Hi all,
Thanks for supporting.
After the change of flow-table-size we now get to see flows on the GENIEATM
box.
result:
Received Flows/sec: 5126
Flow information
FPC Slot: 0
Flow Packets: 42833914564, Flow Bytes: 37364742189748
Active Flows: 235206, Total Flows: 1015377662
I recently did this on operational/live MX960's on my 100 gig mpls ring with
no problem. ...no service impact, no card reboots.
set chassis fpc 0 inline-services flow-table-size ipv4-flow-table-size 4
I run...
agould@960> show system information
Model: mx960
Family: junos
Junos: 17.4R1-S2.2
Hi,
On 02.01.2019 13:18, sth...@nethelp.no wrote:
From 16.1R1 and up you should also configure the ip flow table sizes
as the default is 1024 entries for v4 if I'm not mistaken. Not sure if
this is your current issue but is something to consider as well. Also
check flex-flow-sizing as an
Hi,
On 02.01.2019 11:49, Saku Ytti wrote:
Trio does IPFIX in HW, it can inspect each and every packet with no
different cost. So if your flow table can survive it, do 1:1 and get
more visibility.
AFAIK not all Trio Generations and variants are able to do 1:1 at Line Rate.
IIRC MPC5E and newer
> From 16.1R1 and up you should also configure the ip flow table sizes
> as the default is 1024 entries for v4 if I'm not mistaken. Not sure if
> this is your current issue but is something to consider as well. Also
> check flex-flow-sizing as an option.
Note that changing the flow table sizes
>From 16.1R1 and up you should also configure the ip flow table sizes
as the default is 1024 entries for v4 if I'm not mistaken. Not sure if
this is your current issue but is something to consider as well. Also
check flex-flow-sizing as an option.
Luis
On Wed, Jan 2, 2019 at 7:51 AM A. Camci
> see the config:
>
> set services flow-monitoring version-ipfix template ipv4 ipv4-template
> set services flow-monitoring version-ipfix template ipv6 ipv6-template
We have a bit more, e.g.
template ipv4 {
flow-active-timeout 60;
flow-inactive-timeout 15;
On Wed, 2 Jan 2019 at 12:32, Dave Bell wrote:
> Netflow/Jflow/IPFIX does not sample packets. It samples flows. A flow is
> (could be?) made up of many packets.
Everyone probably means the same thing here, but the way you are
saying it, is very confusing to me.
Sampling means we do not look at
you're right, but that's what I meant.
Op wo 2 jan. 2019 om 11:29 schreef Dave Bell :
> i want samples of a every 128 packets
>>
>
> Netflow/Jflow/IPFIX does not sample packets. It samples flows. A flow is
> (could be?) made up of many packets.
>
>
>
> i want samples of a every 128 packets
>
Netflow/Jflow/IPFIX does not sample packets. It samples flows. A flow is
(could be?) made up of many packets.
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
This sets a sampling rate of 128:1. Is that intentional?
yes.
i want samples of a every 128 packets
i have also tried with 100 and 512 but still same output.
Op wo 2 jan. 2019 om 11:16 schreef Dave Bell :
> set forwarding-options sampling instance inline input rate 128
>
> This sets a
set forwarding-options sampling instance inline input rate 128
This sets a sampling rate of 128:1. Is that intentional?
Dave
On Wed, 2 Jan 2019 at 10:08, A. Camci wrote:
> Hi Steinar,
>
> see the config:
>
> set services flow-monitoring version-ipfix template ipv4 ipv4-template
> set services
Hi Steinar,
see the config:
set services flow-monitoring version-ipfix template ipv4 ipv4-template
set services flow-monitoring version-ipfix template ipv6 ipv6-template
set forwarding-options sampling instance inline input rate 128
set forwarding-options sampling instance inline family inet
> Does anyone have experience with GENIEATM ( 6.3.2 ) and Juniper MX480 MPCE
> Type 2 3D ( 16.1R4-S3.6).
> recently we use the inline-jflow monitoring.
>
> it works but we receive too little sampling.
> expect a 10k of sampling per second instead of 100 samples
We have quite a bit of experience
Hi all,
Does anyone have experience with GENIEATM ( 6.3.2 ) and Juniper MX480 MPCE
Type 2 3D ( 16.1R4-S3.6).
recently we use the inline-jflow monitoring.
it works but we receive too little sampling.
expect a 10k of sampling per second instead of 100 samples
Border Router:
Flow information
SRRD mem size should be related to the route table size, from what I
understood...
On an MX480 in 16.1R with DFZ in VRF:
> show system processes extensive | match srrd
5174 root 1 200 1220M 509M select 3 30:36 0.00% srrd
Not sure an MX104 is the best gear to run DFZ +
Hi All,
I’m trying to do inline jflow on my mx-104s, and the inline part is working
fine. But it seems to use a lot of memory, to the extent that i think it’s
leaking. I’d encountered PR1180158 when running 15.1R6, so I’m trying it on one
router with 17.4R1-16 I’m not seeing the route delete
We turned this up this morning with no service hits and flows are
exporting correctly;
- MX480 Virtual-Chassis
- Enabled on member 1 / FPC 0
- Junos 14.1
:)
Scott H.
On 9/11/14, 7:00 PM, Hugo Slabbert wrote:
Forgot to note: we were running 11.4R7.5 on both that MX480 and MX5,
in case that's
Hey guys,
Quick question, if we setup inline jflow on a MX480 and do not adjust
the hash table sizes, will the FPC still restart?*
Specifically the config change would look like this ( MX480 VC, member
1, FPC 0(VC FPC 12) would be put into this but not member 0 ):
[edit chassis]
+
Thanks for all the input guys, we're going to give this a go early
tomorrow morning. We're running 14.1, I'll report back my findings for
reference.
Scott H.
On 9/11/14, 5:59 PM, Hugo Slabbert wrote:
We did not get a hit on enabling inline sampling with a config very
similar yours, though
Hi Scott,
Without taking a look at the implementation guides I can't answer this with
100% certainty, however look for PRs before deploying inline-jflow as it's
bitten a fair few people.
We're currently waiting for the next release of Junos to resolve a jflow
issue / issues.
Cheers,
Graham
Thank you guys
Phil , I originally configured the rate to 1000 , So i believe that's not
the problem .
Saku Thanks for your reply , I saw the PR , and the workaround is
problematic , because the router where the sampling configured is Edge
router , and off course it has ecmp toward the collector
On (2013-12-14 21:25 +0200), moki wrote:
Do you think of any other original way to avoid the problem ?
I don't think so. Get rid of ECMP or upgrade.
--
++ytti
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
On Dec 8, 2013, at 1:09 PM, moki vom...@gmail.com wrote:
when i execute the command
show services accounting flow inline-jflow fpc-slot 0
The counters don't grow
Flow information
FPC Slot: 0
Flow Packets: 9811498, Flow Bytes: 7364152991
Active Flows: 4294967295, Total Flows:
Do you have ECMP or LFA towards collector? And are you running earlier than
11.4R6, 12.1R4 or 12.2R2? If so, you might be hitting PR805061
Try 'show jnh 0 sample-inline statistics ipv4' in PFE
Do you see 'Flow insert Policer Drops' incrementing?
On 8 December 2013 20:09, moki vom...@gmail.com
Hello guys
I have a problem with inline jflow I configured everything by the book .
The router exported netflow information for about 20 minutes , and
afterwards it stopped .
Here is the configuration :
fpc 0 {
sampling-instance sample-ins1;
inline-services {
flow-table-size {
On Friday, July 05, 2013 11:28:25 PM david@orange.com
wrote:
I tested RPKI on a beta 12.2 and found a major bug but
now fixed. 12.3 works fine for us since 2 months. But,
of course without nsr ;-)
Good to hear. It's early days so not too bad.
Roll-out of RPKI is likely to be
On Monday, July 01, 2013 05:02:33 PM Mark Tinka wrote:
The only reason I'd venture into 12.3 or 13 is if the
hardware requires it.
On second thought, we want RPKI support, and that is 12.2
minimum.
Mark.
signature.asc
Description: This is a digitally signed message part.
I tested RPKI on a beta 12.2 and found a major bug but now fixed. 12.3 works
fine for us since 2 months. But, of course without nsr ;-)
David
Envoyé depuis mon Samsung Galaxy Ace d'Orange
Mark Tinka mark.ti...@seacom.mu a écrit :
On Monday, July 01, 2013 05:02:33 PM Mark Tinka wrote:
The
Has anyone else been brave enough to try 12.3 yet to see what the damage is? =)
From: Richard Hesse [mailto:richard.he...@weebly.com]
Sent: Friday, June 28, 2013 5:52 PM
To: Gabriel Blanchard
Cc: Drew Weaver; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Inline jflow AS Lookup Failures
Did
On Monday, July 01, 2013 04:24:37 PM Drew Weaver wrote:
Has anyone else been brave enough to try 12.3 yet to see
what the damage is? =)
Still on 11.4 here.
The only reason I'd venture into 12.3 or 13 is if the
hardware requires it.
We're looking to get some new Juniper kit next year, so
is? =)
From: Richard Hesse [mailto:richard.he...@weebly.comhttp://weebly.com]
Sent: Friday, June 28, 2013 5:52 PM
To: Gabriel Blanchard
Cc: Drew Weaver; juniper-nsp@puck.nether.netmailto:juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Inline jflow AS Lookup Failures
Did you report the crash to Juniper? What
-nsp@puck.nether.net
Subject: Re: [j-nsp] Inline jflow AS Lookup Failures
It's fixed in JunOS 12.3R3 and 13.2R1. It's in PR#820988, but that isn't
ready for the public yet.
-richard
On Fri, Jun 28, 2013 at 5:08 PM, Richard Hesse
richard.he...@weebly.commailto:richard.he
Howdy,
I am wondering if anyone has figured out any way to get inline jflow to send
proper dstas/srcas on routers with full tables?
I'm seeing a lot of these incrementing (snipped output):
show services accounting errors inline-jflow
Route Record Lookup Failures: 5415, AS Lookup Failures:
It's totally useless right now. I have a support case open with Juniper on
this. I'll post back to the list if we make any headway.
-richard
On Fri, Jun 28, 2013 at 9:51 AM, Drew Weaver drew.wea...@thenap.com wrote:
Howdy,
I am wondering if anyone has figured out any way to get inline jflow
It's fixed in JunOS 12.3R3 and 13.2R1. It's in PR#820988, but that isn't
ready for the public yet.
-richard
On Fri, Jun 28, 2013 at 5:08 PM, Richard Hesse richard.he...@weebly.comwrote:
It's totally useless right now. I have a support case open with Juniper on
this. I'll post back to the
How much of a disaster (vs 11.4) are we guessing that 12.3R3 is going to be?
From: Richard Hesse [mailto:richard.he...@weebly.com]
Sent: Friday, June 28, 2013 2:58 PM
To: Drew Weaver
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Inline jflow AS Lookup Failures
It's fixed in JunOS 12.3R3
: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Inline jflow AS Lookup Failures
It's fixed in JunOS 12.3R3 and 13.2R1. It's in PR#820988, but that isn't
ready for the public yet.
-richard
On Fri, Jun 28, 2013 at 5:08 PM, Richard Hesse
richard.he...@weebly.commailto:richard.he
guessing that 12.3R3 is going to
be?
From: Richard Hesse [mailto:richard.he...@weebly.com]
Sent: Friday, June 28, 2013 2:58 PM
To: Drew Weaver
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Inline jflow AS Lookup Failures
It's fixed in JunOS 12.3R3 and 13.2R1. It's in PR
Hello guys
I already saw some emails regarding inline jflow issue but i will try anyway
I have the following configuration at my edge router :
set chassis fpc 0 sampling-instance sample-ins1
set chassis fpc 0 inline-services flow-table-size ipv4-flow-table-size 3
set chassis fpc 0
Hi,
On Tue, Nov 20, 2012 at 04:54:23PM +0100, Sebastian Wiesinger wrote:
3) The test collector is reporting missed flows. I'm not sure if that
is a problem with the collector or if I'm really missing flows.
Anyone else had this problem?
It can be something else but i'm generically not
* Paolo Lucente pl+l...@pmacct.net [2012-11-22 18:24]:
3) The test collector is reporting missed flows. I'm not sure if that
is a problem with the collector or if I'm really missing flows.
Anyone else had this problem?
It can be something else but i'm generically not surprised on
Hello,
we're just setting up inline-jflow on MX Trio chipsets and I'm seeing
a few odd things:
1) Why is inline-jflow sending so many packets instead of putting more
then one flow in one udp packet? Every ~5 seconds I get a LOT of UDP
packets at the same time, many of them only containing
On (2012-11-20 16:54 +0100), Sebastian Wiesinger wrote:
Just started with IPFIX export on two nodes this monday.
2) In Douglas Hanks Juniper MX Series book it is noted that the
sampling rate for inline jflow must always be 1 (other rates are
not valid). Still it seems to work with rate
Thank you Graham,
I suspected that this is the case ...
Is there another way to overcome this problem ?
Because our netflow server connected to OOB management network which is
routed only via Fxp interface ...
On Thu, Sep 6, 2012 at 6:55 PM, Graham Brown
juniper-...@grahambrown.infowrote:
Hi
Hi Moki,
No worries; this is the exact challenge that faced my customer. Their
server was on the management subnet which was only connected to the routers
via the management interfaces. I'm not sure what they did to resolve it; I
would presume that they moved the server.
Sorry that I don't have
Actually I thought of something
I have another router which is connected to the MPC on the problematic
router . I will configure the source interface address with this interface
on the MPC and configure static route toward specific destination of the
flow server to this another router which has
To: Graham Brown
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] inline-jflow
Actually I thought of something
I have another router which is connected to the MPC on the problematic
router . I will configure the source interface address with this interface
on the MPC and configure static route toward
Hi Moki,
The export of flow data is not supported via an fxp interface. The fxp0
interface does not have the hardware capabilities to handle this kind of
operation.
I had a similar customer query a while back; they could configure the
export of flows via the fxp interface, however it never
Using fxp0 for inline-jflow has been disabled since 10.2; you need to use
a revenue port as the egress.
On 9/6/12 5:05 AM, moki vom...@gmail.com wrote:
Hello
Does anyone know if inline-jflow support to send traffic via fxp
interface.
I tried to configure inline-jflow with the configuration
* dha...@juniper.net (Doug Hanks) [Thu 06 Sep 2012, 18:58 CEST]:
Using fxp0 for inline-jflow has been disabled since 10.2; you need
to use a revenue port as the egress.
Or what engineers call a non-management port
-- Niels.
--
___
51 matches
Mail list logo
