No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Configuration Guide - System Monitor 01

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Collecting Statistics About IPv4 Flexible Flows

Collecting Statistics About IPv4 Flexible Flows

Before collecting statistics about IPv4 flexible flows, familiarize yourself with the applicable environment and complete the pre-configuration tasks. This can help you complete the configuration task quickly and accurately.

Usage Scenario

On the network shown in Figure 3-10, a user enables NetStream on the router functioning as an NDE to obtain detailed network application information. The user can use the information to monitor abnormal network traffic, analyze users' operation modes, and plan networks between ASs.

Flexible flow packets provide user-defined templates for users to customize matching and collected fields as required. The user-defined template improves traffic analysis accuracy and reduces network bandwidth occupation, CPU usage, and storage space usage.

Figure 3-10  Networking diagram for collecting IPv4 flow statistics

Pre-configuration Tasks

Before collecting the statistics about IPv4 flexible flows, configure static routes or enable an IGP to implement network connectivity.

Configuration Procedures

Figure 3-11  Collecting statistics about IPv4 flexible flows

Specifying a NetStream Service Processing Mode

After sampling packets, each NetStream-enabled interface board sends sampled packets to the NetStream service processing board for aggregation and output.

Context

NetStream services can be processed in the following modes:

  • Distributed mode

    An interface board samples packets, aggregates flows, and outputs flows.

  • Integrated mode

    An interface board only samples packets and sends sampled packets to the NetStream service processing board. The NetStream service processing board aggregates and outputs flows. If the data volume collected by the router is out of the processing capability of a single NetStream service processing board, additional NetStream service processing boards can be installed to balance traffic.

Procedure

  • Configure the distributed NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ip netstream sampler to slot self

      The distributed NetStream service processing mode is specified.

    4. Run:

      commit

      The configuration is committed.

  • Configure the integrated NetStream service processing mode.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      slot slot-id

      The view of the slot in which the interface board for NetStream sampling resides is displayed.

    3. Run:

      ip netstream sampler to slot slot-id1

      The integrated NetStream service processing mode is specified, and the NetStream service processing board is specified.

    4. (Optional) Run:

      ip netstream sampler to slot slot-id2 backup

      The integrated NetStream service processing mode is specified, and the backup NetStream service processing board is specified.

      If there are several NetStream service processing boards, you can specify a master service processing board and backup service processing boards. When load balancing is performed, interface boards dual homed to different NetStream service processing boards can back up each other.

    5. Run:

      commit

      The configuration is committed.

      
      

Configuring a Flexible Flow Statistics Template

When configuring the flexible flow statistics output function, configure a flexible flow statistics template, customize matching and collected fields, and apply the template to an interface.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ip netstream record record-name

    An IPv4 flexible flow statistics template is created, and its recording view is displayed.

  3. Run:

    match { { source | destination } { vlan | as | port | address | mask } | mpls top-label ip-address | mpls label position | { protocol | tos | direction | tcp-flag } | { input | output } interface | next-hop [ bgp ] }

    Aggregation keywords of the flexible flow statistics template are configured.

  4. Run:

    collect { { first | last } switched | input { packets | bytes } length }

    The flexible flow statistics sent to the NSC is configured to contain the number of bytes, number of packets, and first and last forwarding time.

    
    

  5. Run:

    commit

    The configuration is committed.

Outputting Flexible Flows

To ensure that flexible flows can be correctly output to the NMS, specify the related parameters for flexible flows.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ip
    netstream export version 9 [ origin-as | peer-as ] [ bgp-nexthop ]

    The output version number and AS option of flexible flow packets are specified.

    NetStream flexible flow packets support only the V9 packet format.

  3. Run:

    ip netstream apply record record-name

    Flexible flows are applied in the system view.

  4. (Optional) Run:

    ip netstream export template timeout-rate timeout-interval

    The interval at which the template for outputting flexible flows in the V9 format is updated.

  5. Run:

    ip netstream export source ip-address

  6. Specify the destination IP address and UDP port number of the peer NSC for NetStream flexible flows in the system or slot view.

    • In the system view:

      Run:

      ip
      netstream export host ip-address port [ vpn-instance vpn-instance-name ] [ vpn-instance vpn-instance-name ]

      The destination IP address and UDP port number of the peer NSC are specified for NetStream flexible flows to be output.

    • In the slot view:

      1. Run:
        slot slot-id

        The view of the slot in which the interface board for NetStream sampling resides is displayed.

      2. Run:

        ip
        netstream export host ip-address port [ vpn-instance vpn-instance-name ] [ vpn-instance vpn-instance-name ]

        The destination IP address and UDP port number of the peer NSC are specified for NetStream flexible flows to be output.

      3. Run:
        quit

        The system view is displayed.

  7. (Optional) Set parameters for aging flexible flows as needed.

    • Run:

      ip netstream timeout { active active-interval | active interval-second active-interval-second }

      The active aging time is set for NetStream flexible flows.

    • Run:

      ip netstream timeout inactive inactive-interval

      The inactive aging time is set for NetStream flexible flows.

  8. Run:

    commit

    The configuration is committed.

(Optional) Configuring NetStream Monitoring Services

NetStream services can be configured on the NetStream Data Exporter (NDE) to enable users to implement more delicate traffic statistics and management over IPv4 flexible flows.

Context

Increasing types of services and applications on networks urge carriers to provide more delicate management and accounting services.

If NetStream is configured on multiple interfaces on an NDE, all interfaces send traffic statistics to a single NetStream Collector (NSC). The NSC cannot distinguish interfaces, and therefore, cannot manage or analyze traffic statistics based on interfaces. In addition, the NSC will be overloaded due to a great amount of information.

NetStream monitoring configured on an NDE allows the NDE to send traffic statistics collected on specified interfaces to specified NSCs for analysis, which achieves interface-specific service monitoring. Traffic statistics can be balanced among these NSCs.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ip netstream monitor monitor-name

    A NetStream monitoring service is created and its view is displayed. If a NetStream monitoring service view already exists, the view is displayed.

  3. Run:

    ip
    netstream export host [ ip-address | ipv6 ipv6-address ] port [ vpn-instance vpn-instance-name ]

    The destination IP address and destination port number for traffic statistics are specified.

  4. Run:

    apply record record-name

    Flexible flows are applied to monitoring services.

  5. Run:

    quit

    The system view is displayed.

  6. Run:

    interface interface-type interface-number

    The interface view is displayed.

  7. Run:

    ip netstream monitor monitor-name { inbound | outbound }

    NetStream monitoring services are configured in the inbound or outbound direction of an interface.

    NOTE:
    If flexible flows are applied to both the monitoring view and the system view, statistics about flexible flows are sent to the destination IP address specified in the NetStream monitoring service view.

  8. Run:

    commit

    The configuration is committed.

(Optional) Adjusting the AS Field Mode and Interface Index Type

Before the NetStream Collector (NSC) can properly receive and parse NetStream packets output by the NetStream Data Exporter (NDE), the AS field modes and interface index types configured on the NDE must be the same as those on the NSC.

Context

The NSC can properly receive and parse NetStream packets output by the NDE only when the AS field modes and interface index types on the NDE and NSC are the same.
  • AS field mode: The length of the AS field in IP packets can be set to 16 bits or 32 bits. Devices on a network must use the same AS field mode. An AS field mode inconsistency causes NetStream to fail to sample inter-AS traffic.

    NOTICE:

    If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field. If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-AS traffic sent by devices.

  • Interface index: The NMS uses an interface index carried in a NetStream packet output by the NDE to query information about the interface that sends the packet. The interface index can be 16 or 32 bits long. The index length is determined by NMS devices of different vendors. Therefore, the NDE must use a proper interface index type that is also supported by the NMS.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    ip netstream as-mode { 16 | 32 }

    The AS field mode is specified on the router.

  3. Run:

    ip
    netstream export index-switch { 16 | 32 }

    The type of the interface index carried in the NetStream packet output by the router is configured.

  4. Run:

    commit

    The configuration is committed.

Sampling IPv4 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows on an interface.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Configure sampling mode and sampling ratio, perform at least one of the following steps:

    • Configure a sampling mode and sampling ratio globally.
      1. Run:
        ip netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured globally.

      2. Run:
        interface interface-type interface-number

        The interface view is displayed.

    • Configure sampling mode and sampling ratio for the interface.
      1. Run:
        interface interface-type interface-number

        The interface view is displayed.

      2. Run:
        ip netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured for the interface.

        NOTE:
        The sampling mode and sampling ratio configured in the system view are applicable to all interfaces on the device. The sampling mode and sampling ratio configured in the interface view takes precedence over those configured in the system view.

  3. Run:

    ip
    netstream { inbound | outbound }

    NetStream is enabled on the interface. Statistics about packets' BGP next-hop information can also be collected.

  4. Run:

    commit

    The configuration is committed.

Checking the Configurations

After NetStream configurations are complete, you can run the display commands in any view to view the running status of NetStream functions.

Procedure

  • Run the display ip netstream cache origin slot slot-id command to check information about the NetStream buffer.

    NOTE:

    If the sampling function is configured for the logical interface in the downstream direction, running this command can only display information about the NetStream buffer of the physical interface where the logical interface resides.

  • Run the display ip netstream statistics slot slot-id command to check statistics about NetStream flows.
  • Run the display ip netstream statistics interface interface-type interface-number command to check the statistics about the sampled packets on an interface.
  • Run the display netstream { all | global | interface interface-type interface-number } command to check NetStream configurations in different views.
  • Run the display ip netstream monitor { all | monitor-name } command to check monitoring information about IPv4 flexible flows.

Example

Run the display ip netstream cache origin slot slot slot-id command to view statistics about IP packets cached in the NetStream buffer on the router.
<HUAWEI> display ip netstream cache origin slot 1
 DstIf                         
 SrcIf                           
 DstP                          Msk          Pro            Tos 
 SrcP                          Msk          Flags          
 Packets                                                   Bytes
 NextHop                                                   Direction
 DstIP                                                     DstAs
 SrcIP                                                     SrcAs
 BGP: BGP NextHop                                          TopLabelType
 Label1                        Exp1         Bottom1
 Label2                        Exp2         Bottom2
 Label3                        Exp3         Bottom3
 TopLabelIpAddress                          VlanId         VniId

 --------------------------------------------------------------------------

 Unknown                                                          
 GigabitEthernet1/0/0                                            
 0                             0            253            0
 0                             0            0              

 3                                                         384       
 0.0.0.0                                                   in
 192.172.133.151                                           0         
 192.172.131.151                                           0         
 0.0.0.0                                                   UNKNOWN             
 0                             0            0         
 0                             0            0         
 0                             0            0         
 0.0.0.0                                    0              0        


 Unknown                                                          
 GigabitEthernet1/0/1                                            
 0                             0            253            0  
 0                             0            0              

 1                                                         128       
 0.0.0.0                                                   in
 192.173.81.232                                            0         
 192.173.79.232                                            0         
 0.0.0.0                                                   UNKNOWN             
 0                             0            0         
 0                             0            0         
 0                             0            0         
 0.0.0.0                                    0              0

Run the display ip netstream statistics slot slot-id command to view statistics about NetStream flows.
<HUAWEI> display ip netstream statistics slot 1 
 Netstream statistic information on slot 1:

--------------------------------------------------------------------------------
 length of packets  Number                   Protocol   Number
--------------------------------------------------------------------------------
 1      ~    64   : 0                        IPV4     : 2779            
 65     ~    128  : 985                      IPV6     : 0            
 129    ~    256  : 1                        MPLS     : 0                   
 257    ~    512  : 360                      L2       : 0                   
 513    ~    1024 : 360                      Total    : 2779           
 1025   ~    1500 : 357                 
 longer than 1500 : 716                


--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
 Aggregation   Current Streams       Aged Streams
               Created Streams       Exported Packets      Exported Streams
--------------------------------------------------------------------------------
 origin        2                     92                
               94                    65                    92                
 as            0                     0                    
               0                     0                     0                   
 as-tos        0                     0                   
               0                     0                     0                   
 protport      0                     0                   
               0                     0                     0                   
 protporttos   0                     0                   
               0                     0                     0                   
 srcprefix     0                     0               
               0                     0                     0               
 srcpretos     0                     0               
               0                     0                     0               
 dstprefix     0                     0                   
               0                     0                     0                   
 dstpretos     0                     0                   
               0                     0                     0                   
 prefix        0                     0               
               0                     0                     0               
 prefix-tos    0                     0               
               0                     0                     0                
 mpls-label    0                     0                    
               0                     0                     0                    
 vlan-id       0                     0                    
               0                     0                     0                    
 bgp-nhp-tos   0                     0                   
               0                     0                     0                   
 index-tos     0                     0                   
               0                     0                     0                   
 src-index-tos 0                     0                   
               0                     0                     0                   
 bgp-community                       0                     0                                                                        
               0                     0                     0                                                                        
 vni-sip-dip                         0                     0                                                                        
               0                     0                     0                                                                        
 system: bbbb                        0                     0                                                                
               0                     0                     0                                                                
 aaaa                                0                     0                                                                        
               0                     0                     0                                                                        
 bbbb                                0                     0                                                                                                                                           
 all-aggre     2                     92                    0                                                                
               94                    65                    92                                                                
--------------------------------------------------------------------------------                     
 srcprefix = source-prefix,   srcpretos = source-prefix-tos,
 dstprefix = destination-prefix,   dstpretos = destination-prefix-tos,
 protport = protocol-port,   protporttos = protocol-port-tos,
 src-index-tos = source-index-tos,   all-aggre = all aggregation streams
 "---" means that the current board is not supported.
Run the display ip netstream statistics interface interface-type interface-number command to view the statistics about the sampled packets on an interface.
<HUAWEI> display ip netstream statistics interface GigabitEthernet1/0/0
Netstream statistic information of <GigabitEthernet1/0/0>:

 Inbound :

 IPV4 :1000 Bytes, 10 Packets

 IPV6 :1000 Bytes, 10 Packets

 MPLS :0  Bytes, 0  Packets

 Total :2000 Bytes, 20 Packets

 Outbound :

 IPV4 :1000 Bytes, 10 Packets

 IPV6 :1000 Bytes, 10 Packets

 MPLS :0  Bytes, 0  Packets

 Total :2000 Bytes, 20
 Packets

Run the display netstream { all | global | interface interface-type interface-number } command to view NetStream configurations in different views.

<HUAWEI> display netstream all
system
ip netstream export version 9 origin-as
ip netstream timeout active 50
ip netstream timeout inactive 10
ip netstream export source 10.1.1.1
ip netstream export host 4.4.4.4 10000
ip netstream aggregation as
 enable
 export version 9
 ip netstream export source 1.1.1.2
 ip netstream export host 3.3.3.3 555
 ip netstream export host 1.1.1.2 55
slot 1
interface GigabitEthernet1/0/3
 ip netstream sampler fix-packets 1000 inbound
Slot
 Slot 1:ip netstream sampler to slot 2

Run the display ip netstream monitor { all | monitor-name } command to view monitoring information about IPv4 flexible flows.

<HUAWEI> display ip netstream monitor monitora
Monitor monitora
 ID        : 1
 AppCount  : 0

 Address                                   Port              
 1.1.1.1                                   1                 
 2.2.2.2                                   2                 
----------------------------------------------------------------------
Download
Updated: 2018-07-12

Document ID: EDOC1100028538

Views: 28319

Downloads: 213

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next