6.4 Accounting

Previous page
Table of content
Next page

It is a fundamental need of all networks to gather the statistics that enable effective billing. Being able to recover your costs is key to being profitable and ultimately successful. JUNOS has two types of accounting profiles available for your use:

  1. Interface accounting

  2. Firewall filters

Each type is configured in a different hierarchical level in the CLI. You cannot, however, use both; you must use one or the other. JUNOS will give you an error if you try to violate this. We are going to configure accounting here, but a note of caution: There is not much tangible information on these features in the JUNOS documentation, so we will do our best to make the process and results understandable.

In this configuration example, we were setting out to use accounting to count all the ICMP Echo Request & Replies (e.g., pings ) that are directed at interface fxp0 , which represents the routing engine. The first thing we configure is the accounting options, which control the creation of the actual files, which in turn record the accounting activity as it occurs on the router. The specific configuration will allow for three files to be created. 

 user@Chicago# edit accounting-options  [edit accounting-options] user@Chicago# show file file1 {     files 3; }

While in the [edit accounting-options] configuration hierarchy, you assign the firewall-filter profile name to be used for accounting (e.g., filter1 ). Once again, we reference the file to be created (e.g., file1 ), which will hold the accounting data, the interval in minutes that the data is to be written to the file (e.g., one minute), and the name of the counter the router is to draw the accounting data from (e.g., count1 ). 

 [edit accounting-options]  filter-profile filter1 {     file file1;     interval 1;     counters {         count1;     } }

Since this is a firewall-filter-based accounting solution, we will need to configure a firewall filter to classify the packets we wish to account for. In this example, we chose ICMP as described previously. The first part is to create a firewall filter icmpcount and assign the name filter1 to the accounting profile. This accounting profile name should match the filter profile name from the accounting-options configuration. We create our first term statement (e.g., term1 ) to classify ICMP traffic, and then count it into the name count1 , which also corresponds to the name used in the accounting-options configuration. Then, the second term is added to allow all other traffic through. 

 user@Chicago# top  [edit] user@Chicago# edit firewall filter icmpcount [edit firewall filter icmpcount] user@Chicago# show accounting-profile filter1; term term1 {     from {         icmp-type [ echo-reply echo-request ];     }     then {         count count1;         accept;     } } term term2 {     then accept; } [edit firewall filter icmpcount] user@Chicago# top

The final aspect of configuring firewall-filter-based accounting is to assign the filter to the interface you wish accounting to be configured on. 

 [edit]  user@Chicago# edit interfaces fxp0 [edit interfaces fxp0] user@Chicago# show unit 0 {     family inet {         filter {             input icmpcount;         }         address 172.25.46.22/25;     } } [edit interfaces fxp0] user@Chicago# top

Now, to see if the accounting is operating correctly, you can view the file (e.g., file1 ) that we configured to receive the accounting data as shown below. 

 [edit]  user@Chicago# run file show /var/log/file1 #FILE CREATED 1012253230 2002-01-28-21:27:10 #hostname June01 #profile-layout filter1,epoch-timestamp,interfaces,filter-name,counter- name,packet-count,byte-count filter1,1012253229,fxp0.0,icmpcount,count1,68,6469 filter1,1012253289,fxp0.0,icmpcount,count1,100,9157 filter1,1012253349,fxp0.0,icmpcount,count1,160,14197 filter1,1012253409,fxp0.0,icmpcount,count1,186,16381 filter1,1012253469,fxp0.0,icmpcount,count1,186,16381 filter1,1012253529,fxp0.0,icmpcount,count1,186,16381 filter1,1012253589,fxp0.0,icmpcount,count1,210,17469 filter1,1012253649,fxp0.0,icmpcount,count1,443,27339 filter1,1012253709,fxp0.0,icmpcount,count1,564,32650 filter1,1012253769,fxp0.0,icmpcount,count1,592,33794 filter1,1012253829,fxp0.0,icmpcount,count1,790,42077 [edit] user@Chicago# exit Exiting configuration mode user@Chicago> exit

Previous page
Table of content
Next page
Juniper Networks Reference Guide. JUNOS Routing, Configuration, and Architecture
Juniper Networks Reference Guide: JUNOS Routing, Configuration, and Architecture: JUNOS Routing, Configuration, and Architecture
ISBN: 0201775921
EAN: 2147483647
Year: 2002
Pages: 176
Authors: Thomas M. Thomas, Doris Pavlichek, Lawrence H. Dwyer, Rajah Chowbay, Wayne W. Downing, James Sonderegger
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
High-Speed Signal Propagation[c] Advanced Black Magic
Oracle Developer Forms Techniques
Network Security Architectures
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy