Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring Passive Flow Monitoring

On routing platforms containing the Monitoring Services PIC or the Monitoring Services II PIC, you can configure flow monitoring for traffic passing through the routing platform. This type of monitoring method is passive monitoring.

To configure flow monitoring, include the monitoring statement at the [edit forwarding-options hierarchy level:

To configure a passive monitoring group, include the monitoring statement and specify a group name. To configure monitoring on a specified address family, include the family statement and specify an address family. To specify an interface to monitor incoming traffic, include the input statement. To configure the monitoring information that is sent out, include the output statement. To configure the output flow aggregation, include the cflowd statement. For more information about flow aggregation, see Directing Traffic Sampling Output to a Server Running the cflowd Application. To specify the format of the monitoring information sent out, include the export-format statement and specify a version number. To configure the interval before exporting an active flow, include the flow-active-timeout statement. The default value for flow-active-timeout is 1800 seconds. To enable flow collection, include the flow-export-destination statement. To configure the interval before a flow is considered inactive, include the flow-inactive-timeout statement. The default value for flow-inactive-timeout is 60 seconds. To configure the interface that sends out the monitored information, include the interface statement. Flow monitoring is supported for Monitoring Services PIC interfaces only.

When you apply a firewall filter to a loopback interface, the filter might block responses from the Monitoring Services PIC. To allow responses from the Monitoring Services PIC to pass through for monitoring purposes, configure a term in the firewall filter to include the Monitoring Services PIC’s IP address. For more detailed information about configuring firewall filters, see Guidelines for Configuring Firewall Filters and Guidelines for Applying Standard Firewall Filters.