I have multiple q-in-q S-VLANs assigned to the trunk port ge-0/0/0.
How can I read SNMP traffic counters for a specific VLAN id (S-VLAN) on that trunk port?
Hardware is Juniper EX4200-24F.
For reference, the VLAN configuration is shown below. For instance, I need to read, thru SNMP, traffic counters for S-VLAN id=4 for packets received/sent on port ge-0/0/0.
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode access
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members SVID4
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members SVID5
set vlans SVID4 vlan-id 4
set vlans SVID4 dot1q-tunneling customer-vlans 41-42
set vlans SVID4 dot1q-tunneling layer2-protocol-tunneling all
set vlans SVID5 vlan-id 5
set vlans SVID5 dot1q-tunneling customer-vlans 51-52
set vlans SVID5 dot1q-tunneling layer2-protocol-tunneling all
Can EX4200 provide traffic counters thru SNMP for specific VLAN id on a trunk port? If so, please point out directions.
Best Answer
Sadly the EX4200 (or any EX) is not able to do this. You would need a separate logical unit for the VLAN which has its own VLAN counters. This works for example on Junipers MX routers but not on EX.
What you can do however is count the packets and bytes with a firewall filter.
I have an working example here, for VLANS 14, 571, 572. You can of course use any VLAN IDs.
Here is the filter:
As you can see we have a separate term for each VLAN we want to count and a
default
term at the end. This is important as without that last term traffic for other VLANs would be dropped. Theinterface-specific
keyword tells the switch to generate separate counters for each interface.You can apply this filter to your interfaces:
After that you can see the counters in the
show firewall
output. Note that they have interface-specific extensions:Last but not least the SNMP part.
The packet and byte counters displayed above are visible in SNMP under the
JUNIPER-FIREWALL-MIB::jnxFWCounterPacketCount
andJUNIPER-FIREWALL-MIB::jnxFWCounterByteCount
tree.For example:
If your program does not understand the encoded form of the OID you can translate it to the numeric form with the snmptranslate utility: