Description
This article provides an example of configuring J-Flow on an SRX Series device.
Note: J-Flow does not require a license on SRX devices.
Symptoms
J-Flow versions 5, 8, and 9 are supported on SRX Series devices.
J-Flow version 9 on standalone devices is supported as of:
SRX Branch devices (SRX1x0, SRX2x0, SRX550, SRX650)
Junos 10.4
SRX-HE devices (SRX1400, SRX3x00, SRX5x00)
Junos 12.1X45-D10
SRX3x0 & SRX550M
Junos 15.1X49-D30
SRX1500, SRX4100, SRX4200, vSRX
15.1X49-D80
SRX4600
Junos 17.4R1-S1
J-Flow version 9 on chassis cluster devices as of:
SRX Branch devices (SRX-300/320/340/345/380/550HM)
Junos 20.1R1
SRX-HE devices (SRX1400, SRX3x00, SRX5x00)
Junos 12.1X45-D10
SRX1500, SRX4100, SRX4200, vSRX
Junos 15.1X49-D80
SRX4600
Junos 17.4R1-S1
Configuration example for J-Flow version 9 for SRX-Branch standalone devices (SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, SRX650)
Note: SRX Branch chassis clusters do not support the use of J-flow version 9.
The following procedure provides an example of the J-Flow configuration for version 9:
Configure the J-Flow v9 template (as of now, only the IPv4 template is supported):
user@host# set services flow-monitoring version9 template ipv4-test ipv4-template
Specify the sampling rate and run-length:
user@host# set forwarding-options sampling input rate 100 user@host# set forwarding-options sampling input run-length 0
Configure the external flow collector and its port address. The J-Flow v9 template is associated with the external flow collector. Up to eight flow collectors can be simultaneously configured:
user@host# set forwarding-options sampling family inet output flow-server 10.10.10.1 port 2222 user@host# set forwarding-options sampling family inet output flow-server 10.10.10.1 version9 template ipv4-test
Configure the inline-jflow, so that the sampling and the J-Flow service thread are implemented in the forwarding engine:
user@host# set forwarding-options sampling family inet output inline-jflow source-address 10.10.10.10
Configure the sampling filter on an interface (or interfaces) in the direction in which the J-Flow service is required:
user@host# set interfaces ge-0/0/14 unit 0 family inet sampling input user@host# set interfaces ge-0/0/14 unit 0 family inet address 2.2.2.1/24
Configuration example for J-Flow versions 5 and 8 :
The following procedure provides an example of the J-Flow configuration for versions 5 and 8 (this procedure should also work with NetFlow versions 5 and 8):
Enable sampling on one or more interfaces and specify the direction:
user@host# set interfaces ge-0/0/0 unit 0 family inet sampling input user@host# set interfaces ge-0/0/0 unit 0 family inet sampling output
Specify the sampling rate:
Caution : Activation of flow collection can have a significant impact on the performance of the SRX Series device. The smaller the sample rate, bigger the impact. It is recommended to not use a sampling input rate of 1.
user@host# set forwarding-options sampling input rate 100
Specify the UDP port number of the host that is collecting
cflowdpackets:
user@host# set forwarding-options sampling family inet output flow-server 10.10.10.1 port 2056
Specify the version format: 5, 8, or 500 (ASN 500):
If version 5:
user@host# set forwarding-options sampling family inet output flow-server 10.10.10.1 version 5
If version 500:
user@host# set forwarding-options sampling family inet output flow-server 10.10.10.1 version 500
If version 8:
user@host# set forwarding-options sampling family inet output flow-server 10.10.10.1 version 8 user@host# set forwarding-options sampling family inet output flow-server 10.10.10.1 aggregation source-destination-prefix caida-compliant
Configure the NTP server details:
user@host# set system ntp server 10.10.10.254
Application Note
Juniper Flow Monitoring (includes diagrams of how J-Flow works and v9 configuration example)