding-options sampling instance s0 family inet output flow-server 2.2.2.2 version9 template v4;
  • set forwarding-options sampling instance s0 family inet output interface sp-2/0/0 source-address 1.1.1.1
  • set routing-options static route 50.0.0.0/8 next-hop 20.0.0.2
  • set services flow-monitoring version9 template v4 flow-active-timeout 30
  • set services flow-monitoring version9 template v4 flow-inactive-timeout 30
  • set services flow-monitoring version9 template v4 ipv4-template

Verifying Your Work

To verify that your configuration is working as expected, use the following commands on the router that is configured with the sampling instance:

  • show services accounting aggregation template template-name template-name
  • show services accounting flow

The following shows the output of the show commands issued on the MX480 router used in this configuration example:

user@MX480–router> show services accounting aggregation template template-name v4
                                  Src   Dst
                                Port/ Port/
Source          Destination      ICMP  ICMP                          Packet
Address         Address          Type  Code  Proto TOS                Count
10.0.0.6        50.0.0.3          100  1000     17   8                   14
10.0.0.5        50.0.0.2          100  1000     17   8                   15
10.0.0.3        50.0.0.3          100  1000     17   8                   15
10.0.0.2        50.0.0.3          100  1000     17   8                   15
10.0.0.4        50.0.0.2          100  1000     17   8                   15
10.0.0.6        50.0.0.2          100  1000     17   8                   15
10.0.0.4        50.0.0.3          100  1000     17   8                   15
10.0.0.2        50.0.0.2          100  1000     17   8                   16
10.0.0.3        50.0.0.2          100  1000     17   8                   15
10.0.0.5        50.0.0.3          100  1000     17   8                   15

user@MX480–router> show services accounting aggregation template template-name v4
                                  Src   Dst
                                Port/ Port/
Source          Destination      ICMP  ICMP                          Packet
Address         Address          Type  Code  Proto TOS                Count
10.0.0.6        50.0.0.3          100  1000     17   8                   16
10.0.0.5        50.0.0.2          100  1000     17   8                   17
10.0.0.3        50.0.0.3          100  1000     17   8                   16
10.0.0.2        50.0.0.3          100  1000     17   8                   16
10.0.0.4        50.0.0.2          100  1000     17   8                   17
10.0.0.6        50.0.0.2          100  1000     17   8                   17
10.0.0.4        50.0.0.3          100  1000     17   8                   16
10.0.0.2        50.0.0.2          100  1000     17   8                   17
10.0.0.3        50.0.0.2          100  1000     17   8                   17
10.0.0.5        50.0.0.3          100  1000     17   8                   16

user@MX480–router> show services accounting flow
  Flow information
    Interface name: sp-2/0/0, Local interface index: 152
    Flow packets: 884, Flow bytes: 56576
    Flow packets 10-second rate: 0, Flow bytes 10-second rate: 628
    Active flows: 10, Total flows: 35
    Flows exported: 75, Flows packets exported: 14
    Flows inactive timed out: 25, Flows active timed out: 75

user@MX480–router> show services accounting flow
  Flow information
    Interface name: sp-2/0/0, Local interface index: 152
    Flow packets: 898, Flow bytes: 57472
    Flow packets 10-second rate: 0, Flow bytes 10-second rate: 628
    Active flows: 10, Total flows: 35
    Flows exported: 75, Flows packets exported: 14
    Flows inactive timed out: 25, Flows active timed out: 75

Published: 2010-04-15