No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Configuration Guide - System Monitor 01

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Collecting Statistics About IPv6 Aggregated Flows

Collecting Statistics About IPv6 Aggregated Flows

Before collecting statistics about IPv6 aggregated flows, familiarize yourself with the usage scenario, complete the pre-configuration tasks, and obtain the data required for the configuration.

Usage Scenario

On the network shown in Figure 3-8, a carrier enables NetStream on the router functioning as an NDE to obtain detailed network application information. The carrier can use the information to monitor abnormal network traffic, analyze users' operation modes, and plan networks between ASs.

Statistics about NetStream aggregated flows contain information about original flows with the same attributes, whereas statistics about NetStream original flows contain information about sampled packets. The volume of aggregated flow statistics collection is greater than that of original flow statistics.

Figure 3-8  Networking diagram for collecting IPv6 flow statistics

Pre-configuration Tasks

Before collecting statistics about IPv6 aggregated flows, complete the following tasks:

  • Configure parameters of the link layer protocol and IP addresses for interfaces so that the link layer protocol on the interfaces can go Up.

  • Configure static routes or enable an IGP to implement network connectivity.

  • Enable statistics collection for NetStream original flows.

Configuration Procedures

Figure 3-9  Collecting statistics about IPv6 aggregated flows

Specifying a NetStream Service Processing Mode

After sampling packets, each NetStream-enabled interface board sends sampled packets to the NetStream service processing board for aggregation and output. If the NE40E has more than one NetStream service processing board, these NetStream services boards work in redundancy mode to back up each other and balance traffic, which improves system reliability.

Context

NetStream services can be processed in the following modes:

  • Distributed mode

    An interface board samples packets, aggregates flows, and outputs flows.

  • Integrated mode

    An interface board only samples packets and sends sampled packets to the NetStream service processing board. The NetStream service processing board aggregates and outputs flows. If the data volume collected by the router is out of the processing capability of a single NetStream service processing board, additional NetStream service processing boards can be installed to balance traffic.

The ip netstream sampler to slot command has the same function as the ipv6 netstream sampler to slot command.

  • The execution of either command takes effect on all packets, and there is no need to configure both of them. If it is required to configure both of them, ensure that NetStream service processing modes are the same. A mode inconsistency causes an error.
  • If the interface board specified by one of the two commands serves as the master board working in integrated mode, the interface board manually specified serving as the backup board also works in integrated mode. For example, if the interface board in slot 1 is specified as the master board using the ip netstream sampler to slot command, the interface board in slot 2 is specified as the slave board using ipv6 netstream sampler to slot command. Interface boards in both slot 1 and slot 2 process IPv4 and IPv6 packets.

Procedure

  • Specify the distributed NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ipv6 netstream sampler to slot self

      The distributed NetStream service processing mode is specified.

    4. Run:

      commit

      The configuration is committed.

  • Specify the integrated NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ipv6 netstream sampler to slot slot-id1

      The integrated NetStream service processing mode is specified, and the NetStream service processing board is specified.

    4. (Optional) Run:

      ipv6 netstream sampler to slot slot-id2 backup

      The integrated NetStream service processing mode is specified, and the backup NetStream service processing board is specified.

      If there are several NetStream service processing boards, you can specify a master service processing board and backup service processing boards. When load balancing is performed, interface boards dual homed to different NetStream service processing boards can back up each other.

    5. Run:

      commit

      The configuration is committed.

Configuring an Aggregation Mode for IPv6 Flows

An aggregation mode must be specified before original flows with the same attributes are aggregated as one flow and output to the NetStream Collector (NSC).

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ipv6 netstream aggregation { as | as-tos | bgp-nexthop-tos | destination-prefix | destination-prefix-tos | index-tos | mpls-label | prefix | prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | vlan-id }

    The NetStream aggregation view is created.

    NOTE:
    After collecting statistics about NetStream original flows, the router aggregates original flows into aggregated flows based on specified rules, encapsulates aggregated flows into UDP packets, and sends UDP packets after the aging timer expires. Aggregating original flows minimizes the consumption of network bandwidths, CPU resources, and memory resources. Attributes based on which flows are aggregated vary according to aggregation modes. Table 3-2 describes the mapping between aggregation modes and flow attributes.
    Table 3-2  Mapping between aggregation modes and flow attributes

    Aggregation mode

    Description

    as

    NetStream combines flows with the same source AS number, destination AS number, inbound interface index, and outbound interface index into an aggregated flow and generates one aggregation record.

    as-tos

    NetStream combines flows with the same source AS number, destination AS number, inbound interface index, outbound interface index, and Type of Service (ToS) into an aggregated flow and generates one aggregation record.

    bgp-nexthop-tos

    NetStream combines flows with the same destination AS number, source AS number, BGP next hop, inbound interface index, and outbound interface index into an aggregated flow and generates one aggregation record.

    destination-prefix

    NetStream combines flows with the same destination AS number, destination mask length, destination prefix, and outbound interface index into an aggregated flow and generates one aggregation record.

    destination-prefix-tos

    NetStream combines flows with the same destination AS number, destination mask length, destination prefix, ToS, and outbound interface index into an aggregated flow and generates one aggregation record.

    index-tos

    NetStream combines flows with the same inbound interface index, outbound interface index, and ToS into an aggregated flow and generates one aggregation record.

    mpls-label

    Indicates the MPLS label aggregation, which aggregates flows with the same first layer label, second layer label, third layer label, TopLabelIpAddress, stack bottom symbol of the first layer label, and the EXP value of the first layer label.

    prefix

    NetStream combines flows with the same source AS number, destination AS number, source mask length, destination mask length, source prefix, destination prefix, inbound interface index, and outbound interface index into an aggregated flow and generates one aggregation record.

    prefix-tos

    NetStream combines flows with the same source AS number, destination AS number, source mask length, destination mask length, source prefix, destination prefix, ToS, inbound interface index, and outbound interface index into an aggregated flow and generates one aggregation record.

    protocol-port

    NetStream combines flows with the same protocol number, source port, and destination port into an aggregated flow and generates one aggregation record.

    protocol-port-tos

    NetStream combines flows with the same protocol number, source port, destination port, ToS, inbound interface index, and outbound interface index into an aggregated flow and generates one aggregation record.

    source-prefix

    NetStream combines flows with the same source AS number, source mask length, source prefix, and inbound interface index into an aggregated flow and generates one aggregation record.

    source-prefix-tos

    NetStream combines flows with the same source AS number, source mask length, source prefix, ToS, and inbound interface index into an aggregated flow and generates one aggregation record.

    vlan-id

    NetStream combines flows with the same VLAN ID and inbound interface index into an aggregated flow and generates one aggregation record.

  3. Run:

    enable

    Statistics collection of flows aggregated in a specified aggregation mode is enabled.

  4. (Optional) Run:

    mask { source | destination } minimum mask-length

    The length of the aggregate mask is set.

    The mask used by the system is the greater one between the mask in the FIB table and the configured mask. If no aggregate mask is set, the system uses the mask in the FIB table for flow aggregation.

    NOTE:
    The aggregate mask takes effect only on flows aggregated in the following modes: destination-prefix, destination-prefix-tos, prefix, prefix-tos, source-prefix, and source-prefix-tos.

  5. Run:

    commit

    The configuration is committed.

Outputting Aggregated Flows

To ensure that aggregated flows are correctly output to the NMS, configure the aging time, source address, and destination address for aggregated flows.

Context

IPv6 aggregated flows can be output in V9 or IPFIX format.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ipv6
    netstream export host ip-address port [ vpn-instance vpn-instance-name ]

    The destination IP address and destination port number for traffic statistics are specified.

    The destination IP address specified in the system view takes precedence over that specified in the NetStream aggregation view.

  3. Run:

    ipv6 netstream aggregation { as | as-tos | bgp-nexthop-tos | destination-prefix | destination-prefix-tos | index-tos | mpls-label | prefix | prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | vlan-id }

    The IPv6 NetStream aggregation view is displayed.

  4. (Optional) Run:

    template timeout-rate timeout-interval

    The interval at which the template for outputting aggregated flows in the V9 or IPFIX format is refreshed is set.

  5. Run:

    ipv6 netstream export source { ip-address | ipv6 ipv6-address }

  6. Run:

    ipv6
    netstream export host { ip-address | ipv6 ipv6-address } port [ vpn-instance vpn-instance-name ]

    The destination IP address and destination port number for traffic statistics are specified.

    NOTE:
    • You can specify eight destination IP addresses in the system view, IPv4 NetStream aggregation view, and IPv4 NetStream aggregation view.

    • The destination IP address specified in the system view takes precedence over that specified in the NetStream aggregation view.

  7. (Optional) Set parameters for aging aggregated flows as needed.

    • Run:

      ipv6 netstream aggregation timeout { active active-interval | active interval-second active-interval-second }

      The active aging time is set for NetStream aggregated flows.

    • Run:

      ipv6 netstream aggregation timeout inactive inactive-interval

      The inactive aging time is set for NetStream aggregated flows.

  8. (Optional) Exit the IPv6 aggregated configuration mode view. In the system view, run:

    ipv6 netstream export template sequence-number fixed

    The sequence numbers of template packets and option template packets in IPFIX format are configured to remain unchanged, but data packets and option data packets in IPFIX format are still consecutively numbered.

  9. Run:

    commit

    The configuration is committed.

(Optional) Adjusting the AS Field Mode and Interface Index Type

Before the NetStream Collector (NSC) can properly receive and parse NetStream packets output by the NetStream Data Exporter (NDE), the AS field modes and interface index types configured on the NDE must be the same as those on the NSC.

Context

Before you enable the NSC to properly receive and parse NetStream packets output by the NDE, specify the same AS field mode and interface index type on the NDE and NSC.
  • AS field mode: The length of the AS field in IP packets can be set to 16 bits or 32 bits. Devices on a network must use the same AS field mode. An AS field mode inconsistency causes NetStream to fail to sample inter-AS traffic.

    NOTICE:

    If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field. If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-AS traffic sent by devices.

  • Interface index: The NMS uses an interface index carried in a NetStream packet output by the NDE to query information about the interface that sends the packet. The interface index can be 16 or 32 bits long. The index length is determined by NMS devices of different vendors. Therefore, the NDE must use a proper interface index type that is also supported by the NMS.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ipv6 netstream as-mode { 16 | 32 }

    The AS field mode is specified on the router.

  3. Run:

    ipv6 netstream export index-switch { 16 | 32 }

    The type of the interface index carried in the NetStream packet output by the router is specified.

    An interface index can be changed from 16 bits to 32 bits only after the following conditions are met:
    • Original flows are output in V9 or IPFIX format.
    • Aggregated flows are output in V9 or IPFIX format.

Sampling IPv6 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows on an interface.

Context

NOTE:

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN instance are sampled.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Configure sampling mode and sampling ratio, perform at least one of the following steps:

    • Configure a sampling mode and sampling ratio globally.
      1. Run:
        ipv6 netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured globally.

      2. Run:
        interface interface-type interface-number

        The interface view is displayed.

    • Configure sampling mode and sampling ratio for the interface.
      1. Run:
        interface interface-type interface-number

        The interface view is displayed.

      2. Run:
        ipv6 netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured for the interface.

        NOTE:
        The sampling mode and sampling ratio configured in the system view are applicable to all interfaces on the device. The sampling mode and sampling ratio configured in the interface view takes precedence over those configured in the system view.
        The ip netstream sampler command has the same function as the ipv6 netstream sampler command.
        • The execution of either command takes effect on all packets, and there is no need to configure both of them. If it is required to configure both of them, ensure that sampling modes configured by the ip netstream sampler and ipv6 netstream sampler commands are the same.
        • Packets are sampled at the set sampling ratio, regardless of packet types. For example, if the sampling ratio in fixed packet sampling mode is set to 1000:1, one packet will be sampled every 1000 packets, regardless of these packets are IPv4 or IPv6 packets.

  3. Run:

    ipv6 netstream { inbound | outbound }

    NetStream is enabled on the interface.

    Statistics about packets' BGP next-hop information can also be collected. Original flows output in V5 format, however, cannot carry the BGP next-hop information.

  4. Run:

    commit

    The configuration is committed.

Checking the Configurations

In routine maintenance or after NetStream configurations are complete, you can run the display commands in any view to check whether NetStream is enabled on the device.

Context

Run the following command to check the previous configuration.

Procedure

  • Run the display netstream { all | global | interface interface-type interface-number } command to check NetStream configurations in different views.
  • Run the display ipv6 netstream cache { as | as-tos | bgp-nexthop-tos | destination-prefix | destination-prefix-tos | index-tos | prefix | prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos | mpls-label | vlan-id | flexflowtpl record-name } slot slot-id command to check various aggregated flows in the buffer.
  • Run the display ipv6 netstream statistics slot slot-id command to check statistics about NetStream flows.

Example

Run the display netstream { all | global | interface interface-type interface-number } command to view NetStream configurations in different views.

<HUAWEI> display netstream all
system
ip netstream export version 9 origin-as
ip netstream timeout active 50
ip netstream timeout inactive 10
ip netstream export source 10.1.1.1
ip netstream export host 4.4.4.4 10000
ip netstream aggregation as
 enable
 export version 9
 ip netstream export source 1.1.1.2
 ip netstream export host 3.3.3.3 555
 ip netstream export host 1.1.1.2 55
slot 1
interface GigabitEthernet1/0/3
 ip netstream sampler fix-packets 1000 inbound
Slot
 Slot 1:ip netstream sampler to slot 2

Run the display ipv6 netstream cache as slot 3 command. If the destination IP address and prefix aggregation mode have been successfully configured, you can view statistics about destination IP addresses and AS numbers of IP or MPLS packets in the buffer on the router.

<HUAWEI> display ipv6 netstream cache as slot 1

  DstIf 
  SrcIf 
  DstAs      Streams    Packets    Direction     SrcAs   
 --------------------------------------------------------------------------
  GI1/0/0        
  Unknown         
  0          985988     985988     out           0

Run the display ipv6 netstream statistics slot slot-id command to view statistics about NetStream flows.

<HUAWEI> system-view
[~HUAWEI] display ipv6 netstream statistics slot 1
 Netstream statistic information on slot 1:
------------------------------------------------------------------------------------
 length of packets  Number                   Protocol   Number
------------------------------------------------------------------------------------
 1      ~    64   : 0                        IPV4     : 0                   
 65     ~    128  : 14939665                 IPV6     : 14939665            
 129    ~    256  : 0                        MPLS     : 0                   
 257    ~    512  : 0                        L2       : 0                   
 513    ~    1024 : 0                        Total    : 14939665            
 1025   ~    1500 : 0                   
 longer than 1500 : 0                   


------------------------------------------------------------------------------------

------------------------------------------------------------------------------------
 Aggregation                                  Current Streams       Aged Streams
               Created Streams                Exported Packets      Exported Streams
------------------------------------------------------------------------------------
 origin                                       100                   428                  
               528                            0                     0                    
 as                                           0                     0                    
               0                              0                     0                    
 as-tos                                       0                     0                    
               0                              0                     0                    
 protport                                     0                     0                    
               0                              0                     0                    
 protporttos                                  0                     0                    
               0                              0                     0                    
 srcprefix                                    3                     1                    
               4                              0                     0                    
 srcpretos                                    0                     0                    
               0                              0                     0                    
 dstprefix                                    0                     0                    
               0                              0                     0                    
 dstpretos                                    0                     0                    
               0                              0                     0                    
 prefix                                       0                     0                    
               0                              0                     0                    
 prefix-tos                                   0                     0                    
               0                              0                     0                    
 mpls-label                                   0                     0                    
               0                              0                     0                    
 vlan-id                                      0                     0                    
               0                              0                     0                    
 bgp-nhp-tos                                  0                     0                    
               0                              0                     0                    
 index-tos                                    0                     0                    
               0                              0                     0                    
 system: bbbb                        0                     0                                                                
               0                     0                     0                                                                
 aaaa                                0                     0                                                                        
               0                     0                     0                                                                        
 bbbb                                0                     0  
 all-aggre                                    3                     1                    
               4                              0                     0                    
------------------------------------------------------------------------------------
 srcprefix = source-prefix,   srcpretos = source-prefix-tos,
 dstprefix = destination-prefix,   dstpretos = destination-prefix-tos,
 protport = protocol-port,   protporttos = protocol-port-tos,
 all-aggre = all aggregation streams
 "---" means that the current board is not supported.
Download
Updated: 2018-07-12

Document ID: EDOC1100028538

Views: 28430

Downloads: 213

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next