Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
- Monitoring, Sampling, and Collection Services Interfaces User Guide - TechLibrary - Juniper Networks
- Flow Monitoring and Flow Collection Services
- Understanding Flow Monitoring
- Monitoring Traffic Using Active Flow Monitoring
- Configuring Active Flow Monitoring
- Active Flow Monitoring System Requirements
- Active Flow Monitoring Applications
- Active Flow Monitoring PIC Specifications
- Active Flow Monitoring Overview
- Active Flow Monitoring Overview
- Example: Configuring Active Monitoring on an M, MX or T Series Router’s Logical System
- Example: Configuring Flow Monitoring on an MX Series Router with MS-MIC and MS-MPC
- Configuring Services Interface Redundancy with Flow Monitoring
- Configuring Inline Active Flow Monitoring Using Routers, Switches or NFX250
- Configuring Flow Offloading on MX Series Routers
- Configuring Active Flow Monitoring on PTX Series Packet Transport Routers
- Configuring Actively Monitored Interfaces on M, MX and T Series Routers
- Collecting Flow Records
- Configuring M, MX and T Series Routers for Discard Accounting with an Accounting Group
- Configuring M, MX and T Series Routers for Discard Accounting with a Sampling Group
- Configuring M, MX and T Series Routers for Discard Accounting with a Template
- Defining a Firewall Filter on M, MX and T Series Routers to Select Traffic for Active Flow Monitoring
- Processing IPv4 traffic on an M, MX or T Series Router Using Monitoring services, Adaptive services or Multiservices Interfaces
- Replicating M, MX and T Series Routing Engine-Based Sampling to Multiple Flow Servers
- Replicating Version 9 Flow Aggregation From M, MX and T Series Routers to Multiple Flow Servers
- Configuring Routing Engine-Based Sampling on M, MX and T Series Routers for Export to Multiple Flow Servers
- Example: Copying Traffic to a PIC While an M, MX or T Series Router Forwards the Packet to the Original Destination
- Configuring an Aggregate Export Timer on M, MX and T Series Routers for Version 8 Records
- Example: Sampling Configuration for M, MX and T Series Routers
- Associating Sampling Instances for Active Flow Monitoring with a Specific FPC, MPC, or DPC
- Example: Sampling Instance Configuration
- Example: Sampling and Discard Accounting Configuration on M, MX and T Series Routers
- Monitoring Traffic Using Passive Flow Monitoring
- Passive Flow Monitoring Overview
- Passive Flow Monitoring System Requirements for T Series, M Series and MX Series Routers
- Passive Flow Monitoring Router and Software Considerations for T Series, M Series and MX Series Routers
- Understanding Passive Flow Monitoring on T Series, M Series and MX Series Routers
- Enabling Passive Flow Monitoring on M Series, MX Series or T Series Routers
- Configuring Passive Flow Monitoring
- Example: Passive Flow Monitoring Configuration on M, MX and T Series Routers
- Configuring a Routing Table Group on an M, MX or T Series Router to Add Interface Routes into the Forwarding Instance
- Using IPSec and an ES PIC on an M, MX or T Series Router to Send Encrypted Traffic to a Packet Analyzer
- Applying a Firewall Filter Output Interface on an M, MX or T Series Router to Port-mirror Traffic to PICs or Flow Collection Services
- Monitoring Traffic on a Router with a VRF Instance and a Monitoring Group
- Specifying a Firewall Filter on an M, MX or T Series Router to Select Traffic to Monitor
- Configuring Input Interfaces, Monitoring Services Interfaces and Export Interfaces on M, MX or T Series Routers
- Establishing a VRF Instance on an M, MX or T Series Router for Monitored Traffic
- Configuring a Monitoring Group on an M, MX or T Series Router to Send Traffic to the Flow Server
- Configuring Policy Options on M, MX or T Series Routers
- Stripping MPLS Labels on ATM, Ethernet-Based and SONET/SDH Router Interfaces
- Using an M, MX or T Series Router Flow Collector Interface to Process and Export Multiple Flow Records
- Example: Configuring a Flow Collector Interface on an M, MX or T Series Router
- Processing and Exporting Multiple Records Using Flow Collection
- Logging Flow Monitoring Records with Version 9 and IPFIX Templates for NAT Events
- Understanding NAT Event Logging in Flow Monitoring Format on an MX Series Router or NFX250
- Configuring Log Generation of NAT Events in Flow Monitoring Record Format on an MX Series Router or NFX250
- Exporting Syslog Messages to an External Host Without Flow Monitoring Formats Using an MX Series Router or NFX250
- Exporting Version 9 Flow Data Records to a Log Collector Overview Using an MX Series Router or NFX250
- Understanding Exporting IPFIX Flow Data Records to a Log Collector Using an MX Series Router or NFX250
- Mapping Between Field Values for Version 9 Flow Templates and Logs Exported From an MX-Series Router or NFX250
- Mapping Between Field Values for IPFIX Flow Templates and Logs Exported From an MX Series Router or NFX250
- Monitoring NAT Events on MX Series Routers by Logging NAT Operations in Flow Template Formats
- Example: Configuring Logs in Flow Monitoring Format for NAT Events on MX Series Routers for Troubleshooting
- Flow Capture Services
- Dynamically Capturing Packet Flows Using Junos Capture Vision
- Detecting Threats and Intercepting Flows Using Junos Packet Vision
- Understanding Junos Packet Vision
- Configuring Junos Packet Vision on MX, M and T Series Routers
- Examples: Configuring Junos Packet Vision on M, T, and MX Series Routers
- Sending Packets to a Mediation Device on MX, M and T Series Routers
- Example: Configuring IPv6 Support for FlowTapLite on an M120 Router With Enhanced III FPCs
- Using Flow-Tap to Monitor Packet Flow
- Understanding Flow-Tap Architecture
- Configuring a Flow-Tap Interface on MX, M and T Series Routers
- Configuring Flow-Tap Security Properties on MX, M and T Series Routers
- Flow-Tap Application Restrictions
- Example: Flow-Tap Configuration on T and M Series Routers
- Configuring FlowTapLite on MX Series Routers and M320 Routers with FPCs
- Inline Monitoring Services
- Configuring Inline Monitoring Services
- Sampling and Discard Accounting Services
- Sampling Data Using Traffic Sampling and Discard Accounting
- Sampling Data Using Inline Sampling
- Understanding Inline Active Flow Monitoring
- Configuring Inline Active Flow Monitoring Using Routers, Switches or NFX250
- Configuring Inline Active Flow Monitoring on MX80 and MX104 Routers
- Configuring Inline Active Flow Monitoring on PTX Series Routers
- Inline Active Flow Monitoring of MPLS-over-UDP Flows on PTX Series Routers
- Inline Active Flow Monitoring on IRB Interfaces
- Example: Configuring Inline Active Flow Monitoring on MX Series and T4000 Routers
- Sampling Data Using Flow Aggregation
- Understanding Flow Aggregation
- Enabling Flow Aggregation
- Configuring Flow Aggregation on MX, M and T Series Routers and NFX250 to Use Version 5 or Version 8 cflowd
- Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version 9 Flow Templates
- Configuring Flow Aggregation on PTX Series Routers to Use Version 9 Flow Templates
- Configuring Inline J-Flow to Use IPFIX Flow Templates on MX, vMX and T Series Routers, EX Series Switches, NFX Series Devices, and SRX Devices
- Configuring Flow Aggregation to Use IPFIX Flow Templates on PTX Series Routers
- Configuring Observation Domain ID and Source ID for Version 9 and IPFIX Flows
- Configuring Template ID and Options Template ID for Version 9 and IPFIX Flows
- Including Fragmentation Identifier and IPv6 Extension Header Elements in IPFIX Templates on MX Series Routers
- Directing Replicated Flows from M and T Series Routers to Multiple Flow Servers
- Logging cflowd Flows on M and T Series Routers Before Export
- Configuring Next-Hop Address Learning on MX Series and PTX Series Routers for Destinations Accessible Over Multiple Paths
- Real-Time Performance Monitoring and Video Monitoring Services
- Monitoring Traffic Using Real-Time Performance Monitoring
- Understanding Using Probes for Real-Time Performance Monitoring on M, T, PTX, and MX Series Routers
- Configuring RPM Probes on M, MX and T Series Routers and EX Series Switches
- Configuring RPM Receiver Servers
- Limiting the Number of Concurrent RPM Probes on M, MX, T and PTX Routers and EX Series Switches
- Configuring RPM Timestamping on MX, M, T, and PTX Series Routers and EX Series Switches
- Analyzing Network Efficiency in IPv6 Networks on MX Series Routers Using RPM Probes
- Configuring BGP Neighbor Discovery Through RPM
- Examples: Configuring BGP Neighbor Discovery on MX, M, T and PTX Series Routers With RPM
- Real-Time Performance Monitoring on ACX Series
- Tracing RPM Operations on MX, M, T and ACX Series Routers
- Examples: Configuring Real-Time Performance Monitoring on MX, M, T and PTX Series Routers
- Enabling RPM on MX, M and T Series Routers and SRX Firewalls for the Services SDK
- Understanding Two-Way Active Measurement Protocol on Routers
- Configuring TWAMP on MX, M, T, and PTX Series Routers and EX4300 Series Switches
- Example: Configuring TWAMP Client and Server on MX Series Routers
- Two-Way Active Measurement Protocol on ACX Series
- Understanding TWAMP Auto-Restart
- Configuring TWAMP Client and TWAMP Server to Reconnect Automatically After TWAMP Server Unavailability
- Managing License Server for Throughput Data Export
- Testing the Performance of Network Devices Using RFC 2544-Based Benchmarking
- Understanding RFC 2544-Based Benchmarking Tests on MX Series Routers
- Understanding RFC2544-Based Benchmarking Tests for E-LAN and E-Line Services on MX Series Routers
- Supported RFC 2544-Based Benchmarking Statements on MX Series Routers
- Configuring an RFC 2544-Based Benchmarking Test
- Enabling Support for RFC2544-Based Benchmarking Tests on MX Series Routers
- Example: Configuring an RFC 2544-Based Benchmarking Test on an MX104 Router for Layer 3 IPv4 Services
- Example: Configuring an RFC 2544-Based Benchmarking Test on an MX104 Router for UNI Direction of Ethernet Pseudowires
- Example: Configuring an RFC 2544-Based Benchmarking Test on an MX104 Router for NNI Direction of Ethernet Pseudowires
- Example: Configuring RFC2544-Based Benchmarking Tests on an MX104 Router for Layer 2 E-LAN Services in Bridge Domains
- Example: Configuring Benchmarking Tests to Measure SLA Parameters for E-LAN Services on an MX104 Router Using VPLS
- Configuring RFC 2544-Based Benchmarking Tests on ACX Series
- RFC 2544-Based Benchmarking Tests Overview
- Layer 2 and Layer 3 RFC 2544-Based Benchmarking Test Overview
- Configuring RFC 2544-Based Benchmarking Tests
- Configuring Ethernet Loopback for RFC 2544-Based Benchmarking Tests
- RFC 2544-Based Benchmarking Test States
- Example: Configuring an RFC 2544-Based Benchmarking Test for Layer 3 IPv4 Services
- Example: Configuring an RFC 2544-Based Benchmarking Test for NNI Direction of Ethernet Pseudowires
- Example: Configuring an RFC 2544-Based Benchmarking Test for UNI Direction of Ethernet Pseudowires
- Configuring a Service Package to be Used in Conjunction with PTP
- Tracking Streaming Media Traffic Using Inline Video Monitoring
- Understanding Inline Video Monitoring on MX Series Routers
- Configuring Inline Video Monitoring on MX Series Routers
- Inline Video Monitoring Syslog Messages on MX Series Routers
- Generation of SNMP Traps and Alarms for Inline Video Monitoring on MX Series Routers
- SNMP Traps for Inline Video Monitoring Statistics on MX Series Routers
- Processing SNMP GET Requests for MDI Metrics on MX Series Routers
- Monitoring Traffic Using Real-Time Performance Monitoring
- Configuration Statements and Operational Commands
- Configuration Statements
- accounting
- address (Interfaces)
- address (Services Dynamic Flow Capture)
- aggregate-export-interval
- aggregation
- alarms
- alarm-mode
- allowed-destinations
- analyzer-address
- analyzer-id
- archive-sites
- authentication-mode
- authentication-key-chain
- autonomous-system-type
- bandwidth-kbps (RFC 2544 Benchmarking)
- bgp
- bridge-template
- capture-group
- cflowd (Discard Accounting)
- cflowd (Flow Monitoring)
- client
- client-delegate-probes
- client-list
- collector
- collector
- collector (Flow Monitoring Logs for NAT)
- collector (Flow Template Profiles for NAT)
- collector-group (Flow Template Profiles for NAT)
- collector-group (Flow Monitoring Logs for NAT)
- content-destination
- control-connection (Junos OS)
- control-connection (Junos OS Evolved)
- control-source
- core-dump
- data-fill
- data-fill-with zeros
- data-format
- data-size
- delay-factor
- delegate-probes
- destination
- destination-address (Flow Monitoring Logs for NAT)
- destination-interface
- destination-ipv4-address
- destination-mac-address (RFC2544 Benchmarking)
- destination-port
- destination-port (Flow Monitoring Logs for NAT)
- destination-udp-port (RFC 2544 Benchmarking)
- destinations
- direction
- disable
- disable-signature-check
- dscp (flow-server)
- dscp-code-points (RPM)
- dscp-code-points (RFC 2544 Benchmarking)
- dump-on-flow-control
- duplicates-dropped-periodicity
- dynamic-flow-capture
- engine-id
- engine-type
- export-format
- family (Monitoring)
- family (RFC2544 Benchmarking)
- family (Sampling)
- file (Sampling)
- file (Trace Options)
- file-specification (File Format)
- file-specification (Interface Mapping)
- filename
- filename-prefix
- files
- filter
- flex-flow-sizing
- flow-active-timeout
- flow-collector
- flow-control-options
- flow-export-destination
- flow-export-rate
- flow-inactive-timeout
- flow-key (Flow Monitoring)
- flow-monitoring
- flow-server
- flow-table-size
- flow-table-size (Chassis)
- flow-tap
- forwarding-class (RFC 2544 Benchmarking)
- forwarding-class (Sampling)
- ftp (Flow Collector Files)
- ftp (Transfer Log Files)
- g-duplicates-dropped-periodicity
- g-max-duplicates
- generate-snmp-traps
- halt-on-prefix-down
- hard-limit
- hard-limit-target
- hardware-timestamp
- history-size
- host-outbound media-interface
- icmp
- in-service (RFC2544 Benchmarking)
- inactivity-timeout
- inet6-options
- inline-jflow
- inline-monitoring
- instance
- input (Sampling)
- input-interface-index
- input-packet-rate-threshold
- instance (Sampling)
- interface (Accounting or Sampling)
- interfaces
- interface (Services Flow Tap)
- interface-map
- interfaces (Services Dynamic Flow Capture)
- interfaces (Video Monitoring)
- inet6-options
- ip-swap (RFC 2544 Benchmarking)
- ipv4-flow-table-size
- ipv4-template
- ipv6-flow-table-size
- ipv6-extended-attrib
- ipv6-template
- ivlan-cfi
- ivlan-id
- ivlan-priority
- jflow-log (Interfaces)
- jflow-log (Services)
- label-position
- license-server
- light
- local-dump
- logical-system
- managed
- match
- max-connection-duration
- max-duplicates
- max-packets-per-second
- maximum-age
- maximum-connections
- maximum-connections-per-client
- maximum-packet-length
- maximum-sessions
- maximum-sessions-per-connection
- media-loss-rate
- media-rate-variation
- message-rate-limit
- minimum-priority
- mode
- monitoring (Forwarding Options)
- monitoring
- moving-average-size
- mpls-flow-table-size
- mpls-ipv4-template
- mpls-ipvx-template
- mpls-template
- multiservice-options
- name-format
- next-hop
- next-hop
- next-hop-group (Forwarding Options)
- nexthop-learning
- no-remote-trace (Trace Options)
- no-syslog
- no-syslog-generation
- notification-targets
- observation-domain-id
- offload-type
- one-way-hardware-timestamp
- option-refresh-rate
- options-template-id
- outer-tag-protocol-id
- output (Accounting)
- output (Monitoring)
- output (Sampling)
- output-interface-index
- ovlan-cfi
- ovlan-id
- ovlan-priority
- owner
- packet-loss-priority
- packet-size (RFC 2544 Benchmarking)
- passive-monitor-mode
- password (Flow Collector File Servers)
- password (Transfer Log File Servers)
- peer-as-billing-template
- persistent-results
- pic-memory-threshold
- pop-all-labels
- port (Flow Monitoring)
- port (RPM)
- port (TWAMP)
- post-cli-implicit-firewall
- pre-rewrite-tos
- probe
- probe-count
- probe-interval
- probe-limit
- probe-server
- probe-type
- profiles (RFC 2544 Benchmarking)
- rate
- rate (Forwarding Options)
- receive-failure-threshold
- receive-options-packets
- receive-ttl-exceeded
- reflect-etype
- reflect-mode
- refresh-rate
- reflect-mode (RFC2544 Benchmarking)
- reflect-etype
- required-depth
- retry
- retry-delay
- rfc2544-benchmarking
- rfc6514-compliant-safi129 (Protocols BGP)
- routing-instance (RPM)
- routing-instance (cflowd)
- routing-instance-list
- routing-instances
- rpm (Interfaces)
- rpm (Services)
- rpm-scale
- run-length
- sample-once
- sampling (Forwarding Options)
- sampling (Interfaces)
- sampling-instance
- server (Junos OS)
- server (Junos OS Evolved)
- server-inactivity-timeout
- service-port
- service-type (RFC2544 Benchmarking)
- services-options
- shared-key
- size
- skip-arp-iteration
- slamon-services
- soft-limit
- soft-limit-clear
- source-address (Forwarding Options)
- source-address (Services)
- source-addresses
- source-id
- source-ip
- source-ipv4-address (RFC 2544 Benchmarking)
- source-mac-address (RFC2544 Benchmarking)
- source-udp-port
- stamp
- step-percent
- storm-control
- syslog
- target
- tcp
- tcp-keepcnt
- tcp-keepidle
- tcp-keepintvl
- template (Flow Monitoring IPFIX Version)
- template (Flow Monitoring Version 9)
- template (Forwarding Options)
- template (Forwarding Options Version IPFIX)
- template
- template-id
- template-profile (Flow Monitoring Logs for NAT)
- template-refresh-rate
- template-type
- templates
- test
- tests
- test-count
- test-finish-wait-duration
- test-interface
- test-interval
- test-iterator-duration
- test-iterator-pass-threshold
- test-name
- test-profile (RFC 2544 Benchmarking)
- test-session (Junos OS)
- test-session (Junos OS Evolved)
- test-type (RFC 2544 Benchmarking)
- thresholds (Junos OS)
- thresholds (Junos OS Evolved)
- timestamp-format
- traceoptions (Dynamic Flow Capture)
- traceoptions (Forwarding Options)
- traceoptions
- traceoptions (RPM)
- transfer
- transfer-log-archive
- transmit-failure-threshold
- traps
- ttl
- ttl (RPM probe)
- tunnel-observation
- twamp
- twamp-server
- trio-flow-offload
- udp
- udp-tcp-port-swap (RFC 2544 Benchmarking)
- unit
- use-extended-flow-memory
- username
- variant
- version
- version (Flow Monitoring Logs for NAT)
- version9
- version9 (Flow Monitoring)
- version-ipfix (Forwarding Options)
- version-ipfix (Services)
- video-monitoring
- vpls-flow-table-size
- vpls-template
- world-readable
- Operational Commands
- clear passive-monitoring statistics
- clear services accounting statistics inline-jflow
- clear services dynamic-flow-capture
- clear services flow-collector statistics
- clear services inline-monitoring statistics
- clear services monitoring twamp server control-connection
- clear services rpm twamp server connection
- clear services service-sets statistics jflow-log
- clear services video-monitoring mdi errors fpc-slot
- clear services video-monitoring mdi statistics fpc-slot
- request services flow-collector change-destination primary interface
- request services flow-collector change-destination secondary interface
- request services flow-collector test-file-transfer
- request services monitoring twamp client
- request services rpm twamp
- show forwarding-options next-hop-group
- show forwarding-options port-mirroring
- show interfaces (Dynamic Flow Capture)
- show interfaces (Flow Collector)
- show interfaces (Flow Monitoring)
- show passive-monitoring error
- show passive-monitoring flow
- show passive-monitoring memory
- show passive-monitoring status
- show passive-monitoring usage
- show services accounting aggregation
- show services accounting aggregation template
- show services accounting errors
- show services accounting flow
- show services accounting flow-detail
- show services accounting memory
- show services accounting packet-size-distribution
- show services accounting status
- show services accounting usage
- show services dynamic-flow-capture content-destination
- show services dynamic-flow-capture control-source
- show services dynamic-flow-capture statistics
- show services flow-collector file interface
- show services flow-collector input interface
- show services flow-collector interface
- show services inline-monitoring statistics fpc-slot
- show services monitoring rpm history-results
- show services monitoring rpm probe-results
- show services monitoring twamp client control-info
- show services monitoring twamp client history-results
- show services monitoring twamp client probe-results
- show services monitoring twamp client test-info
- show services monitoring twamp server control-info
- show services monitoring twamp server test-info
- show services rpm active-servers
- show services rpm history-results
- show services rpm probe-results
- show services rpm rfc2544-benchmarking
- show services rpm rfc2544-benchmarking test-id
- show services rpm twamp client connection
- show services rpm twamp client history-results
- show services rpm twamp client probe-results
- show services rpm twamp client session
- show services rpm twamp server connection
- show services rpm twamp server session
- show services service-sets statistics jflow-log
- show services video-monitoring mdi errors fpc-slot
- show services video-monitoring mdi flows fpc-slot
- show services video-monitoring mdi stats fpc-slot
- test services rpm rfc2544-benchmarking
- Configuration Statements
- Downloads
- Flow Monitoring and Flow Collection Services
Download This Guide
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.
English
English
Understanding NAT for GTP
A General Packet Radio Service (GPRS) interface supports both GPRS tunneling protocol (GTP) inspection and Network Address Translation (NAT) simultaneously in the same routing instance. When GTP packets configured with static NAT are inspected in a network, only addresses within IP headers are translated. The addresses within their payloads are not translated. For each endpoint, the related GTP session must belong to the same zone and virtual router. This means the header source IP, C-tunnel IP, and U-tunnel IP in the payload are defined in the same scope for a packet.
 | Note: When you enable NAT, only the outer IP packet has to be translated. The embedded IP addresses are not translated. |
During a GTP packet flow, the source IP address and destination IP address cannot be translated to NAT simultaneously. When you delete or deactivate NAT rule configuration on a device, the NAT rule related GSN and GTP tunnels are deleted. If the NAT rule related GSN number and tunnel number are huge, this deleting process will take several minutes.
