- play_arrow Flow Capture Services
- play_arrow Dynamically Capturing Packet Flows Using Junos Capture Vision
- play_arrow Detecting Threats and Intercepting Flows Using Junos Flow-Tap and FlowTapLite Services
- Understanding the FlowTap and FlowTapLite Services
- Understanding FlowTap and FlowTapLite Architecture
- Configuring the FlowTap Service on MX Series Routers
- Configuring a FlowTap Interface on MX Series Routers
- Configuring FlowTap and FlowTapLite Security Properties
- FlowTap and FlowTapLite Application Restrictions
- Examples: Configuring the FlowTapLite Application on MX Series and ACX Series Routers
- Configuring FlowTapLite on MX Series Routers and M320 Routers with FPCs
-
- play_arrow Inline Monitoring Services and Inband Network Telemetry
- play_arrow Inline Monitoring Services
- play_arrow Flow-Based Telemetry
- play_arrow Inband Flow Analyzer 2.0
- play_arrow Juniper Resiliency Interface
-
- play_arrow Sampling and Discard Accounting Services
- play_arrow Sampling Data Using Traffic Sampling and Discard Accounting
- play_arrow Sampling Data Using Inline Sampling
- Understand Inline Active Flow Monitoring
- Configuring Inline Active Flow Monitoring Using Routers, Switches or NFX250
- Configuring Inline Active Flow Monitoring on MX80 and MX104 Routers
- Configuring Inline Active Flow Monitoring on PTX Series Routers
- Inline Active Flow Monitoring of MPLS-over-UDP Flows on PTX Series Routers
- Inline Active Flow Monitoring on IRB Interfaces
- Example: Configuring Inline Active Flow Monitoring on MX Series and T4000 Routers
- play_arrow Sampling Data Using Flow Aggregation
- Understanding Flow Aggregation
- Enabling Flow Aggregation
- Configuring Flow Aggregation on MX, M and T Series Routers and NFX250 to Use Version 5 or Version 8 cflowd
- Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version 9 Flow Templates
- Configuring Flow Aggregation on PTX Series Routers to Use Version 9 Flow Templates
- Configuring Inline Active Flow Monitoring to Use IPFIX Flow Templates on MX, vMX and T Series Routers, EX Series Switches, NFX Series Devices, and SRX Series Firewalls
- Configuring Flow Aggregation to Use IPFIX Flow Templates on PTX Series Routers
- Configuring Observation Domain ID and Source ID for Version 9 and IPFIX Flows
- Configuring Template ID and Options Template ID for Version 9 and IPFIX Flows
- Including Fragmentation Identifier and IPv6 Extension Header Elements in IPFIX Templates on MX Series Routers
- Directing Replicated Flows from M and T Series Routers to Multiple Flow Servers
- Logging cflowd Flows on M and T Series Routers Before Export
- Configuring Next-Hop Address Learning on MX Series and PTX Series Routers for Destinations Accessible Over Multiple Paths
-
- play_arrow Real-Time Performance Monitoring and Video Monitoring Services
- play_arrow Monitoring Traffic Using Real-Time Performance Monitoring and Two-Way Active Monitoring Protocol (TWAMP)
- Understanding Using Probes for Real-Time Performance Monitoring on M, T, ACX, MX, and PTX Series Routers, EX and QFX Switches
- Configuring RPM Probes on M, MX and T Series Routers and EX Series Switches
- Understanding Real-Time Performance Monitoring on EX and QFX Switches
- Real-Time Performance Monitoring for SRX Devices
- Configuring RPM Receiver Servers
- Limiting the Number of Concurrent RPM Probes on M, MX, T and PTX Routers and EX Series Switches
- Configuring RPM Timestamping on MX, M, T, and PTX Series Routers and EX Series Switches
- Configuring the Interface for RPM Timestamping for Client/Server on a Switch (EX Series)
- Analyzing Network Efficiency in IPv6 Networks on MX Series Routers Using RPM Probes
- Configuring BGP Neighbor Discovery Through RPM
- Examples: Configuring BGP Neighbor Discovery on SRX Series Firewalls and MX, M, T and PTX Series Routers With RPM
- Trace RPM Operations
- Examples: Configuring Real-Time Performance Monitoring on MX, M, T and PTX Series Routers
- Enabling RPM on MX, M and T Series Routers and SRX Firewalls for the Services SDK
- Understand Two-Way Active Measurement Protocol
- Configure TWAMP on ACX, MX, M, T, and PTX Series Routers, EX Series and QFX10000 Series Switches
- Example: Configuring TWAMP Client and Server on MX Series Routers
- Example: Configuring TWAMP Client and Server for SRX Series Firewalls
- Understanding TWAMP Auto-Restart
- Configuring TWAMP Client and TWAMP Server to Reconnect Automatically After TWAMP Server Unavailability
- play_arrow Managing License Server for Throughput Data Export
- play_arrow Testing the Performance of Network Devices Using RFC 2544-Based Benchmarking
- Understanding RFC 2544-Based Benchmarking Tests on MX Series Routers and SRX Series Firewalls
- Understanding RFC2544-Based Benchmarking Tests for E-LAN and E-Line Services on MX Series Routers
- Supported RFC 2544-Based Benchmarking Statements on MX Series Routers
- Configuring an RFC 2544-Based Benchmarking Test
- Enabling Support for RFC 2544-Based Benchmarking Tests on MX Series Routers
- Example: Configure an RFC 2544-Based Benchmarking Test on an MX104 Router for Layer 3 IPv4 Services
- Example: Configuring an RFC 2544-Based Benchmarking Test on an MX104 Router for UNI Direction of Ethernet Pseudowires
- Example: Configuring an RFC 2544-Based Benchmarking Test on an MX104 Router for NNI Direction of Ethernet Pseudowires
- Example: Configuring RFC2544-Based Benchmarking Tests on an MX104 Router for Layer 2 E-LAN Services in Bridge Domains
- Example: Configuring Benchmarking Tests to Measure SLA Parameters for E-LAN Services on an MX104 Router Using VPLS
- play_arrow Configuring RFC 2544-Based Benchmarking Tests on ACX Series
- RFC 2544-Based Benchmarking Tests for ACX Routers Overview
- Layer 2 and Layer 3 RFC 2544-Based Benchmarking Test Overview
- Configuring RFC 2544-Based Benchmarking Tests
- Configuring Ethernet Loopback for RFC 2544-Based Benchmarking Tests
- RFC 2544-Based Benchmarking Test States
- Example: Configure an RFC 2544-Based Benchmarking Test for Layer 3 IPv4 Services
- Example: Configuring an RFC 2544-Based Benchmarking Test for NNI Direction of Ethernet Pseudowires
- Example: Configuring an RFC 2544-Based Benchmarking Test for UNI Direction of Ethernet Pseudowires
- Configuring a Service Package to be Used in Conjunction with PTP
- play_arrow Tracking Streaming Media Traffic Using Inline Video Monitoring
- Understanding Inline Video Monitoring on MX Series Routers
- Configuring Inline Video Monitoring on MX Series Routers
- Inline Video Monitoring Syslog Messages on MX Series Routers
- Generation of SNMP Traps and Alarms for Inline Video Monitoring on MX Series Routers
- SNMP Traps for Inline Video Monitoring Statistics on MX Series Routers
- Processing SNMP GET Requests for MDI Metrics on MX Series Routers
-
- play_arrow Configuration Statements and Operational Commands
Mapping Between Field Values for IPFIX Flow Templates and Logs Exported From an MX Series Router or NFX250
An IETF draft defining IPFIX Information Elements for logging various NAT events is available in IETF as IPFIX Information Elements for logging NAT Events—draft-ietf-behave-ipfix-nat-logging-02. The flow monitoring template format for flow monitoring logs generated for NAT events comply with the templates defined in this draft for logging NAT44/NAT64 session create/delete, binding information base (BIB) create/delete, address exhaust, pool exhaustion, quota exceeded, address binding create/delete, port block allocation and de-allocation events. Also, this draft has an extension for NAT64. Support is implemented for logging events for both NAT44 and NAT64. Apart from those templates defined in this draft, no new user-defined templates are created for logging any NAT events.
The following table lists the extensions to the NAT events. The data record contains the corresponding natEvent value to identify the event that is being logged.
Event Name | Values |
|---|---|
NAT44 Session create | 1 |
NAT44 Session delete | 2 |
NAT Addresses exhausted | 3 |
NAT64 Session create | 4 |
NAT64 Session delete | 5 |
NAT44 BIB create | 6 |
NAT44 BIB delete | 7 |
NAT64 BIB create | 8 |
NAT64 BIB delete | 9 |
NAT ports exhausted | 10 |
Quota exceeded | 11 |
Address binding create | 12 |
Address binding delete | 13 |
Port block allocation | 14 |
Port block deallocation | 15 |
The following table describes the field IDs or values and the corresponding names for IPv6 addresses for IPFIX flows:
Field ID | Name | Size (Bytes) | Description |
|---|---|---|---|
27 | sourceIPv6Address | 16 | IPv6 source address |
28 | destinationIPv6Address | 16 | IPv6 destination address |
281 | postNATSourceIPv6Address | 16 | Translated source IPv6 address |
282 | postNATDestinationPv6Address | 16 | Translated destination IPv6 address |
The following table describes the field names and whether they are required or not for NAT64 session creation and deletion events:
Field Name | Size (Bits) | Whether the Field Is Mandatory |
|---|---|---|
timeStamp | 64 | Yes |
vlanID/ingressVRFID | 32 | No |
sourceIPv4Address | 128 | Yes |
postNATSourceIPv4Address | 32 | Yes |
protocolIdentifier | 8 | Yes |
sourceTransportPort | 16 | Yes |
postNAPTsourceTransportPort | 16 | Yes |
destinationIPv4Address | 128 | No |
postNATDestinationIPv4Address | 32 | No |
destinationTransportPort | 16 | No |
postNAPTdestinationTransportPort | 16 | No |
natOriginatingAddressRealm | 8 | No |
initiatorOctets | 64 | No |
responderOctets | 64 | No |
flowEndReason | 8 | No |
natEvent | 8 | Yes |
A NAT44 session creation template record can contain the following fields. The natEvent field contains a value of 1, which indicates a NAT44 session creation event. An example of such a template is as follows:
Field Name | Size (Bits) | Value |
|---|---|---|
timeStamp | 64 | 09:20:10:789 |
sourceIPv4Address | 32 | 192.168.16.1 |
postNATSourceIPv4Address | 32 | 192.0.2.100 |
protocolIdentifier | 8 | TC |
sourceTransportPort | 16 | 14800 |
postNAPTsourceTransportPort | 16 | 1024 |
destinationIPv4Address | 32 | 198.51.100.104 |
postNATDestinationIPv4Address | 32 | 198.51.100.104 |
destinationTransportPort | 16 | 80 |
postNAPTdestinationTransportPort | 16 | 80 |
natOriginatingAddressRealm | 8 | 0 |
initiatorOctets | 64 | No |
responderOctets | 64 | No |
flowEndReason | 8 | No |
natEvent | 8 | 1 |
A NAT44 session deletion template record can contain the following fields. The natEvent field contains a value of 2, which indicates a NAT44 session deletion event. An example of such a template is as follows:
Field Name | Size (Bits) | Value |
|---|---|---|
timeStamp | 64 | 09:20:10:789 |
sourceIPv4Address | 32 | 192.168.16.1 |
postNATSourceIPv4Address | 32 | 192.0.2.100 |
protocolIdentifier | 8 | TC |
sourceTransportPort | 16 | 14800 |
postNAPTsourceTransportPort | 16 | 1024 |
destinationIPv4Address | 32 | 198.51.100.104 |
postNATDestinationIPv4Address | 32 | 198.51.100.104 |
destinationTransportPort | 16 | 80 |
postNAPTdestinationTransportPort | 16 | 80 |
natOriginatingAddressRealm | 8 | 0 |
natEvent | 8 | 2 |
To support all session termination reasons on NAT, existing flowEndReason
information element is extended. A new CLI command session-end-reason is
introduced to configure flowEndReason to be a part of J-Flow IPFIX template.
If the CLI is not configured or configured as default, the flowEndReason
exports the default set information to fill in the data records. If the CLI is configured as
custom, the flowEndReason exports the custom set information to fill in the data
records.
The table lists the set of session termination values that can be exported:
Session Close Reason | Session Close Reason string | Scenarios/Remark | Custom Set values | Default Set values |
|---|---|---|---|---|
NAT_SESSION_CREATION | idle Timeout | When any session gets timeout | 0x01 | 0x01 |
NAT_SESSION_CLOSE_TCP_CLIENT_RST | TCP CLIENT RST | Receives a TCP packet from Client with RST FLAG set | 0x13 | 0xFF |
NAT_SESSION_CLOSE_TCP_SERVER_RST | TCP SERVER RST | Receives a TCP packet from Server with RST FLAG set | 0x23 | 0xFF |
NAT_SESSION_CLOSE_TCP_FIN | TCP FIN | Receives FIN Packet | 0x03 | 0x03 |
NAT_SESSION_CLOSE_ICMP_ERR | ICMP Error | Receiving ICMP Error packet in Fast path. icmp related error messages mentioned below | 0x10 | 0XFF |
NAT_SESSION_CLOSE_NSRP | HA | Create a NAT session on active router. Now, Switch to backup Router Manually or by bringing down the pic on active router. Wait for the switchover and send traffic. Ensure the session is synchronized. Now close the session. | 0x20 | 0xFF |
NAT_SESSION_CLOSE_POLICY_DELETE | policy delete | When you delete Policy rematch configuration with active session. | 0x50 | 0xFF |
NAT_SESSION_CLOSE_POLICY_UPDATE | policy update | When you Update Policy rematch configuration with active session. | 0x60 | 0xFF |
NAT_SESSION_CLOSE_JSF_PLUGIN | application failure or action | It is a very rare scenario and would be difficult to simulate. Please don’t have test case for this. | 0x70 | 0xFF |
NAT_SESSION_CLOSE_IFP_ZONECHANGED_SSCAN | session interface zone changed | when redundancy switchover happens in ams interface | 0x80 | 0xFF |
NAT_SESSION_CLOSE_CLI | CLI | Force clear the session | 0x04 | 0x04 |
