JUNIPER M7i CFLOW Sampling for L2 Vlans

Paolo Lucente pl+list at pmacct.net
Fri Apr 16 18:09:21 UTC 2010


Besides the Juniper specifics on which i do agree.

The fact that NetFlow v5 doesn't carry L2 information doesn't
per-se imply it can't be theorically applied to L2 interfaces
and report on upper layers - making it fair, on a multi-layer
thing. Which is the underlying issue here.

Cheers,
Paolo


On Fri, Apr 16, 2010 at 12:12:12PM -0400, Chris Tracy wrote:
> > It is possible to get cflow working in a L2 way ?
> 
> Hi Giuliano,
> 
> The short answer is, unfortunately, no.
> 
> NetFlow v5 does not have any fields for Layer 2 information: http://netflow.caligare.com/netflow_v5.htm
> 
> Although NetFlow v9 does have such fields, you (a) only get NetFlow v9 functionality on a Juniper if you have a Services PIC installed and (b) are limited by the NetFlow v9 templates that JUNOS implements.  See the section titled "Fields Included in Each Template Type" for a description of each NetFlow v9 template at http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-collections/config-guide-services/services-configuring-flow-aggregation-to-use-version-9-flow-templates.html.
> 
> Juniper supports sFlow (which would give you L2 info) on their EX switches, but not on their routers.  Perhaps when/if IPFIX support comes along, you might be able to get what you are looking for.
> 
> You could use port mirroring or an optical tap with various open-source tools running on a Unix host to do the kind of monitoring you are looking for.
> 
> Cheers,
> -Chris
> 
> 
> On Apr 16, 2010, at 11:52 AM, GIULIANO (UOL) wrote:
> 
> > People,
> > 
> > Good afternoon,
> > 
> > We have a curious situation in a client's environment.
> > 
> > It has a M7i router with 2 IQ2E (4 GE) PICs.
> > 
> > It wants one of its PICs plugged into a L2 switch (802.1Q Trunk Mode)
> > and the another one plugged (via 1 giga of 4 ports only) to another L2
> > switch.
> > 
> > 
> >          M7i
> >        /     \
> >     S1        S2
> > 
> > 
> > Both Giga ports are simpled configured like:
> > 
> > nterfaces {
> >    ge-0/0/0 {
> >        vlan-tagging;
> > 
> > nterfaces {
> >    ge-0/1/0 {
> >        vlan-tagging;
> > 
> > 
> > L2 Trunk Ethernet only without L3 configuration.
> > 
> > It is possible to get flow information about the encapsulated vlans
> > (10,20,30,40, etc) inside the trunk traffic ? ... without configuring ip
> > (4 or 6) or creating vlan interfaces ?
> > 
> > It is possible to get cflow working in a L2 way ?
> > 
> > Does anyone has configured it before using JUNIPER ?   Can you send or
> > point to me some samples of configuration ?
> > 
> > Thanks a lot,
> > 
> > Giuliano
> > 
> > 
> > 
> > 	
> > 
> > 
> 
> --
> Chris Tracy <ctracy at es.net>
> Energy Sciences Network (ESnet)
> Lawrence Berkeley National Laboratory
> 
> 
> 
> 
> 




More information about the NANOG mailing list