No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Configuration Guide - System Monitor 01

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Collecting Statistics About IPv4 Original Flows

Collecting Statistics About IPv4 Original Flows

Before collecting statistics about IPv4 original flows, familiarize yourself with the usage scenario, complete the pre-configuration tasks, and obtain the data required for the configuration.

Usage Scenario

On the network shown in Figure 3-2, a carrier enables NetStream on the router functioning as an NDE to obtain detailed network application information. The carrier can use the information to monitor abnormal network traffic, analyze users' operation modes, and plan networks between ASs.

Statistics about original flows are collected based on the 7-tuple information. The NetStream Data Exporter (NDE) samples IPv4 flows passing through it, collects statistics about sampled flows, encapsulates the aging NetStream original flows into UDP packets, and sends the packets to the NetStream Collector (NSC) for processing. Unlike collecting statistics about aggregated flows, collecting statistics about original flows imposes less impact on NDE performance. Original flows consume more storage space and network bandwidth resources because the volume of original flows is greater than that of aggregated flows.

Figure 3-2  Networking diagram for collecting IPv4 flow statistics

Pre-configuration Tasks

Before collecting the statistics about IPv4 original flows, configure static routes or enable an IGP to implement network connectivity.

Configuration Procedures

Figure 3-3  Collecting statistics about IPv4 original flows

Specifying a NetStream Service Processing Mode

After t sampling packets, each NetStream-enabled interface board sends sampled packets to the NetStream service processing board for aggregation and output. If the NE40E has more than one NetStream service processing board, these NetStream services boards work in redundancy mode to back up each other and balance traffic, which improves system reliability.

Context

NetStream services can be processed in the following modes:

  • Distributed mode

    An interface board samples packets, aggregates flows, and outputs flows.

  • Integrated mode

    An interface board only samples packets and sends sampled packets to the NetStream service processing board. The NetStream service processing board aggregates and outputs flows. If the data volume collected by the router is out of the processing capability of a single NetStream service processing board, additional NetStream service processing boards can be installed to balance traffic.

The ip netstream sampler to slot command has the same function as the ipv6 netstream sampler to slot command.

  • The execution of either command takes effect on all packets, and there is no need to configure both of them. If it is required to configure both of them, ensure that NetStream service processing modes are the same. A mode inconsistency causes an error.
  • If the interface board specified by one of the two commands serves as the master board working in integrated mode, the interface board manually specified serving as the backup board also works in integrated mode. For example, if the interface board in slot 1 is specified as the master board using the ip netstream sampler to slot command, the interface board in slot 2 is specified as the slave board using ipv6 netstream sampler to slot command. Interface boards in both slot 1 and slot 2 process IPv4 and IPv6 packets.

Procedure

  • Configure the distributed NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ip netstream sampler to slot self

      The distributed NetStream service processing mode is specified.

    4. Run:

      commit

      The configuration is committed.

  • Configure the integrated NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ip netstream sampler to slot slot-id1

      The integrated NetStream service processing mode is specified, and the NetStream service processing board is specified.

    4. (Optional) Run:

      ip netstream sampler to slot slot-id2 backup

      The integrated NetStream service processing mode is specified, and the backup NetStream service processing board is specified.

      If there are several NetStream service processing boards, you can specify a master service processing board and backup service processing boards. When load balancing is performed, interface boards dual homed to different NetStream service processing boards can back up each other.

    5. Run:

      commit

      The configuration is committed.

Outputting Original Flows

To ensure that original flows can be correctly output to the NMS, configure the aging time, output format, and source and destination addresses for original flows.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. (Optional) Run:

    ip
    netstream export version { 5 [ origin-as | peer-as ] | 9 [ origin-as | peer-as ] [ bgp-nexthop ] | ipfix [ origin-as | peer-as ] [ bgp-nexthop ] }

    The output format of original flows is configured.

    NetStream original flow packets support V5 and V9 as well as IPFIX packet formats. V5, IPFIX, and V9 packet formats are mutually exclusive.

    The V9 format allows the output original flows to carry more variable statistics, to expand newly defined flow elements more flexibly, and to generate new records more easily.

    Compared with the V9 format, the IPFIX format improves packet extensibility and compatibility, security, and reliability. In addition, the IPFIX format has an enterprise identifier field added. When setting this field, you must use the IPFIX format for the outputting of NetStream IPv4 original flows.

    The V5 format is fixed, and the system cost is low. In most cases, NetStream original flows are output in V5 format. In any of the following situations, NetStream original flows must be output in V9 format or IPFIX:
    • NetStream original flows need to carry BGP next-hop information.

    • Interface indexes carried in the output NetStream original flows need to be extended from 16 bits to 32 bits.

  3. (Optional) Run:

    ip netstream export template sequence-number fixed

    The sequence numbers of template packets and option template packets in IPFIX format are configured to remain unchanged, but data packets and option data packets in IPFIX format are still consecutively numbered.

  4. (Optional) Run:

    ip netstream export template timeout-rate timeout-interval

    The interval at which the template for outputting original flows in the V9 or IPFIX format is refreshed.

  5. Run:

    ip netstream export source { ip-address | ipv6 ipv6-address }

  6. Specify the destination IP address and UDP port number of the peer NSC for NetStream original flows in the system or slot view.

    • In the system view:

      Run:

      ip
      netstream export host { ip-address | ipv6 ipv6-address } port [ vpn-instance vpn-instance-name ]

      The destination IP address and UDP port number of the peer NSC are specified for NetStream original flows to be output.

    • In the slot view:

      1. Run:

        slot slot-id

        The view of the slot in which the interface board for NetStream sampling resides is displayed.

      2. Run:

        ip
        netstream export host { ip-address | ipv6 ipv6-address } port [ vpn-instance vpn-instance-name ]

        The destination IP address and UDP port number of the peer NetStream Collector (NSC) are specified for NetStream original flows to be output.

      3. Run:

        quit

        The system view is displayed.

  7. (Optional) Set parameters for aging original flows as needed.

    • Run:

      ip netstream timeout { active active-interval | active interval-second active-interval-second }

      The active aging time is set for NetStream original flows.

    • Run:

      ip netstream timeout inactive inactive-interval

      The inactive aging time is set for NetStream original flows.

  8. Run:

    commit

    The configuration is committed.

(Optional) Configuring NetStream Monitoring Services

NetStream services can be configured on the NetStream Data Exporter (NDE) to enable carriers to implement more delicate traffic statistics and management over IPv4 original flows.

Context

Increasing types of services and applications on networks urge carriers to provide more delicate management and accounting services.

If NetStream is configured on multiple interfaces on an NDE, all interfaces send traffic statistics to a single NetStream Collector (NSC). The NSC cannot distinguish interfaces, and therefore, cannot manage or analyze traffic statistics based on interfaces. In addition, the NSC will be overloaded due to a great amount of information.

NetStream monitoring configured on an NDE allows the NDE to send traffic statistics collected on specified interfaces to specified NSCs for analysis, which achieves interface-specific service monitoring. Traffic statistics can be balanced among these NSCs.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ip netstream monitor monitor-name

    A NetStream monitoring service is created and its view is displayed. If a NetStream monitoring service view already exists, the view is displayed.

  3. Run:

    ip
    netstream export host [ ip-address | ipv6 ipv6-address ] port [ vpn-instance vpn-instance-name ]

    The destination IP address and destination port number for traffic statistics are specified.

  4. Run:

    quit

    The system view is displayed.

  5. Run:

    interface interface-type interface-number

    The interface view is displayed.

  6. Run:

    ip netstream monitor monitor-name { inbound | outbound }

    NetStream monitoring services are configured in the inbound or outbound direction of an interface.

    NOTE:
    If NetStream monitoring services have been configured on the interface, statistics about original flows are sent to the destination IP address specified in the NetStream monitoring service view, not the system view.

  7. Run:

    commit

    The configuration is committed.

(Optional) Adjusting the AS Field Mode and Interface Index Type

Before the NetStream Collector (NSC) can properly receive and parse NetStream packets output by the NetStream Data Exporter (NDE), the AS field modes and interface index types configured on the NDE must be the same as those on the NSC.

Context

Before you enable the NSC to properly receive and parse NetStream packets output by the NDE, specify the same AS field mode and interface index type on the NDE and NSC.
  • AS field mode: The length of the AS field in IP packets can be set to 16 bits or 32 bits. Devices on a network must use the same AS field mode. An AS field mode inconsistency causes NetStream to fail to sample inter-AS traffic.

    NOTICE:

    If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field. If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-AS traffic sent by devices.

  • Interface index: The NMS uses an interface index carried in a NetStream packet output by the NDE to query information about the interface that sends the packet. The interface index can be 16 or 32 bits long. The index length is determined by NMS devices of different vendors. Therefore, the NDE must use a proper interface index type that is also supported by the NMS.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ip netstream as-mode { 16 | 32 }

    The AS field mode is specified on the router.

  3. Run:

    ip
    netstream export index-switch { 16 | 32 }

    The type of the interface index carried in the NetStream packet output by the router is configured.

    An interface index can be changed from 16 bits to 32 bits only after the following conditions are met:
    • Original flows are output in V9 or IPFIX format.
    • The NetStream packet format for all aggregated flows is V9 or IPFIX format.

(Optional) Enabling Statistics Collection of TCP Flags

There are six flag bits (URG, ACK, PSH, RST, SYN, and FIN) in a TCP packet header. The flag bits, together with the destination IP address, source IP address, destination port number, and source port number of a TCP packet, identify the function and status of the TCP packet on a TCP connection. TCP flags can be extracted from packets. Their statistics can be collected and sent to the NMS. The NMS checks the traffic volume of each flag and determines whether the network is attacked by TCP packets.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ip
    netstream tcp-flag enable

    Statistics collection of TCP flags is enabled.

    An original flow for each flag value is created. If statistics collection for TCP flags is enabled, the number of original flows will greatly increase.

  3. Run:

    commit

    The configuration is committed.

(Optional) Configuring NetStream Interface Option Packets and Setting Option Template Refreshing Parameters

This section describes how to configure NetStream interface option packets and set option template refreshing parameters.

Context

No matter whether traffic statistics are exported as original flows or aggregated flows, option packet data is exported to the NetStream Collector (NSC) as a supplement. In this way, the NetStream Data Exporter (NDE) can obtain information, such as the sampling ratio and whether the sampling function is enabled, to reflect the actual network traffic.

At present, the following option packets are supported:
  • Interface option packets: These packets are used to send the NetStream configurations of all the boards on the NDE to the NSC in a scheduled manner. The configurations cover the interface index, statistics collection direction, and sampling value in the inbound/outbound direction.
  • Time application label (TAL) option packets: These packets are used to send application label data to the NSC. The application label option function provides data, such as the application type of system labels, for users to collect L3VPN NetStream statistics.

Option packets, which are independent of statistics packets, are exported to the NSC in V9 or IPFIX format. Therefore, the required option template is sent to the NMS for parsing option packets. You can set option template refreshing parameters as needed to regularly refresh the template to notify the NSC of the latest option template format.

Procedure

  • Configure interface option packets to be exported in V9 or IPFIX format.
    1. Run the system-view command to enter the system view.
    2. Run the ip netstream export template option sampler command to enable the function of exporting statistics about interface option packets.
  • Set option template refreshing parameters for interface option packets to be exported in V9 or IPFIX format.
    1. Run the system-view command to enter the system view.
    2. Set option template refreshing parameters.

      • Run the ip netstream export template option { refresh-rate packet-interval | timeout-rate timeout-interval } command to set the packet sending interval and timeout interval for option template refreshing.

      An option template can be refreshed at a fixed packet sending interval or timeout interval. The two intervals can both take effect. In the command, refresh-rate packet-interval indicates that the option template is refreshed at a fixed packet sending interval, and timeout-rate timeout-interval indicates that the option template is refreshed at a fixed timeout interval.

Sampling IPv4 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows on an interface.

Context

NOTE:

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN instance are sampled.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Configure sampling mode and sampling ratio, perform at least one of the following steps:

    • Configure a sampling mode and sampling ratio globally.
      1. Run:
        ip netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured globally.

      2. Run:
        interface interface-type interface-number

        The interface view is displayed.

    • Configure sampling mode and sampling ratio for the interface.
      1. Run:
        interface interface-type interface-number

        The interface view is displayed.

      2. Run:
        ip netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured for the interface.

        NOTE:
        The sampling mode and sampling ratio configured in the system view are applicable to all interfaces on the device. The sampling mode and sampling ratio configured in the interface view takes precedence over those configured in the system view.

  3. Run:

    ip
    netstream { inbound | outbound }

    NetStream is enabled on the interface.

    Statistics about packets' BGP next-hop information can also be collected. Original flows output in V5 format, however, cannot carry the BGP next-hop information.

  4. Run:

    commit

    The configuration is committed.

Checking the Configurations

In routine maintenance or after NetStream configurations are complete, you can run the display commands in any view to view the running status of NetStream functions.

Procedure

  • Run the display ip netstream cache origin slot slot-id command to check information about the NetStream buffer.

    NOTE:

    If the netstream sampling function configured in the outbound logical interface, running the command can only display the information about the NetStream buffer of the physical interface on which the logical interface configured.

  • Run the display ip netstream statistics slot slot-id command to view statistics about NetStream flows.
  • Run the display netstream { all | global | interface interface-type interface-number } command to check NetStream configurations in different views.
  • Run the display ip netstream statistics interface interface-type interface-number command to view the statistics about the sampled packets on an interface.
  • Run the display ip netstream monitor { all | monitor-name } command to check the monitoring information about IPv4 original flows.

Example

Run the display ip netstream cache origin slot slot-id command to view statistics about IP packets cached in the NetStream buffer on the router.
<HUAWEI> display ip netstream cache origin slot 1
 DstIf                         
 SrcIf                           
 DstP                          Msk          Pro            Tos 
 SrcP                          Msk          Flags          
 Packets                                                   Bytes
 NextHop                                                   Direction
 DstIP                                                     DstAs
 SrcIP                                                     SrcAs
 BGP: BGP NextHop                                          TopLabelType
 Label1                        Exp1         Bottom1
 Label2                        Exp2         Bottom2
 Label3                        Exp3         Bottom3
 TopLabelIpAddress                          VlanId         VniId

 --------------------------------------------------------------------------

 Unknown                                                          
 GigabitEthernet1/0/0                                            
 0                             0            253            0
 0                             0            0              

 3                                                         384       
 0.0.0.0                                                   in
 192.172.133.151                                           0         
 192.172.131.151                                           0         
 0.0.0.0                                                   UNKNOWN             
 0                             0            0         
 0                             0            0         
 0                             0            0         
 0.0.0.0                                    0              0        


 Unknown                                                          
 GigabitEthernet1/0/1                                            
 0                             0            253            0  
 0                             0            0              

 1                                                         128       
 0.0.0.0                                                   in
 192.173.81.232                                            0         
 192.173.79.232                                            0         
 0.0.0.0                                                   UNKNOWN             
 0                             0            0         
 0                             0            0         
 0                             0            0         
 0.0.0.0                                    0              0

Run the display ip netstream statistics slot slot-id command to view statistics about NetStream flows.
<HUAWEI> display ip netstream statistics slot 1 
 Netstream statistic information on slot 1:

--------------------------------------------------------------------------------
 length of packets  Number                   Protocol   Number
--------------------------------------------------------------------------------
 1      ~    64   : 0                        IPV4     : 2779            
 65     ~    128  : 985                      IPV6     : 0            
 129    ~    256  : 1                        MPLS     : 0                   
 257    ~    512  : 360                      L2       : 0                   
 513    ~    1024 : 360                      Total    : 2779           
 1025   ~    1500 : 357                 
 longer than 1500 : 716                


--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
 Aggregation   Current Streams       Aged Streams
               Created Streams       Exported Packets      Exported Streams
--------------------------------------------------------------------------------
 origin        2                     92                
               94                    65                    92                
 as            0                     0                    
               0                     0                     0                   
 as-tos        0                     0                   
               0                     0                     0                   
 protport      0                     0                   
               0                     0                     0                   
 protporttos   0                     0                   
               0                     0                     0                   
 srcprefix     0                     0               
               0                     0                     0               
 srcpretos     0                     0               
               0                     0                     0               
 dstprefix     0                     0                   
               0                     0                     0                   
 dstpretos     0                     0                   
               0                     0                     0                   
 prefix        0                     0               
               0                     0                     0               
 prefix-tos    0                     0               
               0                     0                     0                
 mpls-label    0                     0                    
               0                     0                     0                    
 vlan-id       0                     0                    
               0                     0                     0                    
 bgp-nhp-tos   0                     0                   
               0                     0                     0                   
 index-tos     0                     0                   
               0                     0                     0                   
 src-index-tos 0                     0                   
               0                     0                     0                   
 bgp-community                       0                     0                                                                        
               0                     0                     0                                                                        
 vni-sip-dip                         0                     0                                                                        
               0                     0                     0                                                                        
 system: bbbb                        0                     0                                                                
               0                     0                     0                                                                
 aaaa                                0                     0                                                                        
               0                     0                     0                                                                        
 bbbb                                0                     0                                                                                                                                           
 all-aggre     2                     92                    0                                                                
               94                    65                    92                                                                
--------------------------------------------------------------------------------                     
 srcprefix = source-prefix,   srcpretos = source-prefix-tos,
 dstprefix = destination-prefix,   dstpretos = destination-prefix-tos,
 protport = protocol-port,   protporttos = protocol-port-tos,
 src-index-tos = source-index-tos,   all-aggre = all aggregation streams
 "---" means that the current board is not supported.
Run the display ip netstream statistics interface interface-type interface-number command to view the statistics about the sampled packets on an interface.
<HUAWEI> display ip netstream statistics interface GigabitEthernet1/0/0
Netstream statistic information of <GigabitEthernet1/0/0>:

 Inbound :

 IPV4 :1000 Bytes, 10 Packets

 IPV6 :1000 Bytes, 10 Packets

 MPLS :0  Bytes, 0  Packets

 Total :2000 Bytes, 20 Packets

 Outbound :

 IPV4 :1000 Bytes, 10 Packets

 IPV6 :1000 Bytes, 10 Packets

 MPLS :0  Bytes, 0  Packets

 Total :2000 Bytes, 20
 Packets

Run the display netstream { all | global | interface interface-type interface-number } command to view NetStream configurations in different views.

<HUAWEI> display netstream all
system
ip netstream export version 9 origin-as
ip netstream timeout active 50
ip netstream timeout inactive 10
ip netstream export source 10.1.1.1
ip netstream export host 4.4.4.4 10000
ip netstream aggregation as
 enable
 export version 9
 ip netstream export source 1.1.1.2
 ip netstream export host 3.3.3.3 555
 ip netstream export host 1.1.1.2 55
slot 1
interface GigabitEthernet1/0/3
 ip netstream sampler fix-packets 1000 inbound
Slot
 Slot 1:ip netstream sampler to slot 2

Run the display ip netstream monitor { all | monitor-name } command to view the monitoring information about IPv4 original flows.

<HUAWEI> display ip netstream monitor monitora
Monitor monitora
 ID        : 1
 AppCount  : 0

 Address                                   Port            
 1.1.1.1                                   1               
 2.2.2.2                                   2               
------------------------------------------------------------
Download
Updated: 2018-07-12

Document ID: EDOC1100028538

Views: 31695

Downloads: 235

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next