Juniper SRX series Gateway supports J-Flow

There is no doubt that flow technology is revolutionizing network monitoring. In this  NetFlow/J-Flow/IPFIX/sFlow era, there is no need to settle with only knowing utilizations on the network. Besides, little analysis can be done in monitoring bandwidth only anyways.

Scott wrote a blog earlier that made a valid point: “A Network Administrator’s abilities are only as good as his awareness of what happens on his network.” In harmony with that statement, it’s beneficial to have useful tools to be able to collect that traffic information.

Recently, I learned that J-Flow is supported for the Juniper SRX series Gateways. I thought this might be good information for people who want to start monitoring flows on this type of device, especially our NetFlow and sFlow Analyzer users, since it can also process J-Flow packets. Below are some sample commands taken from Juniper’s Knowledge Base which walks you through your J-Flow configuration.

1. Enable sampling on desired interface(s) and directions:

set interfaces ge-0/0/0 unit 0 family inet sampling input
set interfaces ge-0/0/0 unit 0 family inet sampling output

2. Specify sampling rate and where to send the J-Flow data:

#Specify sampling rate.

Caution:

Activation of Flow collection can have a significant impact on the performance of the SRX device. The smaller the sample rate, the bigger the impact .  A sampling input rate of 1 is

not

recommended.

set forwarding-options sampling input rate 100

#Specify UDP port number of host collecting cflowd packets
set forwarding-options sampling family inet output flow-server 192.168.1.5 port 9996

#Specify version format: 5, 8 or 500 (ASN 500)
set forwarding-options sampling family inet output flow-server 192.168.1.5 version 5

For a sample configuration, please check our FAQ archive for enabling flow export on a Juniper router.