Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring Passive Flow Monitoring

Table 1 shows which Juniper Networks PICs and routers support passive flow monitoring. The PICs receive passively monitored network traffic from an input interface (SONET/SDH, ATM2 IQ, Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet), convert the received packets into flow records, and export them to a flow server for further analysis.

Table 1: Passive Flow Monitoring PIC Support

PIC Type

M40e

M160

T Series/M320

Monitoring Services PIC

Yes

Yes

No

Monitoring Services II PIC

Yes

Yes

Yes

Monitoring Services III PIC

Yes

Yes

Yes

MultiServices 400 PIC (Type 2)

Yes

No

Yes

The key configuration hierarchy statement for passive flow monitoring is the monitoring statement found at the [edit forwarding-options] hierarchy level. At minimum, you must configure a VRF routing instance to direct the traffic to a monitoring services interface for flow processing.

However, there are several options you can use that add complexity to passive flow monitoring. For example, you can configure the router to direct traffic into a routing instance and deliver the traffic into a monitoring group. You can also use port mirroring and filter-based forwarding to copy and redirect traffic. Optionally, you can configure the monitoring station to encrypt flow output before it is sent to a flow server for processing, to send flow records to a flow collector, or to process on-demand monitoring requests with dynamic flow capture.