Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

flow-monitoring (Inline Monitoring Services)

Syntax

Hierarchy Level

Description

Configures optional parameters for flow-based telemetry (FBT) for the EX4400 switch. FBT enables per-flow-level analytics, using inline monitoring services to create flows, collect them, and export them to a collector. A flow is a sequence of packets that have the same source IP, destination IP, source port, destination port, or protocol on an interface. For each flow, various parameters are collected and sent to a collector using the open standard IPFIX template to organize the flow. Once there is no active traffic for a flow, the flow is aged out after the configured inactive-timeout period (flow-inactive-timeout at the [edit services inline-monitoring template template-name] hierarchy level).

Default

Disabled

Options

counter-profile profile-identifier

Specify which counters should be exported to the collector, by selecting one of the pre-defined profile names.

  • Per_flow_6_counters: packet range counter (3 counters), time-to-live (TTL) range counter, TCP window range counter, DoS attack (2 counters)

  • Per_flow_4_counters: flow packet range (packet size 64 to 1500 bytes) counter (1 count), TTL range counter, TCP window range counter, DoS counter

flow-rate kbps burst-size bytes

Specify the meter rate for each flow, in kbps, and configure the maximum number of bytes allowed for incoming packets to burst above the flow meter rate.

Range: 8 to 10000000 kbps (flow-rate); 512 to 256000000 bytes (burst-size)

sampling-profile profile-identifier

Configure one of the following sampling profiles:

  • First_N_Pkt : Sample contains the first N packets of a flow
  • Deterministic: Sample contains every Nth packet of a flow
  • Random:Sample contains randomly chosen packets from a flow
  • Combo1: Sample contains the first N packets of a flow, followed by a random packet at the configured interval
  • Combo2: Sample contains the first N packets of a flow, followed by a Deterministic 1 packet at the configured interval
sampling-rate bytes

Specify the rate at which packets are sampled to create flows, in bytes

Range: 1 to 65535 bytes

security-enable

Enable security analytics; specify that Denial-of-Service (DoS) attacks are reported to the collector.

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 21.1R1.