Besides the Juniper specifics on which i do agree. The fact that NetFlow v5 doesn't carry L2 information doesn't per-se imply it can't be theorically applied to L2 interfaces and report on upper layers - making it fair, on a multi-layer thing. Which is the underlying issue here.
Cheers, Paolo On Fri, Apr 16, 2010 at 12:12:12PM -0400, Chris Tracy wrote: > > It is possible to get cflow working in a L2 way ? > > Hi Giuliano, > > The short answer is, unfortunately, no. > > NetFlow v5 does not have any fields for Layer 2 information: > http://netflow.caligare.com/netflow_v5.htm > > Although NetFlow v9 does have such fields, you (a) only get NetFlow v9 > functionality on a Juniper if you have a Services PIC installed and (b) are > limited by the NetFlow v9 templates that JUNOS implements. See the section > titled "Fields Included in Each Template Type" for a description of each > NetFlow v9 template at > http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-collections/config-guide-services/services-configuring-flow-aggregation-to-use-version-9-flow-templates.html. > > Juniper supports sFlow (which would give you L2 info) on their EX switches, > but not on their routers. Perhaps when/if IPFIX support comes along, you > might be able to get what you are looking for. > > You could use port mirroring or an optical tap with various open-source tools > running on a Unix host to do the kind of monitoring you are looking for. > > Cheers, > -Chris > > > On Apr 16, 2010, at 11:52 AM, GIULIANO (UOL) wrote: > > > People, > > > > Good afternoon, > > > > We have a curious situation in a client's environment. > > > > It has a M7i router with 2 IQ2E (4 GE) PICs. > > > > It wants one of its PICs plugged into a L2 switch (802.1Q Trunk Mode) > > and the another one plugged (via 1 giga of 4 ports only) to another L2 > > switch. > > > > > > M7i > > / \ > > S1 S2 > > > > > > Both Giga ports are simpled configured like: > > > > nterfaces { > > ge-0/0/0 { > > vlan-tagging; > > > > nterfaces { > > ge-0/1/0 { > > vlan-tagging; > > > > > > L2 Trunk Ethernet only without L3 configuration. > > > > It is possible to get flow information about the encapsulated vlans > > (10,20,30,40, etc) inside the trunk traffic ? ... without configuring ip > > (4 or 6) or creating vlan interfaces ? > > > > It is possible to get cflow working in a L2 way ? > > > > Does anyone has configured it before using JUNIPER ? Can you send or > > point to me some samples of configuration ? > > > > Thanks a lot, > > > > Giuliano > > > > > > > > > > > > > > -- > Chris Tracy <ctr...@es.net> > Energy Sciences Network (ESnet) > Lawrence Berkeley National Laboratory > > > > >
