Re: [j-nsp] Netflow config for MX204

Alain Hebert Wed, 08 Apr 2020 07:22:46 -0700

    Hi,

    IMHO,

Directly on the interface permit to use plugins in Elastiflow(example) to highlight odd traffic behavior (Scans/DDoS)


-----
Alain Hebert                                aheb...@pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770     Beaconsfield, Quebec     H9W 6G7
Tel: 514-990-5911  http://www.pubnix.net    Fax: 514-990-9443

On 2020-04-08 08:56, Mark Tinka wrote:


On 8/Apr/20 14:51, Mark Tinka wrote:

Looks good.

The only other thing I would do different is to sample directly on the
interface, rather than through a firewall filter:

xe-0/1/0 {
     unit 0 {
         family inet {
             sampling {
                 input;
                 output;
             }
         family inet6 {
             sampling {
                 input;
                 output;
             }
     }
}

But either works. Just haven't sampled in firewall filters for some time
now.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp


_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Netflow config for MX204

Reply via email to