Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
 

Related Documentation

 

Understanding Inline Sampling

This topic provides an overview of the inline sampling feature and IPFIX and Version 9 flow collection templates used for inline sampling.

This topic contains the following sections:

Inline Sampling

The inline sampling feature on MX Series routers enables you to configure active sampling without making use of a services Dense Port Concentrator (DPC). The inline sampling is implemented on the Packet Forwarding Engine, and is carried out when the traffic enters the Packet Forwarding Engine.

Inline sampling provides for higher scalability and performance as the scaling and performance are not dependent on the capacity of the services interface. It is also cost effective in more than one way as there is no need to invest in additional hardware or to dedicate a PIC slot for the services PIC. You can make full use of the available slots for handling traffic on the device.

Junos OS Release 13.2 extends inline sampling support to VPLS flows. Now, you can configure inline sampling for IPv4, IPv6, and VPLS traffic.

The inline sampling configuration can be broadly classified into four categories:

  1. Configurations at the [edit services flow-monitoring] hierarchy level—At this level, you configure the template properties for inline flow monitoring.
  2. Configurations at the [edit forwarding-options] hierarchy level—At this level, you configure a sampling instance and associate the template (configured at the [edit services flow-monitoring] hierarchy level) with the sampling instance. At this level, you also configure the flow-server IP address and port number as well as the flow export rate.
  3. Configurations at the [edit chassis] hierarchy level—At this level, you associate the sampling instance with the FPC on which the media interface is present. If you are configuring sampling of IPv6 flows, you must also specify the flow hash table size.
  4. Configurations at the [edit firewall] hierarchy level—At this level you configure a firewall filter for the family of traffic to be sampled. You must attach this filter to the interface on which you want to sample the traffic.

Inline sampling supports version 9 and IPFIX flow collection templates. Support for version 9 template was introduced in Junos OS Release 13.2, and is limited to IPv4 flows. IPFIX template is supported for IPv4, IPv6, and VPLS flows. IPFIX template uses UDP as the transport protocol, whereas version 9 is transport protocol-independent.

Before you configure inline sampling, you should ensure that you have adequately-sized hash tables for IPv4 and IPv6 flow sampling. These tables can use one to fifteen 256k areas, and each table is assigned a default value of one such area. When anticipated traffic volume requires larger tables, allocate larger tables.

Inline Sampling Limitations and Restrictions

The following limitations and restrictions apply to the inline sampling feature in Junos OS:

  • You can configure inline sampling only on MX Series routers that have Trio-based line cards.
  • You can apply Version 9 flow template only to IPv4 traffic.
  • You can configure only one sampling instance on an Flexible PIC Concentrator (FPC).
  • You can configure only one type of sampling–either PIC-based sampling or inline sampling–per family in a sampling instance. However, you can configure PIC-based and inline sampling for different families in a sampling instance.
  • You can configure only one collector for inline sampling.

  • The following considerations apply to the inline flow-monitoring instance configuration:

    • Sampling run-length and clip-size are not supported.
    • For inline configurations, each family can support only one collector.
  • Inline sampling instances can handle only up to 65536 AS paths. If the total number of AS paths exceed the maximum limit, the AS paths that have AS index greater than 65536 are discarded and counted as error. Flow records associated with such AS paths show the AS value as 0xFFFFFFFF . However, this limitation does not impact normal forwarding operations.
  • On routers with Multiservices PICs or Multiservices DPCs, all fragments of a fragmented IPv4 packet other than the first fragment of the packet are processed accurately by the flow monitoring application running on MS-PIC or MS-DPC. The flow monitoring mechanism handles such fragments accurately by setting the layer 4 related fields in the associated flows to zero.

IPFIX and Version 9 Templates

The following sections list the fields included in IPFIX and Version 9 templates.

Fields Included in the IPFIX IPv4 Template

  • IPv4 Source Address
  • IPv4 Destination Address
  • IPv4 TOS
  • IPv4 Protocol
  • L4 Source Port
  • L4 Destination Port
  • ICMP Type and Code
  • Input Interface
  • VLAN ID
  • IPv4 Source Mask
  • IPv4 Destination Mask
  • Source AS
  • Destination AS
  • IPv4 Next Hop Address
  • TCP Flags

    Output Interface

  • Number of Flow Bytes
  • Number of Flow Packets
  • Minimum TTL (time to live)
  • Maximum TTL (time to live)
  • Flow Start Time
  • Flow End Time
  • Flow End Reason
  • 802.1Q VLAN identifier (dot1qVlanId)
  • 802.1Q Customer VLAN identifier (dot1qCustomerVlanId)

Fields Included in the IPFIX IPv6 Template

  • IPv6 Source Address
  • IPv6 Destination Address
  • IPv6 TOS
  • IPv6 Protocol
  • L4 Source Port
  • L4 Destination Port
  • ICMP Type and Code
  • Input Interface
  • VLAN ID
  • IPv6 Source Mask
  • IPv6 Destination Mask
  • Source AS
  • Destination AS
  • IPv6 Next Hop Address
  • TCP Flags

    Output Interface

  • Number of Flow Bytes
  • Number of Flow Packets
  • Minimum Hop Limits
  • Maximum Hop Limits
  • Flow Start Time
  • Flow End Time
  • Flow End Reason
  • 802.1Q VLAN identifier (dot1qVlanId)
  • 802.1Q Customer VLAN identifier (dot1qCustomerVlanId)

Fields Included in the Version 9 IPv4 Template

  • IPv4 Source Address
  • IPv4 Destination Address
  • IPv4 TOS
  • IPv4 Protocol
  • L4 Source Port
  • L4 Destination Port
  • ICMP Type and Code
  • Input Interface
  • VLAN ID
  • IPv4 Source Mask
  • IPv4 Destination Mask
  • Source AS
  • Destination AS
  • IPv4 Next Hop Address
  • BGP IPv4 Next Hop Address
  • TCP Flags

    Output Interface

  • Number of Flow Bytes
  • Number of Flow Packets
  • Time when the first packet of the flow was switched.
  • Time when the last packet of flow was switched.
  • Internet Protocol Version
 

Related Documentation

 

Published: 2013-08-16

 

Related Documentation

 

Published: 2013-08-16

Previous Page Next Page