Switching

Dear All, 

 How can make netflow  for the following  information:

Netflow Data Export enabled
Exporting flows to 10.16.16.2 (3322)
Exporting flows from 10.16.16.15 (61111)
Version: 5
Layer2 flow creation is enabled on vlan 1,108-112
Layer2 flow export is enabled on vlan 1,180-190
Include Filter not configured
Exclude Filter not configured

Hi Anwar,

Juniper QFX5100 do not support Netflow, it just supports sFlow.

Here are some sites where you can check the sFlow configuration:

https://kb.juniper.net/InfoCenter/index?page=content&id=KB14855

https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/sflow-qfx-series-cli.html

https://www.juniper.net/documentation/en_US/junos/topics/concept/sflow-qfx-series-understanding.html  -  and the following pages on the left side

https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/sflow-edit-protocols-qfx-series.html

Thanks for reply , but still not found how can make it per vlans  other than per interfaces ??

I suppose that you have a similar Cisco config like this:

ip flow ingress layer2-switched vlan <vlans>
ip flow export layer2-switched vlan <vlans>

This is not possible with sFlow. If you have vlan interfaces (or irb interfaces, it's the same, just another name) on QFX, then you can specify these virtual interfaces. But it is not possible to specify pure vlans for layer2-switched traffic.

Hi 

I am afraid that sflow does not support vlan interfaces or vlan sampling, please see this article : 

reference : 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB14855&cat=QFX_SERIES&actp=LIST

NOTE: You cannot enable sFlow technology on a Layer 3 VLAN-tagged interface.
NOTE: You cannot enable sFlow technology on a LAG interface. sFlow technology can be enabled on the member interfaces of the LAG.

If this solves your problem, please mark this post as "Accepted Solution". 
If you think that my answer was helpful, please spend some Kudos.

Regards

Luis Mora - JNCIS-Security

luism@juniper.net