No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - System Monitor 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - System Monitor
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Collecting Statistics About IPv4 Original Flows

Collecting Statistics About IPv4 Original Flows

Before collecting statistics about IPv4 original flows, familiarize yourself with the usage scenario, complete the pre-configuration tasks, and obtain the data required for the configuration.

Usage Scenario

On the network shown in Figure 3-2, a carrier enables NetStream on the NE functioning as an NDE to obtain detailed network application information. The carrier can use the information to monitor abnormal network traffic, analyze users' operation modes, and plan networks between ASs.

Statistics about original flows are collected based on the 7-tuple information. The NetStream Data Exporter (NDE) samples IPv4 flows passing through it, collects statistics about sampled flows, encapsulates the aging NetStream original flows into UDP packets, and sends the packets to the NetStream Collector (NSC) for processing. Unlike collecting statistics about aggregated flows, collecting statistics about original flows imposes less impact on NDE performance. Original flows consume more storage space and network bandwidth resources because the volume of original flows is greater than that of aggregated flows.

Figure 3-2 Networking diagram for collecting IPv4 flow statistics

Pre-configuration Tasks

Before collecting the statistics about IPv4 original flows, configure static routes or enable an IGP to implement network connectivity.

Configuration Procedures

Figure 3-3 Collecting statistics about IPv4 original flows

Outputting Original Flows

To ensure that original flows can be correctly output to the NMS, configure the aging time, output format, and source and destination addresses for original flows.

Procedure

  1. Run system-view

    The system view is displayed.

  2. (Optional) Run ip netstream export version { 5 [ origin-as | peer-as ] | 9 [ origin-as | peer-as ] [ bgp-nexthop ] [ ttl ] | ipfix [ origin-as | peer-as ] [ bgp-nexthop ] [ ttl ] }

    The output format of original flows is configured.

    NetStream original flow packets support V5 and V9 as well as IPFIX packet formats. V5, IPFIX, and V9 packet formats are mutually exclusive.

    The V9 format allows the output original flows to carry more variable statistics, to expand newly defined flow elements more flexibly, and to generate new records more easily.

    Compared with the V9 format, the IPFIX format improves packet extensibility and compatibility, security, and reliability. In addition, the IPFIX format has an enterprise identifier field added. When setting this field, you must use the IPFIX format for the outputting of NetStream IPv4 original flows.

    The V5 format is fixed, and the system cost is low. In most cases, NetStream original flows are output in V5 format. In any of the following situations, NetStream original flows must be output in V9 format or IPFIX:
    • NetStream original flows need to carry BGP next-hop information.

    • Interface indexes carried in the output NetStream original flows need to be extended from 16 bits to 32 bits.

    By default, NetStream original flows are output in V5 format.

  3. (Optional) Run ip netstream export template timeout-rate timeout-interval

    The interval at which the template for outputting original flows in the V9 or IPFIX format is refreshed.

    By default, the output template of original flows is refreshed every 30 minutes.

  4. Run ip netstream export source { ip-address | ipv6 ipv6-address }

    The source IP address is specified for original flows.

  5. Specify the destination IP address and UDP port number of the peer NSC for NetStream original flows in the system view.

    • In the system view:

      Run ip netstream export host { ip-address | ipv6 ipv6-address } port [ vpn-instance vpn-instance-name ] [ dscp dscp-value ]

      The destination IP address and UDP port number of the peer NSC are specified for NetStream original flows to be output.

  6. (Optional) Set parameters for aging original flows as needed.

    • Run ip netstream timeout { active active-interval | active interval-second active-interval-second }

      The active aging time is set for NetStream original flows.

      The default active aging time is 30 minutes.

    • Run ip netstream timeout inactive inactive-interval

      The inactive aging time is set for NetStream original flows.

      The default inactive aging time is 30 seconds.

  7. Run commit

    The configuration is committed.

(Optional) Configuring NetStream Monitoring Services

NetStream services can be configured on the NetStream Data Exporter (NDE) to enable carriers to implement more delicate traffic statistics and management over IPv4 original flows.

Context

Increasing types of services and applications on networks urge carriers to provide more delicate management and accounting services.

If NetStream is configured on multiple interfaces on an NDE, all interfaces send traffic statistics to a single NetStream Collector (NSC). The NSC cannot distinguish interfaces, and therefore, cannot manage or analyze traffic statistics based on interfaces. In addition, the NSC will be overloaded due to a great amount of information.

NetStream monitoring configured on an NDE allows the NDE to send traffic statistics collected on specified interfaces to specified NSCs for analysis, which achieves interface-specific service monitoring. Traffic statistics can be balanced among these NSCs.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip netstream monitor monitor-name

    A NetStream monitoring service is created and its view is displayed. If a NetStream monitoring service view already exists, the view is displayed.

  3. Run ip netstream export host [ ip-address | ipv6 ipv6-address ] port [ vpn-instance vpn-instance-name ] [ version { 5 | 9 | ipfix } ] [ dscp dscp-value ]

    The destination IP address and destination port number for traffic statistics are specified.

  4. Run quit

    The system view is displayed.

  5. Run interface interface-type interface-number

    The interface view is displayed.

  6. Run ip netstream monitor monitor-name { inbound | outbound }

    NetStream monitoring services are configured in the inbound or outbound direction of an interface.

    NOTE:
    If NetStream monitoring services have been configured on the interface, statistics about original flows are sent to the destination IP address specified in the NetStream monitoring service view, not the system view.

  7. Run commit

    The configuration is committed.

(Optional) Adjusting the AS Field Mode and Interface Index Type

Before the NetStream Collector (NSC) can properly receive and parse NetStream packets output by the NetStream Data Exporter (NDE), the AS field modes and interface index types configured on the NDE must be the same as those on the NSC.

Context

Before you enable the NSC to properly receive and parse NetStream packets output by the NDE, specify the same AS field mode and interface index type on the NDE and NSC.
  • AS field mode: The length of the AS field in IP packets can be set to 16 bits or 32 bits. Devices on a network must use the same AS field mode. An AS field mode inconsistency causes NetStream to fail to sample inter-AS traffic.

    If the 32-bit AS field mode is used, the NMS must identify the 32-bit AS field. If the NMS cannot identify the 32-bit AS field, the NMS fails to identify inter-AS traffic sent by devices.

  • Interface index: The NMS uses an interface index carried in a NetStream packet output by the NDE to query information about the interface that sends the packet. The interface index can be 16 or 32 bits long. The index length is determined by NMS devices of different vendors. Therefore, the NDE must use a proper interface index type that is also supported by the NMS.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run

    The AS field mode is specified on the NE.

    By default, the AS field mode on the NE is 16 bits.

  3. Run ip netstream export index-switch { 16 | 32 }

    The type of the interface index carried in the NetStream packet output by the NE is configured.

    By default, the interface index carried in the NetStream packet output by the NE is 16 bits long. An interface index can be changed from 16 bits to 32 bits only after the following conditions are met:
    • Original flows are output in V9 or IPFIX format.
    • The NetStream packet format for all aggregated flows is V9 or IPFIX format.

(Optional) Enabling Statistics Collection of TCP Flags

There are six flag bits (URG, ACK, PSH, RST, SYN, and FIN) in a TCP packet header. The flag bits, together with the destination IP address, source IP address, destination port number, and source port number of a TCP packet, identify the function and status of the TCP packet on a TCP connection. TCP flags can be extracted from packets. Their statistics can be collected and sent to the NMS. The NMS checks the traffic volume of each flag and determines whether the network is attacked by TCP packets.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip netstream tcp-flag enable

    Statistics collection of TCP flags is enabled.

    An original flow for each flag value is created. If statistics collection for TCP flags is enabled, the number of original flows will greatly increase. By default, statistics collection of TCP flags is disabled.

  3. Run commit

    The configuration is committed.

(Optional) Configuring NetStream Interface Option Packets and Setting Option Template Refreshing Parameters

This section describes how to configure NetStream interface option packets and set option template refreshing parameters.

Context

No matter whether traffic statistics are exported as original flows or aggregated flows, option packet data is exported to the NetStream Collector (NSC) as a supplement. In this way, the NetStream Data Exporter (NDE) can obtain information, such as the sampling ratio and whether the sampling function is enabled, to reflect the actual network traffic.

At present, the following option packets are supported:
  • Interface option packets: These packets are used to send the NetStream configurations of all the boards on the NDE to the NSC in a scheduled manner. The configurations cover the interface index, statistics collection direction, and sampling value in the inbound/outbound direction.
  • Time application label (TAL) option packets: These packets are used to send application label data to the NSC. The application label option function provides data, such as the application type of system labels, for users to collect L3VPN NetStream statistics.

Option packets, which are independent of statistics packets, are exported to the NSC in V9 or IPFIX format. Therefore, the required option template is sent to the NMS for parsing option packets. You can set option template refreshing parameters as needed to regularly refresh the template to notify the NSC of the latest option template format.

Procedure

  • Configure interface option packets to be exported in V9 or IPFIX format.
    1. Run the system-view command to enter the system view.
    2. Run the ip netstream export template option sampler command to enable the function of exporting statistics about interface option packets.
  • Set option template refreshing parameters for interface option packets to be exported in V9 or IPFIX format.
    1. Run the system-view command to enter the system view.
    2. Set option template refreshing parameters.

      • Run the ip netstream export template option { refresh-rate packet-interval | timeout-rate timeout-interval } command to set the packet sending interval and timeout interval for option template refreshing.

      An option template can be refreshed at a fixed packet sending interval or timeout interval. The two intervals can both take effect. In the command, refresh-rate packet-interval indicates that the option template is refreshed at a fixed packet sending interval, and timeout-rate timeout-interval indicates that the option template is refreshed at a fixed timeout interval.

Sampling IPv4 Flows

You can enable NetStream to sample and analyze the incoming or outgoing flows on an interface.

Context

NOTE:

If a NetStream-enabled interface is bound to a VPN instance, all packets in the VPN instance are sampled.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Configure sampling mode and sampling ratio, perform at least one of the following steps:

    • Configure a sampling mode and sampling ratio globally.
      1. Run ip netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured globally.

        By default, NetStream is disabled from sampling packets.

      2. Run interface interface-type interface-number

        The interface view is displayed.

    • Configure sampling mode and sampling ratio for the interface.
      1. Run interface interface-type interface-number

        The interface view is displayed.

      2. Run ip netstream sampler { fix-packets fix-packets-number | random-packets random-packets-number | fix-time fix-time-value } { inbound | outbound }

        The sampling mode and sampling ratio are configured for the interface.

        By default, NetStream is disabled from sampling packets.

        NOTE:
        The sampling mode and sampling ratio configured in the system view are applicable to all interfaces on the device. The sampling mode and sampling ratio configured in the interface view takes precedence over those configured in the system view.

  3. Run ip netstream { inbound | outbound }

    NetStream is enabled on the interface.

    Statistics about packets' BGP next-hop information can also be collected. Original flows output in V5 format, however, cannot carry the BGP next-hop information.

    By default, NetStream is disabled from collecting statistics about unicast flows.

  4. Run commit

    The configuration is committed.

Verifying the Configuration of Statistics Collection of IPv4 Original Flows

In routine maintenance or after NetStream configurations are complete, you can run the display commands in any view to view the running status of NetStream functions.

Procedure

  • Run the display ip netstream cache origin slot slot-id command to check information about the NetStream buffer.

    NOTE:

    If the netstream sampling function configured in the outbound logical interface, running the command can only display the information about the NetStream buffer of the physical interface on which the logical interface configured.

  • Run the display ip netstream statistics slot slot-id command to view statistics about NetStream flows.
  • Run the display netstream { all | global | interface interface-type interface-number } command to check NetStream configurations in different views.
  • Run the display ip netstream statistics interface interface-type interface-number command to view the statistics about the sampled packets on an interface.
  • Run the display ip netstream monitor { all | monitor-name } command to check the monitoring information about IPv4 original flows.
  • Run the display ip netstream cache origin statistics slot slot-id command to view original flow table specifications and the number of current flows of a specific board.

Example

Run the display ip netstream cache origin slot slot-id command to view statistics about IP packets cached in the NetStream buffer on the NE.
<HUAWEI> display ip netstream cache origin slot 10
 DstIf                         
 SrcIf                           
 DstP                          Msk          Pro            Tos 
 SrcP                          Msk          Flags          Ttl
 Packets                                                   Bytes
 NextHop                                                   Direction
 DstIP                                                     DstAs
 SrcIP                                                     SrcAs
 BGP: BGP NextHop                                          TopLabelType
 Label1                        Exp1         Bottom1
 Label2                        Exp2         Bottom2
 Label3                        Exp3         Bottom3
 TopLabelIpAddress                          VlanId         VniId
 --------------------------------------------------------------------------

 Unknown                                                          
 GigabitEthernet0/1/0                                            
 0                             0            253            0
 0                             0            0              
0
 3                                                         384       
 0.0.0.0                                                   in
 192.172.133.151                                           0         
 192.172.131.151                                           0         
 0.0.0.0                                                   UNKNOWN             
 0                             0            0         
 0                             0            0         
 0                             0            0         
 0.0.0.0                                    0              0        

 Unknown                                                          
 GigabitEthernet0/1/1                                            
 0                             0            253            0  
 0                             0            0              
0
 1                                                         128       
 0.0.0.0                                                   in
 192.173.81.232                                            0         
 192.173.79.232                                            0         
 0.0.0.0                                                   UNKNOWN             
 0                             0            0         
 0                             0            0         
 0                             0            0         
 0.0.0.0                                    0              0
Run the display ip netstream statistics slot slot-id command to view statistics about NetStream flows.
<HUAWEI> display ip netstream statistics slot 10 
 Netstream statistic information on slot 10:

--------------------------------------------------------------------------------
 length of packets  Number                   Protocol   Number
--------------------------------------------------------------------------------
 1      ~    64   : 0                        IPV4     : 2779            
 65     ~    128  : 985                      IPV6     :
 0 
 129    ~    256  : 1                        MPLS     : 0                   
 257    ~    512  : 360                      L2       : 0                   
 513    ~    1024 : 360                      Total    : 2779           
 1025   ~    1500 : 357                 
 longer than 1500 : 716                


--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
 Aggregation                         Current Streams       Aged Streams
               Created Streams       Exported Packets      Exported Streams
--------------------------------------------------------------------------------
 origin                              2                     92                
               94                    65                    92                
 as                                  0                     0                    
               0                     0                     0                   
 as-tos                              0                     0                   
               0                     0                     0                   
 protport                            0                     0                   
               0                     0                     0                   
 protporttos                         0                     0                   
               0                     0                     0                   
 srcprefix                           0                     0               
               0                     0                     0               
 srcpretos                           0                     0               
               0                     0                     0               
 dstprefix                           0                     0                   
               0                     0                     0                   
 dstpretos                           0                     0                   
               0                     0                     0                   
 prefix                              0                     0               
               0                     0                     0               
 prefix-tos                          0                     0               
               0                     0                     0                
 mpls-label                          0                     0                    
               0                     0                     0                    
 vlan-id                             0                     0                    
               0                     0                     0                    
 bgp-nhp-tos                         0                     0                   
               0                     0                     0                   
 index-tos                           0                     0                   
               0                     0                     0                   
 src-index-tos                       0                     0                   
               0                     0                     0                   
 bgp-community                       0                     0                     
               0                     0                     0                     
 vni-sip-dip                         0                     0                      
               0                     0                     0                     
 system: bbbb                        0                     0                       
               0                     0                     0                       
 aaaa                                0                     0                                       
               0                     0                     0                    
 bbbb                                0                     0                     
 all-aggre                           2                     92                   
               94                    65                    92                     
--------------------------------------------------------------------------------   
 srcprefix = source-prefix,   srcpretos = source-prefix-tos,
 dstprefix = destination-prefix,   dstpretos = destination-prefix-tos,
 protport = protocol-port,   protporttos = protocol-port-tos,
 src-index-tos = source-index-tos,   all-aggre = all aggregation streams
 "---" means that the current board is not supported.
Run the display ip netstream statistics interface interface-type interface-number command to view the statistics about the sampled packets on an interface.
<HUAWEI> display ip netstream statistics interface GigabitEthernet0/1/0
Netstream statistic information of <GigabitEthernet0/1/0>:

 Inbound :

 IPV4 :1000 Bytes, 10 Packets

 IPV6 :0 Bytes, 0 Packets

 MPLS :0  Bytes, 0  Packets

 Total :1000 Bytes, 10 Packets

 Outbound :

 IPV4 :1000 Bytes, 10 Packets

 IPV6 :0 Bytes, 0 Packets

 MPLS :0  Bytes, 0  Packets

 Total :1000 Bytes, 10 Packets

Run the display netstream { all | global | interface interface-type interface-number } command to view NetStream configurations in different views.

<HUAWEI> display netstream all
system
ip netstream export version 9 origin-as
ip netstream timeout active 50
ip netstream timeout inactive 10
ip netstream export source 10.1.1.1
ip netstream export host 4.4.4.4 10000
ip netstream aggregation as
 enable
 export version 9
 ip netstream export source 1.1.1.2
 ip netstream export host 3.3.3.3 555
 ip netstream export host 1.1.1.2 55

Run the display ip netstream monitor { all | monitor-name } command to view the monitoring information about IPv4 original flows.

<HUAWEI> display ip netstream monitor monitora
Monitor monitora
 ID        : 1
 AppCount  : 0

 Address                                   Port            
 1.1.1.1                                   1               
 2.2.2.2                                   2               
------------------------------------------------------------
Run the display ip netstream cache origin statistics slot slot-id command to view original flow table specifications and the number of current flows of a specific board.
<HUAWEI> display ip netstream cache origin statistics slot 10 
-------------------------------------------
Total Streams    Current Streams
-------------------------------------------
1048576            1000
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058924

Views: 7117

Downloads: 24

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next