No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Configuration Guide - System Monitor 01

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Collecting Statistics About IPv6 Original Flows

Collecting Statistics About IPv6 Original Flows

Before collecting statistics about IPv6 original flows, familiarize yourself with the usage scenario, complete the pre-configuration tasks, and obtain the data required for the configuration.

Usage Scenario

On the network shown in Figure 3-6, a carrier enables NetStream on the router functioning as an NDE to obtain detailed network application information. The carrier can use the information to monitor abnormal network traffic, analyze users' operation modes, and plan networks between ASs.

Statistics about original flows are collected based on the 7-tuple information. The NetStream Data Exporter (NDE) samples IPv6 flows passing through it, collects statistics about sampled flows, encapsulates the aging NetStream original flows into UDP packets, and sends the packets to the NetStream Collector (NSC) for processing. Unlike collecting statistics about aggregated flows, collecting statistics about original flows imposes less impact on NDE performance. Original flows consume more storage space and network bandwidth resources because the volume of original flows is greater than that of aggregated flows.

Figure 3-6  Networking diagram for collecting IPv6 flow statistics

Pre-configuration Tasks

Before collecting the statistics about IPv6 original flows, complete the following task:

  • Configure parameters of the link layer protocol and IP addresses for interfaces so that the link layer protocol on the interfaces can go Up.

  • Configure static routes or enable an IGP to implement network connectivity.

Configuration Procedures

Figure 3-7  Collecting statistics about IPv6 original flows

Specifying a NetStream Service Processing Mode

After sampling packets, each NetStream-enabled interface board sends sampled packets to the NetStream service processing board for aggregation and output. If the NE40E has more than one NetStream service processing board, these NetStream services boards work in redundancy mode to back up each other and balance traffic, which improves system reliability.

Context

NetStream services can be processed in the following modes:

  • Distributed mode

    An interface board samples packets, aggregates flows, and outputs flows.

  • Integrated mode

    An interface board only samples packets and sends sampled packets to the NetStream service processing board. The NetStream service processing board aggregates and outputs flows. If the data volume collected by the router is out of the processing capability of a single NetStream service processing board, additional NetStream service processing boards can be installed to balance traffic.

The ip netstream sampler to slot command has the same function as the ipv6 netstream sampler to slot command.

  • The execution of either command takes effect on all packets, and there is no need to configure both of them. If it is required to configure both of them, ensure that NetStream service processing modes are the same. A mode inconsistency causes an error.
  • If the interface board specified by one of the two commands serves as the master board working in integrated mode, the interface board manually specified serving as the backup board also works in integrated mode. For example, if the interface board in slot 1 is specified as the master board using the ip netstream sampler to slot command, the interface board in slot 2 is specified as the slave board using ipv6 netstream sampler to slot command. Interface boards in both slot 1 and slot 2 process IPv4 and IPv6 packets.

Procedure

  • Specify the distributed NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ipv6 netstream sampler to slot self

      The distributed NetStream service processing mode is specified.

    4. Run:

      commit

      The configuration is committed.

  • Specify the integrated NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ipv6 netstream sampler to slot slot-id1

      The integrated NetStream service processing mode is specified, and the NetStream service processing board is specified.

    4. (Optional) Run:

      ipv6 netstream sampler to slot slot-id2 backup

      The integrated NetStream service processing mode is specified, and the backup NetStream service processing board is specified.

      If there are several NetStream service processing boards, you can specify a master service processing board and backup service processing boards. When load balancing is performed, interface boards dual homed to different NetStream service processing boards can back up each other.

    5. Run:

      commit

      The configuration is committed.

Outputting Original Flows

To ensure that original flows can be correctly output to the NMS, configure the aging time, output format, and source and destination addresses for original flows.

Context

IPv6 original flows can be output only in V9 or IPFIX format.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ipv6 netstream export
    version { 9 [ origin-as | peer-as ] [ bgp-nexthop ] | ipfix [ origin-as | peer-as ] [ bgp-nexthop ] }

    The output format of original flows is configured.

  3. (Optional) Run:

    ipv6 netstream export template sequence-number fixed

    The sequence numbers of template packets and option template packets in IPFIX format are configured to remain unchanged, but data packets and option data packets in IPFIX format are still consecutively numbered.

  4. (Optional) Run:

    ipv6 netstream export template timeout-rate timeout-interval

    The interval at which the template for outputting original flows in the V9 or IPFIX format is refreshed.

  5. Run:

    ipv6 netstream export source { ip-address | ipv6 ipv6-address }

  6. Specify the destination IP address and UDP port number of the peer NSC for NetStream original flows in the system or slot view.

    • In the system view:

      Run:

      ipv6
      netstream export host { ip-address | ipv6 ipv6-address } port [ vpn-instance vpn-instance-name ]

      The destination IP address and destination port number for traffic statistics are specified.

    • In the slot view:

      1. Run:

        slot slot-id

        The view of the slot in which the interface board for NetStream sampling resides is displayed.

      2. Run:

        ipv6
        netstream export host { ip-address | ipv6 ipv6-address } port [ vpn-instance vpn-instance-name ]

        The destination IP address and destination port number for traffic statistics are specified.

      3. Run:

        quit

        The system view is displayed.

  7. (Optional) Set parameters for aging original flows.

    • Run:

      ipv6 netstream timeout { active active-interval | active interval-second active-interval-second }

      The active aging time is set for NetStream original flows.

    • Run:

      ipv6 netstream timeout inactive inactive-interval

      The inactive aging time is set for NetStream original flows.

  8. Run:

    commit

    The configuration is committed.

(Optional) Configuring NetStream Monitoring Services

NetStream monitoring services can be configured on the NetStream Data Exporter (NDE), which enables carriers to implement more delicate traffic statistics and management over IPv6 original flows.

Context

Increasing types of services and applications on networks urge carriers to provide more delicate management and accounting services.

If NetStream is configured on multiple interfaces on an NDE, all interfaces send traffic statistics to a single NetStream Collector (NSC). The NSC cannot distinguish interfaces, and therefore, cannot manage or analyze traffic statistics based on interfaces. In addition, the NSC will be overloaded due to a great amount of information.

NetStream monitoring configured on an NDE allows the NDE to send traffic statistics collected on specified interfaces to specified NSCs for analysis, which achieves interface-specific service monitoring. Traffic statistics can be balanced among these NSCs.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ipv6 netstream monitor monitor-name

    A NetStream monitoring service view is created and displayed. If a NetStream monitoring service view already exists, the view is displayed.

  3. Run:

    ipv6
    netstream export host [ ip-address | ipv6 ipv6-address ] port [ vpn-instance vpn-instance-name ]

    The destination IP address and destination port number for traffic statistics are specified.

  4. Run:

    quit

    The system view is displayed.

  5. Run:

    interface interface-type interface-number

    The interface view is displayed.

  6. Run:

    ipv6 netstream monitor monitor-name { inbound | outbound }

    NetStream monitoring services are configured in the inbound or outbound direction of an interface.

    NOTE:
    If NetStream monitoring services have been configured on the interface, statistics about original flows are sent to the destination IP address specified in the NetStream monitoring service view, not the system view.

  7. Run:

    commit

    The configuration is committed.

(Optional) Adjusting the AS Field Mode and Interface Index Type

Before the NetStream Collector (NSC) can properly receive and parse NetStream packets output by the NetStream Data Exporter (NDE), the AS field modes and interface index types configured on the NDE must be the same as those on the NSC.

Context

Before you enable the NSC to properly receive and parse NetStream packets output by the NDE, specify the same AS field mode and interface index type on the NDE and NSC.
  • AS field mode: The length of the AS field in IP packets can be set to 16 bits or 32 bits. Devices on a network must use the same AS field mode. An AS field mode inconsistency causes NetStream to fail to sample inter-AS traffic.

    NOTICE:

    If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field. If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-AS traffic sent by devices.

  • Interface index: The NMS uses an interface index carried in a NetStream packet output by the NDE to query information about the interface that sends the packet. The interface index can be 16 or 32 bits long. The index length is determined by NMS devices of different vendors. Therefore, the NDE must use a proper interface index type that is also supported by the NMS.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ipv6 netstream as-mode { 16 | 32 }

    The AS field mode is specified on the router.

  3. Run:

    ipv6 netstream export index-switch { 16 | 32 }

    The type of the interface index carried in the NetStream packet output by the router is specified.

    An interface index can be changed from 16 bits to 32 bits only after the following conditions are met:
    • Original flows are output in V9 or IPFIX format.
    • Aggregated flows are output in V9 or IPFIX format.

(Optional) Enabling Statistics Collection of TCP Flags in Original Flows

There are six flag bits (URG, ACK, PSH, RST, SYN, and FIN) in a TCP packet header. The flag bits, together with the destination IP address, source IP address, destination port number, and source port number of a TCP packet, identify the function and status of the TCP packet on a TCP connection. TCP flags can be extracted from packets. Their statistics can be collected and sent to the NMS. The NMS checks the traffic volume of each flag and determines whether the network is attacked by TCP packets.

Context

Perform the following steps on the router on which TCP flag statistics are to be collected.

By enabling statistics collection of TCP flags, you can extract the TCP-flag information from network packets and send it to the NMS. The NMS can determine whether there are flood attacks to the network.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ipv6 netstream tcp-flag enable

    Statistics collection of TCP flags in original flows is enabled.

  3. Run:

    commit

    The configuration is committed.

Sampling IPv6 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows on an interface.

Context

NOTE:

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN instance are sampled.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Configure sampling mode and sampling ratio, perform at least one of the following steps:

    • Configure a sampling mode and sampling ratio globally.
      1. Run:
        ipv6 netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured globally.

      2. Run:
        interface interface-type interface-number

        The interface view is displayed.

    • Configure sampling mode and sampling ratio for the interface.
      1. Run:
        interface interface-type interface-number

        The interface view is displayed.

      2. Run:
        ipv6 netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured for the interface.

        NOTE:
        The sampling mode and sampling ratio configured in the system view are applicable to all interfaces on the device. The sampling mode and sampling ratio configured in the interface view takes precedence over those configured in the system view.
        The ip netstream sampler command has the same function as the ipv6 netstream sampler command.
        • The execution of either command takes effect on all packets, and there is no need to configure both of them. If it is required to configure both of them, ensure that sampling modes configured by the ip netstream sampler and ipv6 netstream sampler commands are the same.
        • Packets are sampled at the set sampling ratio, regardless of packet types. For example, if the sampling ratio in fixed packet sampling mode is set to 1000:1, one packet will be sampled every 1000 packets, regardless of these packets are IPv4 or IPv6 packets.

  3. Run:

    ipv6 netstream { inbound | outbound }

    NetStream is enabled on the interface.

    Statistics about packets' BGP next-hop information can also be collected. Original flows output in V5 format, however, cannot carry the BGP next-hop information.

  4. Run:

    commit

    The configuration is committed.

Checking the Configurations

In routine maintenance or after NetStream configurations are complete, you can run the display commands in any view to check whether NetStream is enabled on the device.

Prerequisites

NetStream IPv6 flow statistics have been collected.

Procedure

  • Run the display ipv6 netstream cache origin slot slot-id command to check information about the NetStream buffer.
  • Run the display ipv6 netstream statistics slot slot-id command to check statistics about NetStream flows.
  • Run the display ipv6 netstream monitor { all | monitor-name } command to check the monitoring information about IPv6 original flows.

Example

Run the display ipv6 netstream cache origin slot slot-id command to view statistics about IP packets cached in the NetStream buffer on the router.
<HUAWEI> display ipv6 netstream cache origin slot 1

 DstIf                         
 SrcIf                           
 DstP                          Msk          Pro            Tos 
 SrcP                          Msk          Flags          
 Packets                                                   Bytes
 NextHop                                                   Direction
 DstIP                                                     DstAs
 SrcIP                                                     SrcAs
 BGP: BGP NextHop                                          TopLabelType
 Label1                        Exp1         Bottom1
 Label2                        Exp2         Bottom2
 Label3                        Exp3         Bottom3
 TopLabelIpAddress                          VlanId         VniId
 --------------------------------------------------------------------------

 Unknown                                                          
 GigabitEthernet1/0/1                                          
 0                             0            59             0  
 0                             0            0              
 443426                                                    56758528  
 ::                                                        in
 FEC0::101:200:0:C055:101                                  0         
 FEC0::101:200:0:C0A8:101                                  0         
 ::                                                        UNKNOWN             
 0                             0            0         
 0                             0            0         
 0                             0            0         
 0.0.0.0                                    0              0
Run the display ipv6 netstream statistics slot slot-id command to view statistics about NetStream IPv6 flows.
<HUAWEI> system-view
[~HUAWEI] display ipv6 netstream statistics slot 1
 Netstream statistic information on slot 1:
------------------------------------------------------------------------------------
 length of packets  Number                   Protocol   Number
------------------------------------------------------------------------------------
 1      ~    64   : 0                        IPV4     : 0                   
 65     ~    128  : 14939665                 IPV6     : 14939665            
 129    ~    256  : 0                        MPLS     : 0                   
 257    ~    512  : 0                        L2       : 0                   
 513    ~    1024 : 0                        Total    : 14939665            
 1025   ~    1500 : 0                   
 longer than 1500 : 0                   


------------------------------------------------------------------------------------

------------------------------------------------------------------------------------
 Aggregation                                  Current Streams       Aged Streams
               Created Streams                Exported Packets      Exported Streams
------------------------------------------------------------------------------------
 origin                                       100                   428                  
               528                            0                     0                    
 as                                           0                     0                    
               0                              0                     0                    
 as-tos                                       0                     0                    
               0                              0                     0                    
 protport                                     0                     0                    
               0                              0                     0                    
 protporttos                                  0                     0                    
               0                              0                     0                    
 srcprefix                                    3                     1                    
               4                              0                     0                    
 srcpretos                                    0                     0                    
               0                              0                     0                    
 dstprefix                                    0                     0                    
               0                              0                     0                    
 dstpretos                                    0                     0                    
               0                              0                     0                    
 prefix                                       0                     0                    
               0                              0                     0                    
 prefix-tos                                   0                     0                    
               0                              0                     0                    
 mpls-label                                   0                     0                    
               0                              0                     0                    
 vlan-id                                      0                     0                    
               0                              0                     0                    
 bgp-nhp-tos                                  0                     0                    
               0                              0                     0                    
 index-tos                                    0                     0                    
               0                              0                     0                    
 system: bbbb                        0                     0                                                                
               0                     0                     0                                                                
 aaaa                                0                     0                                                                        
               0                     0                     0                                                                        
 bbbb                                0                     0  
 all-aggre                                    3                     1                    
               4                              0                     0                    
------------------------------------------------------------------------------------
 srcprefix = source-prefix,   srcpretos = source-prefix-tos,
 dstprefix = destination-prefix,   dstpretos = destination-prefix-tos,
 protport = protocol-port,   protporttos = protocol-port-tos,
 all-aggre = all aggregation streams
 "---" means that the current board is not supported.

Run the display ipv6 netstream monitor { all | monitor-name } command to view the monitoring information about IPv6 original flows.

<HUAWEI> display ipv6 netstream monitor monitora
Monitor monitora
 ID        : 1
 AppCount  : 0

 Address                                   Port            
 1.1.1.1                                   1               
 2.2.2.2                                   2               
------------------------------------------------------------
Download
Updated: 2018-07-12

Document ID: EDOC1100028538

Views: 28129

Downloads: 213

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next