JUNIPER M7i CFLOW Sampling for L2 Vlans
People, Good afternoon, We have a curious situation in a client's environment. It has a M7i router with 2 IQ2E (4 GE) PICs. It wants one of its PICs plugged into a L2 switch (802.1Q Trunk Mode) and the another one plugged (via 1 giga of 4 ports only) to another L2 switch. M7i / \ S1 S2 Both Giga ports are simpled configured like: nterfaces { ge-0/0/0 { vlan-tagging; nterfaces { ge-0/1/0 { vlan-tagging; L2 Trunk Ethernet only without L3 configuration. It is possible to get flow information about the encapsulated vlans (10,20,30,40, etc) inside the trunk traffic ? ... without configuring ip (4 or 6) or creating vlan interfaces ? It is possible to get cflow working in a L2 way ? Does anyone has configured it before using JUNIPER ? Can you send or point to me some samples of configuration ? Thanks a lot, Giuliano
It is possible to get cflow working in a L2 way ?
Hi Giuliano, The short answer is, unfortunately, no. NetFlow v5 does not have any fields for Layer 2 information: http://netflow.caligare.com/netflow_v5.htm Although NetFlow v9 does have such fields, you (a) only get NetFlow v9 functionality on a Juniper if you have a Services PIC installed and (b) are limited by the NetFlow v9 templates that JUNOS implements. See the section titled "Fields Included in Each Template Type" for a description of each NetFlow v9 template at http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-co.... Juniper supports sFlow (which would give you L2 info) on their EX switches, but not on their routers. Perhaps when/if IPFIX support comes along, you might be able to get what you are looking for. You could use port mirroring or an optical tap with various open-source tools running on a Unix host to do the kind of monitoring you are looking for. Cheers, -Chris On Apr 16, 2010, at 11:52 AM, GIULIANO (UOL) wrote:
People,
Good afternoon,
We have a curious situation in a client's environment.
It has a M7i router with 2 IQ2E (4 GE) PICs.
It wants one of its PICs plugged into a L2 switch (802.1Q Trunk Mode) and the another one plugged (via 1 giga of 4 ports only) to another L2 switch.
M7i / \ S1 S2
Both Giga ports are simpled configured like:
nterfaces { ge-0/0/0 { vlan-tagging;
nterfaces { ge-0/1/0 { vlan-tagging;
L2 Trunk Ethernet only without L3 configuration.
It is possible to get flow information about the encapsulated vlans (10,20,30,40, etc) inside the trunk traffic ? ... without configuring ip (4 or 6) or creating vlan interfaces ?
It is possible to get cflow working in a L2 way ?
Does anyone has configured it before using JUNIPER ? Can you send or point to me some samples of configuration ?
Thanks a lot,
Giuliano
-- Chris Tracy <ctracy@es.net> Energy Sciences Network (ESnet) Lawrence Berkeley National Laboratory
Besides the Juniper specifics on which i do agree. The fact that NetFlow v5 doesn't carry L2 information doesn't per-se imply it can't be theorically applied to L2 interfaces and report on upper layers - making it fair, on a multi-layer thing. Which is the underlying issue here. Cheers, Paolo On Fri, Apr 16, 2010 at 12:12:12PM -0400, Chris Tracy wrote:
It is possible to get cflow working in a L2 way ?
Hi Giuliano,
The short answer is, unfortunately, no.
NetFlow v5 does not have any fields for Layer 2 information: http://netflow.caligare.com/netflow_v5.htm
Although NetFlow v9 does have such fields, you (a) only get NetFlow v9 functionality on a Juniper if you have a Services PIC installed and (b) are limited by the NetFlow v9 templates that JUNOS implements. See the section titled "Fields Included in Each Template Type" for a description of each NetFlow v9 template at http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-co....
Juniper supports sFlow (which would give you L2 info) on their EX switches, but not on their routers. Perhaps when/if IPFIX support comes along, you might be able to get what you are looking for.
You could use port mirroring or an optical tap with various open-source tools running on a Unix host to do the kind of monitoring you are looking for.
Cheers, -Chris
On Apr 16, 2010, at 11:52 AM, GIULIANO (UOL) wrote:
People,
Good afternoon,
We have a curious situation in a client's environment.
It has a M7i router with 2 IQ2E (4 GE) PICs.
It wants one of its PICs plugged into a L2 switch (802.1Q Trunk Mode) and the another one plugged (via 1 giga of 4 ports only) to another L2 switch.
M7i / \ S1 S2
Both Giga ports are simpled configured like:
nterfaces { ge-0/0/0 { vlan-tagging;
nterfaces { ge-0/1/0 { vlan-tagging;
L2 Trunk Ethernet only without L3 configuration.
It is possible to get flow information about the encapsulated vlans (10,20,30,40, etc) inside the trunk traffic ? ... without configuring ip (4 or 6) or creating vlan interfaces ?
It is possible to get cflow working in a L2 way ?
Does anyone has configured it before using JUNIPER ? Can you send or point to me some samples of configuration ?
Thanks a lot,
Giuliano
-- Chris Tracy <ctracy@es.net> Energy Sciences Network (ESnet) Lawrence Berkeley National Laboratory
participants (3)
-
Chris Tracy
-
GIULIANO (UOL)
-
Paolo Lucente