I'll just leave the solution here in case that anybody else needs it:
Firewall rule:
firewall {
family ethernet-switching {
filter vlan-counters {
interface-specific;
term vlan-14 {
from {
dot1q-tag 14;
}
then {
accept;
count vlan-14;
}
}
term vlan-571 {
from {
dot1q-tag 571;
}
then {
accept;
count vlan-571;
}
}
term vlan-572 {
from {
dot1q-tag 572;
}
then {
accept;
count vlan-572;
}
}
term default {
then accept;
}
}
}
}
Applying it:
set interfaces ae0.0 family ethernet-switching filter input
vlan-counters
set interfaces ae0.0 family ethernet-switching filter output
vlan-counters
Checking the show firewall output:
Filter: vlan-counters-ae1.0-i
Counters:
Name Bytes
Packets
vlan-14-ae1.0-i 7474383
8504
vlan-571-ae1.0-i 0
0
vlan-572-ae1.0-i 0
0
Filter: vlan-counters-ae1.0-o
Counters:
Name Bytes
Packets
vlan-14-ae1.0-o 2651051
4919
vlan-571-ae1.0-o 2057853
14731
vlan-572-ae1.0-o 644
10
Now, SNMP get:
$ snmpget -v2c -cpublic 10.1.2.3
'JUNIPER-FIREWALL-MIB::jnxFWCounterByteCount."vlan-counters-ae1.0-o"."vlan-571-ae1.0-o".counter
JUNIPER-FIREWALL-MIB::jnxFWCounterByteCount."vlan-counters-ae1.0-o"."vlan-571-ae1.0-o".counter
= Counter64: 298848
Thanks Luke Guillory for the solution!
Stanislaw писал 2017-02-22 11:33:
Hi everybody,
Is it possible to obtain switched traffic statistics in a port+vlan
aspect via SNMP on Juniper QFX switches?
For example, Extreme switches have a 'vlan monitor' feature:
configure ports all monitor vlan <vlan_name>
then its counters are available by OID .1.3.6.1.4.1.1916.1.2.8.2.1.8
and .1.3.6.1.4.1.1916.1.2.8.2.1.7
Does anyone know if Juniper has a similar feature?
