[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Example: Configuring Dynamic Flow Capture

The following example includes all parts of a complete dynamic flow capture configuration.

Configure the DFC PIC interface:

interfaces dfc-0/0/0 {
unit 0 {
family inet {
address 2.1.0.0/32 { # DFC PIC address
destination 10.36.100.1; # DFC PIC address used by
# the control sources to correspond with
# the monitoring platform
}
}
}
}
unit 1 { # receive data packets on this logical interface
family inet;
}
unit 2 { # send out copies of matched packets on this logical interface
family inet;
}

Configure the capture group:

services dynamic-flow-capture {
capture-group g1 {
interfaces dfc-0/0/0;
input-packet-rate-threshold 90k;
pic-memory-threshold percentage 80;
control-source cs1 {
source-addresses 10.36.41.1;
service-port 2400;
notification-targets {
10.36.41.1 port 2100;
}
shared-key "$9$ASxdsYoX7wg4aHk";
allowed-destinations cd1;
}
content-destination cd1 {
address 10.36.70.2;
ttl 244;
}
}
}

Configur3 filter-based forwarding (FBF) to the DFC PIC interface, logical unit 1.

For more information about configuring passive monitoring interfaces, see Enabling Passive Flow Monitoring.

interfaces so-1/2/0 {
encapsulation ppp;
unit 0 {
passive-monitor-mode;
family inet {
filter {
input catch;
}
}
}
}

Configure the firewall filter:

firewall {
filter catch {
interface-specific;
term def {
then {
count counter;
routing-instance fbf_inst;
}
}
}
}

Configure a forwarding routing instance. The next hop points specifically to the logical interface corresponding to unit 1, because only this particular logical unit is expected to relay monitored data to the DFC PIC.

routing-instances fbf_inst {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop dfc-0/0/0.1;
}
}
}

Configure routing table groups:

[edit]
routing-options {
interface-routes {
rib-group inet common;
}
rib-groups {
common {
import-rib [ inet.0 fbf_inst.inet.0 ];
}
}
forwarding-table {
export pplb;
}
}

Configure interfaces to the control source and content destination:

interfaces fe-4/1/2 {
description "to cs1 from dfc";
unit 0 {
family inet {
address 10.36.41.2/30;
}
}
}
interfaces ge-7/0/0 {
description "to cd1 from dfc";
unit 0 {
family inet {
address 10.36.70.1/30;
}
}
}
[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]