Collecting Statistics About IPv6 Flexible Flows
Before collecting statistics about IPv6 flexible flows, familiarize yourself with the applicable environment and complete the pre-configuration tasks. This can help you complete the configuration task quickly and accurately.
Usage Scenario
On the network shown in Figure 3-12, a user enables NetStream on the router functioning as an NDE to obtain detailed network application information. The user can use the information to monitor abnormal network traffic, analyze users' operation modes, and plan networks between ASs.
Flexible flow packets provide user-defined templates for users to customize matching and collected fields as required. The user-defined template improves traffic analysis accuracy and reduces network bandwidth occupation, CPU usage, and storage space usage.
Pre-configuration Tasks
Before collecting the statistics about IPv6 flexible flows, configure static routes or enable an IGP to implement network connectivity.
Configuration Procedures
- Specifying a NetStream Service Processing Mode
After sampling packets, each NetStream-enabled interface board sends sampled packets to the NetStream service processing board for aggregation and output. - Configuring a Flexible Flow Statistics Template
When configuring the flexible flow statistics output function, configure a flexible flow statistics template, customize matching and collected fields, and apply the template to an interface. - Outputting Flexible Flows
To ensure that flexible flows can be correctly output to the NMS, specify the related parameters for flexible flows. - (Optional) Configuring NetStream Monitoring Services
NetStream services can be configured on the NetStream Data Exporter (NDE) to enable users to implement more delicate traffic statistics and management over IPv6 flexible flows. - (Optional) Adjusting the AS Field Mode and Interface Index Type
Before the NetStream Collector (NSC) can properly receive and parse NetStream packets output by the NetStream Data Exporter (NDE), the AS field modes and interface index types configured on the NDE must be the same as those on the NSC. - Sampling IPv6 Flows
You can enable NetStream to sample and analyze the incoming or outgoing flows on an interface. - Verifying the Configuration of IPv6 Flexible Flow Statistics
Collection
After NetStream configurations are complete, you can run the display commands in any view to verify the running status of NetStream functions.
Specifying a NetStream Service Processing Mode
After sampling packets, each NetStream-enabled interface board sends sampled packets to the NetStream service processing board for aggregation and output.
Configuring a Flexible Flow Statistics Template
When configuring the flexible flow statistics output function, configure a flexible flow statistics template, customize matching and collected fields, and apply the template to an interface.
Procedure
- Run system-view
The system view is displayed.
- Run ipv6 netstream record record-name
An IPv6 flexible flow statistics template is created, and its recording view is displayed.
- Run match { { source | destination } { vlan | as | port | address | mask } | mpls top-label ip-address | mpls label position | { protocol | tos | direction | tcp-flag } | { input | output } interface | next-hop [ bgp ] }
Aggregation keywords of the flexible flow statistics template are configured.
- Run collect { { first | last } switched | input { packets | bytes } length }
The flexible flow statistics sent to the NSC is configured to contain the number of bytes, number of packets, and first and last forwarding time.
- Run commit
The configuration is committed.
Outputting Flexible Flows
To ensure that flexible flows can be correctly output to the NMS, specify the related parameters for flexible flows.
Procedure
- Run system-view
The system view is displayed.
- Run ipv6 netstream export
version 9 [ origin-as | peer-as ] [ bgp-nexthop ]
The output version number and AS option of flexible flow packets are specified.
- (Optional) Configure NetStream packets to
carry the flow sequence field.
- Run slot slot-id
The view of the slot in which the interface board for NetStream sampling resides is displayed.
Run ip netstream export sequence-mode flow
NetStream packets are configured to carry the flow sequence field.
- Run quit
The system view is displayed.
NOTE:
The command applys to the V9 format only. - Run slot slot-id
- Run ipv6 netstream apply
record record-name
Flexible flows are applied in the system view.
Flexible flow packets can be output only in the V9 format. If the ipv6 netstream export version command is run in the system view to specify the IPFIX packet output format, the ipv6 netstream apply record command does not take effect.
- (Optional) Run ipv6 netstream export template timeout-rate timeout-interval
The interval at which the template for outputting flexible flows in the V9 format is updated.
- Run ipv6 netstream export source ipv6 ipv6-address
The source IP address is specified for flexible flows.
- Specify the destination IP address and UDP port number
of the peer NSC for NetStream flexible flows in the system or slot view.
In the system view:
Run ipv6 netstream export host ipv6 ipv6-address port [ vpn-instance vpn-instance-name ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are specified.
In the slot view:
- Run slot slot-id
The view of the slot in which the interface board for NetStream sampling resides is displayed.
Run ipv6 netstream export host ipv6 ipv6-address port [ vpn-instance vpn-instance-name ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are specified.
- Run quit
The system view is displayed.
- Run slot slot-id
- (Optional) Set parameters for aging flexible flows as needed.
Run ipv6 netstream timeout { active active-interval | active interval-second active-interval-second }
The active aging time is set for NetStream flexible flows.
Run ipv6 netstream timeout inactive inactive-interval
The inactive aging time is set for NetStream flexible flows.
- Run commit
The configuration is committed.
(Optional) Configuring NetStream Monitoring Services
NetStream services can be configured on the NetStream Data Exporter (NDE) to enable users to implement more delicate traffic statistics and management over IPv6 flexible flows.
Context
Increasing types of services and applications on networks urge carriers to provide more delicate management and accounting services.
If NetStream is configured on multiple interfaces on an NDE, all interfaces send traffic statistics to a single NetStream Collector (NSC). The NSC cannot distinguish interfaces, and therefore, cannot manage or analyze traffic statistics based on interfaces. In addition, the NSC will be overloaded due to a great amount of information.
NetStream monitoring configured on an NDE allows the NDE to send traffic statistics collected on specified interfaces to specified NSCs for analysis, which achieves interface-specific service monitoring. Traffic statistics can be balanced among these NSCs.
Procedure
- Run system-view
The system view is displayed.
- Run ip netstream monitor monitor-name
A NetStream monitoring service is created and its view is displayed. If a NetStream monitoring service view already exists, the view is displayed.
- Run ip
netstream export host [ ip-address | ipv6 ipv6-address ] port [ vpn-instance vpn-instance-name ] [ version { 5 | 9 | ipfix } ] [ dscp dscp-value ]
The destination IP address and destination port number for traffic statistics are specified.
- Run apply record record-name
Flexible flows are applied to monitoring services.
- Run quit
The system view is displayed.
- Run interface interface-type interface-number
The interface view is displayed.
- Run ip netstream monitor monitor-name { inbound | outbound }
NetStream monitoring services are configured in the inbound or outbound direction of an interface.
NOTE:
If flexible flows are applied to both the monitoring view and the system view, statistics about flexible flows are sent to the destination IP address specified in the NetStream monitoring service view. - Run commit
The configuration is committed.
(Optional) Adjusting the AS Field Mode and Interface Index Type
Before the NetStream Collector (NSC) can properly receive and parse NetStream packets output by the NetStream Data Exporter (NDE), the AS field modes and interface index types configured on the NDE must be the same as those on the NSC.
Context
AS field mode: The length of the AS field in IP packets can be set to 16 bits or 32 bits. Devices on a network must use the same AS field mode. An AS field mode inconsistency causes NetStream to fail to sample inter-AS traffic.
If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field. If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-AS traffic sent by devices.
Interface index: The NMS uses an interface index carried in a NetStream packet output by the NDE to query information about the interface that sends the packet. The interface index can be 16 or 32 bits long. The index length is determined by NMS devices of different vendors. Therefore, the NDE must use a proper interface index type that is also supported by the NMS.
Procedure
- Run system-view
The system view is displayed.
- Run ip netstream as-mode { 16 | 32 }
The AS field mode is specified on the router.
- Run ip
netstream export index-switch { 16 | 32 }
The type of the interface index carried in the NetStream packet output by the router is configured.
- Run commit
The configuration is committed.
Sampling IPv6 Flows
You can enable NetStream to sample and analyze the incoming or outgoing flows on an interface.
Procedure
- Run system-view
The system view is displayed.
- Configure sampling mode and sampling
ratio, perform at least one of the following steps:
- Configure a sampling mode and sampling ratio globally.
- Run ipv6 netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }
The sampling mode and sampling ratio are configured globally.
- Run interface interface-type interface-number
The interface view is displayed.
- Run ipv6 netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }
- Configure sampling mode and sampling ratio for the interface.
- Run interface interface-type interface-number
The interface view is displayed.
- Run ipv6 netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }
The sampling mode and sampling ratio are configured for the interface.
The ip netstream sampler command has the same function as the ipv6 netstream sampler command.NOTE:
The sampling mode and sampling ratio configured in the system view are applicable to all interfaces on the device. The sampling mode and sampling ratio configured in the interface view takes precedence over those configured in the system view.- The execution of either command takes effect on all packets, and there is no need to configure both of them. If it is required to configure both of them, ensure that sampling modes and sampling ratios configured by the ip netstream sampler and ipv6 netstream sampler commands are the same.
- Packets are sampled at the set sampling ratio, regardless of packet types. For example, if the sampling ratio in fixed packet sampling mode is set to 1000:1, one packet will be sampled every 1000 packets, regardless of these packets are IPv4 or IPv6 packets.
- Run interface interface-type interface-number
- Configure a sampling mode and sampling ratio globally.
- Run ipv6 netstream { inbound | outbound }
NetStream is enabled on the interface. Statistics about packets' BGP next-hop information can also be collected.
- Run commit
The configuration is committed.
Verifying the Configuration of IPv6 Flexible Flow Statistics Collection
After NetStream configurations are complete, you can run the display commands in any view to verify the running status of NetStream functions.
Procedure
- Run the display ipv6 netstream cache origin slot slot-id command to view information about the NetStream buffer.
- Run the display ipv6 netstream statistics slot slot-id command to view statistics about NetStream flows.
- Run the display ipv6 netstream monitor { all | monitor-name } command to check monitoring information about IPv6 flexible flows.
Example
<HUAWEI> display ipv6 netstream cache origin slot 1 DstIf SrcIf DstP Msk Pro Tos SrcP Msk Flags Ttl Packets Bytes NextHop Direction DstIP DstAs SrcIP SrcAs BGP: BGP NextHop TopLabelType Label1 Exp1 Bottom1 Label2 Exp2 Bottom2 Label3 Exp3 Bottom3 TopLabelIpAddress VlanId VniId -------------------------------------------------------------------------- Unknown GigabitEthernet0/1/1 0 0 59 0 0 0 0 100 443426 56758528 :: in FEC0::101:200:0:C055:101 0 FEC0::101:200:0:C0A8:101 0 :: UNKNOWN 0 0 0 0 0 0 0 0 0 0.0.0.0 0 0
<HUAWEI> system-view [~HUAWEI] display ipv6 netstream statistics slot 1 Netstream statistic information on slot 1: ------------------------------------------------------------------------------------ length of packets Number Protocol Number ------------------------------------------------------------------------------------ 1 ~ 64 : 0 IPV4 : 0 65 ~ 128 : 14939665 IPV6 : 14939665 129 ~ 256 : 0 MPLS : 0 257 ~ 512 : 0 L2 : 0 513 ~ 1024 : 0 Total : 14939665 1025 ~ 1500 : 0 longer than 1500 : 0 ------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------ Aggregation Current Streams Aged Streams Created Streams Exported Packets Exported Streams ------------------------------------------------------------------------------------ origin 100 428 528 0 0 as 0 0 0 0 0 as-tos 0 0 0 0 0 protport 0 0 0 0 0 protporttos 0 0 0 0 0 srcprefix 3 1 4 0 0 srcpretos 0 0 0 0 0 dstprefix 0 0 0 0 0 dstpretos 0 0 0 0 0 prefix 0 0 0 0 0 prefix-tos 0 0 0 0 0 mpls-label 0 0 0 0 0 vlan-id 0 0 0 0 0 bgp-nhp-tos 0 0 0 0 0 index-tos 0 0 0 0 0 system: bbbb 0 0 0 0 0 aaaa 0 0 0 0 0 bbbb 0 0 all-aggre 3 1 4 0 0 ------------------------------------------------------------------------------------ srcprefix = source-prefix, srcpretos = source-prefix-tos, dstprefix = destination-prefix, dstpretos = destination-prefix-tos, protport = protocol-port, protporttos = protocol-port-tos, all-aggre = all aggregation streams "---" means that the current board is not supported.
Run the display ipv6 netstream monitor { all | monitor-name } command to view monitoring information about IPv6 flexible flows.
<HUAWEI> display ipv6 netstream monitor monitora Monitor monitora ID : 1 AppCount : 0 Address Port ExportVer 1.1.1.1 1 ipfix 2.2.2.2 2 9 ----------------------------------------------------------------------
