[125458] in North American Network Operators' Group
Re: JUNIPER M7i CFLOW Sampling for L2 Vlans
daemon@ATHENA.MIT.EDU (Chris Tracy)
Fri Apr 16 12:12:44 2010
From: Chris Tracy <ctracy@es.net>
In-Reply-To: <4BC887C8.7090709@uol.com.br>
Date: Fri, 16 Apr 2010 12:12:12 -0400
To: giulianocm@uol.com.br
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> It is possible to get cflow working in a L2 way ?
Hi Giuliano,
The short answer is, unfortunately, no.
NetFlow v5 does not have any fields for Layer 2 information: =
http://netflow.caligare.com/netflow_v5.htm
Although NetFlow v9 does have such fields, you (a) only get NetFlow v9 =
functionality on a Juniper if you have a Services PIC installed and (b) =
are limited by the NetFlow v9 templates that JUNOS implements. See the =
section titled "Fields Included in Each Template Type" for a description =
of each NetFlow v9 template at =
http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-=
collections/config-guide-services/services-configuring-flow-aggregation-to=
-use-version-9-flow-templates.html.
Juniper supports sFlow (which would give you L2 info) on their EX =
switches, but not on their routers. Perhaps when/if IPFIX support comes =
along, you might be able to get what you are looking for.
You could use port mirroring or an optical tap with various open-source =
tools running on a Unix host to do the kind of monitoring you are =
looking for.
Cheers,
-Chris
On Apr 16, 2010, at 11:52 AM, GIULIANO (UOL) wrote:
> People,
>=20
> Good afternoon,
>=20
> We have a curious situation in a client's environment.
>=20
> It has a M7i router with 2 IQ2E (4 GE) PICs.
>=20
> It wants one of its PICs plugged into a L2 switch (802.1Q Trunk Mode)
> and the another one plugged (via 1 giga of 4 ports only) to another L2
> switch.
>=20
>=20
> M7i
> / \
> S1 S2
>=20
>=20
> Both Giga ports are simpled configured like:
>=20
> nterfaces {
> ge-0/0/0 {
> vlan-tagging;
>=20
> nterfaces {
> ge-0/1/0 {
> vlan-tagging;
>=20
>=20
> L2 Trunk Ethernet only without L3 configuration.
>=20
> It is possible to get flow information about the encapsulated vlans
> (10,20,30,40, etc) inside the trunk traffic ? ... without configuring =
ip
> (4 or 6) or creating vlan interfaces ?
>=20
> It is possible to get cflow working in a L2 way ?
>=20
> Does anyone has configured it before using JUNIPER ? Can you send or
> point to me some samples of configuration ?
>=20
> Thanks a lot,
>=20
> Giuliano
>=20
>=20
>=20
> =09
>=20
>=20
--
Chris Tracy <ctracy@es.net>
Energy Sciences Network (ESnet)
Lawrence Berkeley National Laboratory
