Juniper SRX Configuration

    You can perform Juniper SRX configuration using the following steps:

    Config t
    set forwarding-options sampling input family inet rate 1000
    set forwarding-options sampling input family inet run-length 9
    set forwarding-options sampling input family inet max-packets-per-second 7000
    set forwarding-options sampling output flow-server {NETFLOW_SERVER_IP} port {NETFLOW_SERVER_LISTENER_PORT}
    set forwarding-options sampling output flow-server {NETFLOW_SERVER_IP} autonomous-system-type origin
    set forwarding-options sampling output flow-server {NETFLOW_SERVER_IP} no-local-dump
    set forwarding-options sampling output flow-server {NETFLOW_SERVER_IP} source-address {DEVICE_IP}
    set forwarding-options sampling output flow-server {NETFLOW_SERVER_IP} version 5

    set firewall filter Netflow-filter term allow-any then sample
    set firewall filter Netflow-filter term allow-any then accept

    Enter global configuration mode on the router or MSFC, and issue the following commands for each interface on which you want to enable flow:

    set interfaces {INTERFACE_NAME} unit 0 family inet sampling input
    set interfaces {INTERFACE_NAME} unit 0 family inet sampling output
    set interfaces {INTERFACE_NAME} unit 0 family inet address $Interface_IP

    Juniper SRX flexible:

    Config t
    set services flow-monitoring version9 template IPV4-JFLOW-TEMPLATE ipv4-template
    set services flow-monitoring version9 template IPV4-JFLOW-TEMPLATE ipv4-template flow-active-timeout 60
    set services flow-monitoring version9 template IPV4-JFLOW-TEMPLATE ipv4-template flow-inactive-timeout 60
    set services flow-monitoring version9 template ipv4-template template-refresh-rate packets 100

    set services flow-monitoring version9 template IPV4-JFLOW-TEMPLATE ipv4-template template-refresh-rate second 60
    set forwarding-options sampling input rate 100
    set forwarding-options sampling input run-length 9
    set forwarding-options sampling family inet output flow-server {NETFLOW_SERVER_IP} port {NETFLOW_SERVER_LISTENER_PORT}
    set forwarding-options sampling family inet output flow-server {NETFLOW_SERVER_IP} autonomous-system-type origin
    set forwarding-options sampling family inet output flow-server {NETFLOW_SERVER_IP} no-local-dump
    set forwarding-options sampling family inet output flow-server {NETFLOW_SERVER_IP} version9 template IPV4-JFLOW-TEMPLATE
    set forwarding-options sampling family inet output inline-jflow source-address {DEVICE_IP}

    Enter global configuration mode on the router or MSFC, and issue the following commands for each interface on which you want to enable flow:

    set interfaces {INTERFACE_NAME} unit 0 family inet sampling input

    Thank you for your feedback!

    Was this content helpful?

    We are sorry. Help us improve this page.

    How can we improve this page?
    Do you need assistance with this topic?
    By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.