
This is an old revision of the document!

Sample Netflow configuration for Juniper MX routers

Here is a minimal configuration for Juniper MX Netflow/J-Flow

The setup

  • Trisul Network Analytics is installed on IP
  • The router IP is
  • We want to enable IPFIX , alternately you can use Netflow-v9
  • Sample rate is 1024
  • Enable ingress/egress netflow on ge-0/0/0

Step 1: Attach sampler trisul_sampling to FPC

FPC(Flexible PIC Concentrator) is a part of the packet forwarding engine. Previously you needed a dedicated MS-MIC or MS-PIC cards.

set chassis fpc 0 sampling-instance trisul_sampling

Step 2: Configure sampler trisul_sampling

Create a sampler named trisul_sampling and set it to 1024, add the flow server IP

set forwarding-options sampling instance trisul_sampling input rate 1024
set forwarding-options sampling instance trisul_sampling family inet output flow-server port 2055
set forwarding-options sampling instance trisul_sampling family inet output flow-server version-ipfix template trisul_template 
set forwarding-options sampling instance trisul_sampling family inet output inline-jflow source-address

Step 3: Configure the Template

Name of template is trisul_template, specify timeouts and IPv4 IPv6 here

set services flow-monitoring version-ipfix template trisul_template flow-active-timeout 300
set services flow-monitoring version-ipfix template trisul_template flow-inactive-timeout 60
set services flow-monitoring version-ipfix template trisul_template template-refresh-rate seconds 60
set services flow-monitoring version-ipfix template trisul_template option-refresh-rate seconds 120
set services flow-monitoring version-ipfix template trisul_template ipv4-template

Step 4: Enable each interface

This samples directly on interface

set interfaces ge-0/0/0 unit 0 family inet sampling input
set interfaces ge-0/0/0 unit 0 family inet sampling output

Flow table size

By default MX has a very small flow table size of 1K, this can be observed by Trisul as a very slow netflow records / second rate. Go to “Netflow > Flow Sources” then see the Flow records /sec. This happens usually when you are configuring JFlow on a Juniper MX for the first time and are using the default 1K flow table size. Juniper recommends configuring the ipv4-flow-table-size to 4 that means 1M for most cases 1)

Useful debugging

Use the flow errors status commands

run show services accounting flow inline-jflow fpc-slot 0
run show services accounting errors inline-jflow fpc-slot 0
run show services accounting status inline-jflow fpc-slot 0


netflow/junipermx.1687345854.txt.gz · Last modified: 2023/06/21 16:40 by veera