Configuração de Netflow em Roteadores Huawei
Olá Hoje vamos desmontar como configurar o seu roteador Huawei para exportar Netflow (IP Netstream). Aqui temos a topologia da Rede e as informações do Servidor de Netflow Estes são os passos necessários para configuração do Roteador Huawei para exportar Netflow v5/v9 via IP Netstream Vamos para a Configuração passo a passo 1.Configurar o Servidor de NTP É importante configurar um Servidor de NTP pois os dados Flows usam timestamp de acordo com a hora do Roteador, caso o roteador esteja com uma hora diferente do servidor os dados não irão estar de acordo com a hora, gerando um desencontro de informações. É importante que seja configurado no mínimo 2 servidores de NTP e também o timezone de seu roteador. ntp-service server disable ntp-service ipv6 server disable ntp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 2. Configurar o slot para exportar informação Em roteadores Huawei é necessario configurar o Slot para exportar informação, para isso utilize os comandos: slot 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self 3. Configurar o IP Netstream com o Servidor de Netflow Em roteadores Huawei você deve configurar o IP netstream para dizer qual é o servidor que irá receber os dados do Netflow, qual o sampling (sampler), qual versão do Netflow e IP de origem do Netflow. Para configuração use os seguintes comandos: ip netstream timeout active 1 ip netstream timeout inactive 15 ip netstream export version 9 ip netstream export index-switch 32 ip netstream export template timeout-rate 1 ip netstream sampler fix-packets 500 inbound ip netstream sampler fix-packets 500 outbound ip netstream export source 192.168.210.49 ip netstream export host 192.168.210.47 2055 ip netstream export template option sampler ip netstream export template option timeout-rate 1 ip netstream as-mode 32 ipv6 netstream as-mode 32 ipv6 netstream timeout active 1 ipv6 netstream timeout inactive 15 ipv6 netstream export version 9 ipv6 netstream export index-switch 32 ipv6 netstream export template timeout-rate 1 ipv6 netstream sampler fix-packets 500 inbound ipv6 netstream sampler fix-packets 500 outbound ipv6 netstream export source 192.168.210.49 ipv6 netstream export host 192.168.210.47 2055 ipv6 netstream export template option sampler ipv6 netstream export template option timeout-rate 1 ipv6 netstream as-mode 32 4. Configurar a interface para habilitar o Netflow na interface Por ultimo precisamos ativar nas interfaces que irão exportar o Netflow, para isso em cada interface utilize os comandos: ip netstream inbound ipv6 netstream inbound Segue abaixo a configuração completa do Roteador: ntp-service server disablentp-service ipv6 server disablentp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 slot 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self ip netstream timeout active 1ip netstream timeout inactive 15ip netstream export version 9ip netstream export index-switch 32ip netstream export template timeout-rate 1ip netstream sampler fix-packets 500 inboundip netstream sampler fix-packets 500 outboundip netstream export source 192.168.210.49ip netstream export host 192.168.210.47 2055ip netstream export template option sampler ip netstream export template option timeout-rate 1 ip netstream as-mode 32 ipv6 netstream as-mode 32ipv6 netstream timeout active 1ipv6 netstream timeout inactive 15ipv6 netstream export version 9ipv6 netstream export index-switch 32ipv6 netstream export template timeout-rate 1ipv6 netstream sampler fix-packets 500 inboundipv6 netstream sampler fix-packets 500 outboundipv6 netstream export source 192.168.210.49ipv6 netstream export host 192.168.210.47 2055ipv6 netstream export template option sampleripv6 netstream export template option timeout-rate 1ipv6 netstream as-mode 32 interface eth-trunk0.100 (exemplo de interface)ip netstream inboundipv6 netstream inbound Caso você tenha um NE40, segue abaixo um exemplo de configuração: ntp-service server disablentp-service ipv6 server disablentp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 slot 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self ip netstream as-mode 32ip netstream timeout inactive 15ip netstream export version 9ip netstream export index-switch 32ip netstream export template timeout-rate 1ip netstream sampler fix-packets 500 inboundip netstream sampler fix-packets 500 outboundip netstream export source 192.168.210.49ip netstream export host 192.168.210.47 2055ip netstream export template option samplerip netstream export template option timeout-rate 1 #ipv6 netstream as-mode 32ipv6 netstream timeout inactive 15ipv6 netstream export version 9ipv6 netstream export index-switch 32ipv6 netstream export template timeout-rate 1ipv6 netstream sampler fix-packets 500 inboundipv6 netstream sampler fix-packets 500 outboundipv6 netstream export source 192.168.210.49ipv6 netstream export host 192.168.210.47 2055ipv6 netstream export template option sampleripv6 netstream export template option timeout-rate 1 Em todas as interfaces adicionar ip netstream inbound ipv6 netstream inbound Caso tenham algum roteador não mencionado aqui, envie um whats que iremos lhe enviar as configurações. Espero ter ajudado e até a próxima. Grande abraço.
Configuración de Netflow en routers Huawei
Hola Hoy vamos a desglosar cómo configurar su router Huawei para exportar Netflow (Netstream IP). Esta es la topología de la red y la información del servidor Netflow Estos son los pasos necesarios para configurar el router de Huawei para exportar Netflow v5/v9 a través de Netstream IP Configurar el servidor NTP Configurar la ranura para exportar información Configuración de Netstream IP con Netflow Server Configurar la interfaz para activar Netflow en la interfaz Vamos con la configuración paso a paso 1.Configuración del servidor NTP Es importante configurar un servidor NTP ya que los datos de Flows utilizan timestamp según la hora del router, si el router es una hora de servidor diferente los datos no coincidirán con los tiempo, generando un desajuste de la información. Es importante que configures al menos 2 servidores NTP y también la zona horaria de tu router. ntp-service server disable ntp-service ipv6 server disable ntp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 2. Configurar la ranura para exportar información En los routers Huawei es necesario configurar el Slot para exportar información, para ello utilice los comandos: ranura 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self 3. Configuración de Netstream IP con Netflow Server En los routers Huawei debe configurar la IP de Netflow para decir qué servidor recibirá los datos de Netflow, qué muestreo (sampler), qué versión de Netflow y la IP de origen de Netflow. Para la configuración utilice los siguientes comandos: ip netstream timeout active 1 ip netstream timeout inactive 15 ip netstream export versión 9 ip netstream export index-switch 32 ip netstream export template timeout-rate 1 ip netstream sampler fix-packets 500 inbound ip netstream sampler fix-packets 500 outbound ip netstream export source 192.168.210.49 ip netstream export host 192.168.210.47 2055 ip netstream export template option sampler ip netstream export template option timeout-rate 1 ip netstream as-mode 32 ipv6 netstream as-mode 32 ipv6 netstream timeout active 1 ipv6 netstream timeout inactive 15 ipv6 netstream export versión 9 ipv6 netstream export index-switch 32 ipv6 netstream export template timeout-rate 1 ipv6 netstream sampler fix-packets 500 inbound ipv6 netstream sampler fix-packets 500 outbound ipv6 netstream export source 192.168.210.49 ipv6 netstream export host 192.168.210.47 2055 ipv6 netstream export template option sampler ipv6 netstream export template option timeout-rate 1 ipv6 netstream as-mode 32 4. Configurar la interfaz para activar Netflow en la interfaz Finalmente necesitamos activar las interfaces que exportarán Netflow, para ello en cada interfaz utilice los comandos: ip netstream inbound ipv6 netstream inbound A continuación se muestra la configuración completa del router: ntp-service server disablentp-service ipv6 server disablentp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 ranura 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self ip netstream timeout active 1ip netstream timeout inactive 15ip netstream export versión 9ip netstream export index-switch 32ip netstream export template timeout-rate 1ip netstream sampler fix-packets 500 inboundip netstream sampler fix-packets 500 outboundip netstream export source 192.168.210.49ip netstream export host 192.168.210.47 2055ip netstream export template option sampler ip netstream export template option timeout-rate 1 ip netstream as-mode 32 ipv6 netstream as-mode 32ipv6 netstream timeout active 1ipv6 netstream timeout inactive 15ipv6 netstream export versión 9ipv6 netstream export index-switch 32ipv6 netstream export template timeout-rate 1ipv6 netstream sampler fix-packets 500 inboundipv6 netstream sampler fix-packets 500 outboundipv6 netstream export source 192.168.210.49ipv6 netstream export host 192.168.210.47 2055ipv6 netstream export template option sampleripv6 netstream export template option timeout-rate 1ipv6 netstream as-mode 32 interfaz eth-trunk0.100 (interfaz de ejemplo)ip netstream inboundipv6 netstream inbound Si tiene un NE40, a continuación encontrará un ejemplo de configuración: ntp-service server disablentp-service ipv6 server disablentp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 ranura 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self ip netstream as-mode 32ip netstream timeout inactive 15ip netstream export versión 9ip netstream export index-switch 32ip netstream export template timeout-rate 1ip netstream sampler fix-packets 500 inboundip netstream sampler fix-packets 500 outboundip netstream export source 192.168.210.49ip netstream export host 192.168.210.47 2055ip netstream export template option samplerip netstream export template option timeout-rate 1 #ipv6 netstream as-mode 32ipv6 netstream timeout inactive 15ipv6 netstream export versión 9ipv6 netstream export index-switch 32ipv6 netstream export template timeout-rate 1ipv6 netstream sampler fix-packets 500 inboundipv6 netstream sampler fix-packets 500 outboundipv6 netstream export source 192.168.210.49ipv6 netstream export host 192.168.210.47 2055ipv6 netstream export template option sampleripv6 netstream export template option timeout-rate 1 En todas las interfaces, añada ip netstream inbound ipv6 netstream inbound Si tiene algún router no mencionado aquí, envíe un correo electrónico a: comercial@made4it.com.br y le enviaremos las configuraciones. Espero haber ayudado y hasta la próxima. Un gran abrazo.
Netflow Configuration on Huawei Routers
Hello Today we will break down how to configure your Huawei router to export Netflow (Netstream IP). Here we have the Network topology and the Netflow Server information These are the steps required to configure the Huawei Router to export Netflow v5/v9 via Netstream IP Configure the NTP Server Configure the slot to export information Configuring Netstream IP with Netflow Server Configure the interface to enable Netflow on the interface Let’s go to the step-by-step configuration 1.Configuring the NTP Server It is important to set up an NTP Server because Flows data uses timestamp according to the router’s time, if the router is a different server time the data will not agree with the time, generating a mismatch of information. It is important that you configure at least 2 NTP servers and also your router’s timezone. ntp-service server disable ntp-service ipv6 server disable ntp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 2. Configure the slot to export information On Huawei routers it is necessary to configure the Slot to export information, to do this use the commands: slot 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self 3. Configuring Netstream IP with Netflow Server On Huawei routers you must configure the netstream IP to say which server will receive the Netflow data, which sampling (sampler), which Netflow version and Netflow source IP. For configuration use the following commands: ip netstream timeout active 1 ip netstream timeout inactive 15 ip netstream export version 9 ip netstream export index-switch 32 ip netstream export template timeout-rate 1 ip netstream sampler fix-packets 500 inbound ip netstream sampler fix-packets 500 outbound ip netstream export source 192.168.210.49 ip netstream export host 192.168.210.47 2055 ip netstream export template option sampler ip netstream export template option timeout-rate 1 ip netstream as-mode 32 ipv6 netstream as-mode 32 ipv6 netstream timeout active 1 ipv6 netstream timeout inactive 15 ipv6 netstream export version 9 ipv6 netstream export index-switch 32 ipv6 netstream export template timeout-rate 1 ipv6 netstream sampler fix-packets 500 inbound ipv6 netstream sampler fix-packets 500 outbound ipv6 netstream export source 192.168.210.49 ipv6 netstream export host 192.168.210.47 2055 ipv6 netstream export template option sampler ipv6 netstream export template option timeout-rate 1 ipv6 netstream as-mode 32 4. Configure the interface to enable Netflow on the interface Finally, we need to activate the interfaces that will export Netflow, so in each interface use the commands: ip netstream inbound ipv6 netstream inbound Below is the complete configuration of the Router: ntp-service server disablentp-service ipv6 server disablentp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 slot 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self ip netstream timeout active 1ip netstream timeout inactive 15ip netstream export version 9ip netstream export index-switch 32ip netstream export template timeout-rate 1ip netstream sampler fix-packets 500 inboundip netstream sampler fix-packets 500 outboundip netstream export source 192.168.210.49ip netstream export host 192.168.210.47 2055ip netstream export template option sampler ip netstream export template option timeout-rate 1 ip netstream as-mode 32 ipv6 netstream as-mode 32ipv6 netstream timeout active 1ipv6 netstream timeout inactive 15ipv6 netstream export version 9ipv6 netstream export index-switch 32ipv6 netstream export template timeout-rate 1ipv6 netstream sampler fix-packets 500 inboundipv6 netstream sampler fix-packets 500 outboundipv6 netstream export source 192.168.210.49ipv6 netstream export host 192.168.210.47 2055ipv6 netstream export template option sampleripv6 netstream export template option timeout-rate 1ipv6 netstream as-mode 32 interface eth-trunk0.100 (example interface)ip netstream inboundipv6 netstream inbound If you have an NE40, here is a sample configuration: ntp-service server disablentp-service ipv6 server disablentp-service unicast-peer 200.160.0.8ntp-service unicast-peer 200.189.40.8 slot 3 ip netstream sampler to slot self ipv6 netstream sampler to slot self ip netstream as-mode 32ip netstream timeout inactive 15ip netstream export version 9ip netstream export index-switch 32ip netstream export template timeout-rate 1ip netstream sampler fix-packets 500 inboundip netstream sampler fix-packets 500 outboundip netstream export source 192.168.210.49ip netstream export host 192.168.210.47 2055ip netstream export template option samplerip netstream export template option timeout-rate 1 #ipv6 netstream as-mode 32ipv6 netstream timeout inactive 15ipv6 netstream export version 9ipv6 netstream export index-switch 32ipv6 netstream export template timeout-rate 1ipv6 netstream sampler fix-packets 500 inboundipv6 netstream sampler fix-packets 500 outboundipv6 netstream export source 192.168.210.49ipv6 netstream export host 192.168.210.47 2055ipv6 netstream export template option sampleripv6 netstream export template option timeout-rate 1 On all interfaces add ip netstream inbound ipv6 netstream inbound If you have a router not mentioned here, please send an email to comercial@made4it.com.br and we will send you the settings. I hope I have helped you and until next time. Big hug.
Confira entrevista da Made4it para Revista RTI
Confira nossa entrevista para a Revista RTI: Made4IT oferece solução de análise de tráfego A Made4IT, empresa brasileira sediada em Apucarana, PR, fornece ao mercado o Made4Flow, um software de análise de tráfego de rede com foco em provedores de Internet. O produto utiliza as informações enviadas pelo protocolo netflow de roteadores, analisando parâmetros como endereço IP, porta e ASN de origem e destino. Também é possível monitorar uma interface específica, acompanhando onde os dados estão sendo distribuídos. Para auxiliar nas tarefas do Made4Flow a companhia lançou, em março, o Made4Graph. O aplicativo realiza o gerenciamento de clientes finais PPPoE por meio de gráficos que mostram como a banda está sendo utilizada. Segundo o sócio-diretor da Made4IT, Guilherme Ganascim, o Made4Graph foi concebido a partir de uma lacuna no mercado. “Conforme os provedores começam a crescer, as empresas acabam indo buscar soluções de grandes fabricantes, processo que pode levar a perdas de informações dos clientes relativas à visibilidade do tráfego e conexão. Para evitar esses problemas, desenvolvemos o Made4Graph compatível com roteadores de marcas como Huawei, Cisco, Juniper e Mikrotik”, explica. Além do Made4Flow e do Made4Graph, a Made4IT oferece serviços de consultoria em TIC, abrangendo a área técnica de um provedor de Internet, como configurações de roteadores utilizando BGP; ativação de conexão com operadoras; design e implantação de redes MPLS; configuração e implantação de servidores DNS, entre outros. Com 25 funcionários, a companhia atende hoje a mais de 70 provedores em todo o Brasil. Entre seus clientes estão a Agility e a Tecnet, ambas do Ceará; Persis Telecom e Delta Telecom, ambas do Paraná; e Webby Telecom, em São Paulo. Segue o Link para visualizar a Revista, veja nas paginas 19 e 20: http://www.arandanet.com.br/assets/revistas/rti/2019/abril/index.php?
Nova Dashboard – Tráfego CDN
Olá, Veja aqui a nossa nova Dashboard mostrando a distribuição do Trafego de CDN. Com essa nova dashboard é muito simples identificar seu trafego para os principais CDN: Google, Facebook, Netflix e Akamai. Caso você tenha interresse entre em contato conosco e faça um teste por 15 dias sem custos. Obrigado e até a próxima.
Configuração de Netflow em Roteadores Juniper
Olá Hoje vamos desmontar como configurar o seu roteador Juniper para exportar Netflow (jFlow). No final do artigo está a configuração utilizando o IPFIX (Netflow v10). Aqui temos a topologia da Rede e as informações do Servidor de Netflow Estes são os passos necessários para configuração do Roteador Juniper para exportar Netflow v5 Configurar o Servidor de NTP Configurar o Forwarding Options com o Sampling Rate Configurar o Host que irá receber os Flows vindo do Roteador Configurar a interface para habilitar o Netflow na interface Vamos para a Configuração passo a passo Configurar o Servidor de NTP É importante configurar um Servidor de NTP pois os dados Flows usam timestamp de acordo com a hora do Roteador, caso o roteador esteja com uma hora diferente do servidor os dados não irão estar de acordo com a hora, gerando um desencontro de informações. É importante que seja configurado no mínimo 2 servidores de NTP e também o timezone de seu roteador. ## Utilizando os Servidores do a.ntp.br e b.ntp.brset system ntp server 200.160.0.8set system ntp server 200.189.40.8## Configurando o Time-Zoneset system time-zone America/Sao_Paulo## Forma padrão de visualizar a configuração do Juniperguilherme@vMX-BGP> show configuration systemsystem { time-zone America/Sao_Paulo; ntp { server 200.160.0.8; server 200.189.40.8; }} 2. Configurar o Forwarding Options com o Sampling Rate O sampling rate para evitar a sobrecarga da CPU de sua Routing Engine, ele cria uma amostra do trafego e exporta, assim o sistema de Netflow consegue receber os dados e aplicar um fator de multiplicação para que os dados fiquem com números reais. Para configurar utilize os comandos. O valor ideal do rate é dependendo de quanto trafego voce utiliza, um dica é importante é usar os valores acima de 200 e ir analisando a CPU de seu Roteador. ## Aplicando o valor de Rate em 500set forwarding-options sampling input rate 500## Forma de visualização do Juniper sem display-setforwarding-options { sampling { input { rate 500; } 3. Configurar o Host que irá receber os Flows vindo do Roteador Para configurar seu roteador para exportar o Netflow é necessário informar qual endereço IP do servidor irá receber os fluxos e qual porta UDP ele irá receber esse trafego. Para isso utilize os comandos: ## Exportando para o IP 192.168.210.47 na porta 2055 e utilizando a versão 5 do netflowset forwarding-options sampling family inet output flow-server 192.168.210.47 port 2055 set forwarding-options sampling family inet output flow-server 192.168.210.47 version 5## Visualização do Show sem display setguilherme@vMX-BGP> show configuration forwarding-options sampling { family inet { output { flow-server 192.168.210.47 { port 2055; version 5; } } } } 4. Configurar a interface para habilitar o Netflow na interface Após configurar o sampling rate e o flow server ainda é necessário ativar o Netflow nas interface que ele gerará os dados. Lembrando que é necessário configurar dentro de cada unit o comando. Para isso configure as interface dentro de cada unit com o seguinte comando: ### Aplicar o comando sampling input set interfaces ge-0/0/1 unit 0 family inet sampling input Configuração completa fica da seguinte forma: guilherme@vMX-BGP> show configuration | display set set system time-zone America/Sao_Paulo set system ntp server 200.160.0.8 set system ntp server 200.189.40.8 set interfaces ge-0/0/0 description “Fala com o Netflow” set interfaces ge-0/0/0 unit 0 family inet address 192.168.210.49/24 set interfaces ge-0/0/1 description “INTERFACE WAN – TRANSITO IP” set interfaces ge-0/0/1 unit 0 family inet sampling input set interfaces ge-0/0/1 unit 0 family inet address 200.200.200.1/30 set forwarding-options sampling input rate 500 set forwarding-options sampling family inet output flow-server 192.168.210.47 port 2055 set forwarding-options sampling family inet output flow-server 192.168.210.47 version 5## Forma de show do Juniperguilherme@vMX-BGP> show configuration Last commit: 2019-01-30 13:30:01 BRST by guilherme version 17.1R2.7; system { host-name vMX-BGP; time-zone America/Sao_Paulo; ntp { server 200.160.0.8; server 200.189.40.8; } } interfaces { ge-0/0/0 { description “Fala com o Netflow”; unit 0 { family inet { address 192.168.210.49/24; } } } ge-0/0/1 { description “INTERFACE WAN – TRANSITO IP”; unit 0 { family inet { sampling { input; } address 200.200.200.1/30; } } } } forwarding-options { sampling { input { rate 500; } family inet { output { flow-server 192.168.210.47 { port 2055; version 5; } } } } } Para facilitar ainda mais temos o video demonstrando a configuração de cada comando aplicado nesse tutorial Como bonus vamos postar as configuração de IPFIX para alguns tipos de roteadores Juniper MX204 A configuração para roteadores como o MX204, é possível utilizar o IPFIX (Netflow v10). Para configurar no MX204 utilize os comandos, alterando os IP’s Flow-server e source address. set services flow-monitoring version-ipfix template MADE4FLOW flow-active-timeout 60 set services flow-monitoring version-ipfix template MADE4FLOW flow-inactive-timeout 15 set services flow-monitoring version-ipfix template MADE4FLOW template-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW option-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW ipv4-template set services flow-monitoring version-ipfix template MADE4FLOW-v6 flow-active-timeout 60 set services flow-monitoring version-ipfix template MADE4FLOW-v6 flow-inactive-timeout 15 set services flow-monitoring version-ipfix template MADE4FLOW-v6 template-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW-v6 option-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW-v6 ipv6-template set chassis fpc 0 sampling-instance MADE4FLOW set chassis fpc 0 inline-services flow-table-size ipv4-flow-table-size 10 set chassis fpc 0 inline-services flow-table-size ipv6-flow-table-size 5 set forwarding-options sampling instance MADE4FLOW input rate 1000 set forwarding-options sampling instance MADE4FLOW input run-length 0 set forwarding-options sampling instance MADE4FLOW input max-packets-per-second 10000 set forwarding-options sampling instance MADE4FLOW family inet output flow-inactive-timeout 15 set forwarding-options sampling instance MADE4FLOW family inet output flow-active-timeout 60 set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 port 2055 set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 autonomous-system-type origin set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 version-ipfix template MADE4FLOW set forwarding-options sampling instance MADE4FLOW family inet output inline-jflow source-address 10.1.1.2 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-inactive-timeout 15 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-active-timeout 60 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-server 10.1.1.1 port 2055 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-server 10.1.1.1 autonomous-system-type origin set forwarding-options sampling instance
Netflow Configuration on Juniper Routers
Hello Today we will break down how to configure your Juniper router to export Netflow (jFlow). At the end of the article is the configuration using IPFIX (Netflow v10). Here we have the Network topology and the Netflow Server information These are the steps needed to configure a Juniper Router to export Netflow v5 Configure the NTP Server Configuring Forwarding Options with Sampling Rate Configure the Host that will receive the Flows coming from the Router Configure the interface to enable Netflow on the interface Let’s go to the step-by-step configuration Configure the NTP Server It is important to configure an NTP Server because the Flows data uses timestamp according to the router’s time. If the router has a different time than the server, the data will not agree with the time, generating a mismatch of information. It is important that you configure at least 2 NTP servers and also your router’s timezone. ## Using the Servers of the a.ntp.br and b.ntp.brset system ntp server 200.160.0.8set system ntp server 200.189.40.8## Setting the Time-Zoneset system time-zone America/Sao_Paulo## Default way to view the Juniper configurationguilherme@vMX-BGP> show configuration systemsystem { time-zone America/Sao_Paulo; ntp { server 200.160.0.8; server 200.189.40.8; }} 2. Configure Forwarding Options with the Sampling Rate The sampling rate to avoid overloading the CPU of your Routing Engine, it creates a sample of the traffic and exports it, so the Netflow system can receive the data and apply a multiplication factor to make the data real numbers. To configure, use the commands. The ideal value of the rate depends on how much traffic you use, a tip is important is to use values above 200 and analyze the CPU of your router. ## Applying the Rate value to 500set forwarding-options sampling input rate 500## Juniper display form without display-setforwarding-options { sampling { input { rate 500; } 3. Configure the Host that will receive the Flows coming from the Router To configure your router to export Netflow it is necessary to inform it which IP address the server will receive the flows and which UDP port it will receive this traffic on. To do this use the commands: ## Exporting to IP 192.168.210.47 on port 2055 and using netflow version 5set forwarding-options sampling family inet output flow-server 192.168.210.47 port 2055 set forwarding-options sampling family inet output flow-server 192.168.210.47 version 5## Show Preview without display setguilherme@vMX-BGP> show configuration forwarding-options sampling { family inet { output { flow-server 192.168.210.47 { port 2055; version 5; } } } } 4. Configure the interface to enable Netflow on the interface After setting the sampling rate and the flow server it is still necessary to activate Netflow on the interfaces where it will generate the data. Remember that it is necessary to configure the command inside each unit. To do this, configure the interfaces inside each unit with the following command: ### Apply the sampling input command set interfaces ge-0/0/1 unit 0 family inet sampling input The complete configuration looks like this: guilherme@vMX-BGP> show configuration | display set set system time-zone America/Sao_Paulo set system ntp server 200.160.0.8 set system ntp server 200.189.40.8 set interfaces ge-0/0/0 description “Talk to Netflow set interfaces ge-0/0/0 unit 0 family inet address 192.168.210.49/24 set interfaces ge-0/0/1 description “WAN INTERFACE – IP TRANSIT set interfaces ge-0/0/1 unit 0 family inet sampling input set interfaces ge-0/0/1 unit 0 family inet address 200.200.200.1/30 set forwarding-options sampling input rate 500 set forwarding-options sampling family inet output flow-server 192.168.210.47 port 2055 set forwarding-options sampling family inet output flow-server 192.168.210.47 version 5## Juniper Show Shapeguilherme@vMX-BGP> show configuration Last commit: 2019-01-30 13:30:01 BRST by guilherme version 17.1R2.7; system { host-name vMX-BGP; time-zone America/Sao_Paulo; ntp { server 200.160.0.8; server 200.189.40.8; } } interfaces { ge-0/0/0 { description “Talk to Netflow”; unit 0 { family inet { address 192.168.210.49/24; } } } ge-0/0/1 { description “WAN INTERFACE – IP TRANSIT”; unit 0 { family inet { sampling { input; } address 200.200.200.1/30; } } } } forwarding-options { sampling { input { rate 500; } family inet { output { flow-server 192.168.210.47 { port 2055; version 5; } } } } } To make it even easier we have the video demonstrating the configuration of each command applied in this tutorial As a bonus we will post the IPFIX configuration for some types of routers Juniper MX204 The configuration for routers like the MX204, you can use IPFIX (Netflow v10). To configure on MX204 use the commands, changing the Flow-server and source address IP’s. set services flow-monitoring version-ipfix template MADE4FLOW flow-active-timeout 60 set services flow-monitoring version-ipfix template MADE4FLOW flow-inactive-timeout 15 set services flow-monitoring version-ipfix template MADE4FLOW template-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW option-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW ipv4-template set services flow-monitoring version-ipfix template MADE4FLOW-v6 flow-active-timeout 60 set services flow-monitoring version-ipfix template MADE4FLOW-v6 flow-inactive-timeout 15 set services flow-monitoring version-ipfix template MADE4FLOW-v6 template-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW-v6 option-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW-v6 ipv6-template set chassis fpc 0 sampling-instance MADE4FLOW set chassis fpc 0 inline-services flow-table-size ipv4-flow-table-size 10 set chassis fpc 0 inline-services flow-table-size ipv6-flow-table-size 5 set forwarding-options sampling instance MADE4FLOW input rate 1000 set forwarding-options sampling instance MADE4FLOW input run-length 0 set forwarding-options sampling instance MADE4FLOW input max-packets-per-second 10000 set forwarding-options sampling instance MADE4FLOW family inet output flow-inactive-timeout 15 set forwarding-options sampling instance MADE4FLOW family inet output flow-active-timeout 60 set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 port 2055 set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 autonomous-system-type origin set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 version-ipfix template MADE4FLOW set forwarding-options sampling instance MADE4FLOW family inet output inline-jflow source-address 10.1.1.2 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-inactive-timeout 15 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-active-timeout 60 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-server 10.1.1.1 port 2055 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-server 10.1.1.1 autonomous-system-type origin set forwarding-options sampling instance MADE4FLOW family inet6 output flow-server 10.1.1.1 version-ipfix template MADE4FLOW-v6 set forwarding-options sampling
Configuración de Netflow en routers Juniper
Hola Hoy vamos a desglosar cómo configurar su router Juniper para exportar Netflow (jFlow). Al final del artículo está la configuración utilizando IPFIX (Netflow v10). Esta es la topología de la red y la información del servidor Netflow Estos son los pasos necesarios para configurar un router Juniper para exportar Netflow v5 Configurar el servidor NTP Configuración de opciones de reenvío con frecuencia de muestreo Configure el Host que recibirá los Flujos procedentes del Router Configurar la interfaz para activar Netflow en la interfaz Vamos con la configuración paso a paso Configurar el servidor NTP Es importante configurar un Servidor NTP ya que los datos de Flows utilizan timestamp de acuerdo a la hora del router, si el router está con un servidor horario diferente los datos no estarán de acuerdo a la hora, generando un desajuste de información. Es importante que configures al menos 2 servidores NTP y también la zona horaria de tu router. ## Utilización de los servidores del a.ntp.br y b.ntp.brset system ntp server 200.160.0.8set system ntp server 200.189.40.8## Configurar la zona horariaset system time-zone America/Sao_Paulo## Forma predeterminada de ver la configuración de Juniperguilherme@vMX-BGP> show configuration systemsistema { zona horaria América/Sao_Paulo; ntp { servidor 200.160.0.8; servidor 200.189.40.8; }} 2. Configuración de opciones de reenvío con frecuencia de muestreo La tasa de muestreo para evitar sobrecargar la CPU de su motor de enrutamiento, crea una muestra del tráfico y la exporta, para que el sistema Netflow pueda recibir los datos y aplicar un factor de multiplicación para convertir los datos en números reales. Para configurar utilice los comandos. El valor ideal de la tasa es en función de la cantidad de tráfico que utiliza, un consejo es importante es utilizar valores superiores a 200 y el análisis de la CPU de su router. ## Aplicando el valor de la Tasa a 500set forwarding-options sampling input rate 500## Juniper display form without display-setopciones de reenvío { muestreo { entrada { tipo 500; } 3. Configure el Host que recibirá los Flujos procedentes del Router Para configurar su router para exportar Netflow es necesario informar en qué dirección IP el servidor recibirá los flujos y en qué puerto UDP recibirá ese tráfico. Para ello, utilice los comandos: ## Exportando a IP 192.168.210.47 en puerto 2055 y usando netflow versión 5set forwarding-options sampling family inet output flow-server 192.168.210.47 port 2055 set forwarding-options sampling family inet output flow-server 192.168.210.47 version 5## Mostrar visualización sin configurarguilherme@vMX-BGP> show configuration forwarding-options muestreo { familia inet { salida { flow-server 192.168.210.47 { puerto 2055; versión 5; } } } } 4. Configurar la interfaz para activar Netflow en la interfaz Después de configurar la frecuencia de muestreo y el servidor de flujo, es necesario activar Netflow en la interfaz donde se generarán los datos. Recordando que es necesario configurar el comando dentro de cada unidad. Para ello, configure las interfaces dentro de cada unidad con el siguiente comando: ### Aplicar el comando de entrada de muestreo set interfaces ge-0/0/1 unit 0 family inet sampling input La configuración completa es la siguiente: guilherme@vMX-BGP> show configuration | display set set system time-zone America/Sao_Paulo set system ntp server 200.160.0.8 set system ntp server 200.189.40.8 set interfaces ge-0/0/0 description “Hablar con Netflow set interfaces ge-0/0/0 unit 0 family inet address 192.168.210.49/24 set interfaces ge-0/0/1 description “INTERFAZ WAN – TRÁNSITO IP set interfaces ge-0/0/1 unit 0 family inet sampling input set interfaces ge-0/0/1 unit 0 family inet address 200.200.200.1/30 set forwarding-options sampling input rate 500 set forwarding-options sampling family inet output flow-server 192.168.210.47 port 2055 set forwarding-options sampling family inet output flow-server 192.168.210.47 version 5## Juniper show formguilherme@vMX-BGP> mostrar configuración Última confirmación: 2019-01-30 13:30:01 BRST por guilherme versión 17.1R2.7; sistema { host-name vMX-BGP; zona horaria América/Sao_Paulo; ntp { servidor 200.160.0.8; servidor 200.189.40.8; } } interfaces { ge-0/0/0 { descripción “Hablar con Netflow”; unidad 0 { familia inet { dirección 192.168.210.49/24; } } } ge-0/0/1 { descripción “INTERFAZ WAN – TRÁNSITO IP”; unidad 0 { familia inet { muestreo { entrada; } dirección 200.200.200.1/30; } } } } opciones de reenvío { muestreo { entrada { tipo 500; } familia inet { salida { flow-server 192.168.210.47 { puerto 2055; versión 5; } } } } } Para hacerlo aún más fácil tenemos el vídeo que demuestra la configuración de cada comando aplicado en este tutorial Como extra publicaremos la configuración IPFIX para algunos tipos de routers Juniper MX204 Configuración para routers como el MX204, puede utilizar IPFIX (Netflow v10). Para configurar el MX204, utilice los comandos cambiando las IP del servidor de flujo y de la dirección de origen. set services flow-monitoring version-ipfix template MADE4FLOW flow-active-timeout 60 set services flow-monitoring version-ipfix template MADE4FLOW flow-inactive-timeout 15 set services flow-monitoring version-ipfix template MADE4FLOW template-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW option-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW ipv4-template set services flow-monitoring version-ipfix template MADE4FLOW-v6 flow-active-timeout 60 set services flow-monitoring version-ipfix template MADE4FLOW-v6 flow-inactive-timeout 15 set services flow-monitoring version-ipfix template MADE4FLOW-v6 template-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW-v6 option-refresh-rate seconds 30 set services flow-monitoring version-ipfix template MADE4FLOW-v6 ipv6-template set chassis fpc 0 sampling-instance MADE4FLOW set chassis fpc 0 inline-services flow-table-size ipv4-flow-table-size 10 set chassis fpc 0 inline-services flow-table-size ipv6-flow-table-size 5 set forwarding-options sampling instance MADE4FLOW input rate 1000 set forwarding-options sampling instance MADE4FLOW input run-length 0 set forwarding-options sampling instance MADE4FLOW input max-packets-per-second 10000 set forwarding-options sampling instance MADE4FLOW family inet output flow-inactive-timeout 15 set forwarding-options sampling instance MADE4FLOW family inet output flow-active-timeout 60 set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 port 2055 set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 autonomous-system-type origin set forwarding-options sampling instance MADE4FLOW family inet output flow-server 10.1.1.1 version-ipfix template MADE4FLOW set forwarding-options sampling instance MADE4FLOW family inet output inline-jflow source-address 10.1.1.2 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-inactive-timeout 15 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-active-timeout 60 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-server 10.1.1.1 port 2055 set forwarding-options sampling instance MADE4FLOW family inet6 output flow-server 10.1.1.1 autonomous-system-type origin set
Netflow Configuration on Mikrotik RouterOS Routers
Netflow Configuration on Mikrotik Routers
Configuração de Netflow em Roteadores Mikrotik RouterOS
Configuração de Netflow em Roteadores Mikrotik
