Netgraph and Netflow-v9
Alexander V. Chernikov
melifaro at FreeBSD.org
Mon Jun 11 17:37:34 UTC 2012
On 11.06.2012 20:55, Kolasinski, Brent D. wrote:
>
> On 6/9/12 5:01 AM, "Alexander V. Chernikov"<melifaro at FreeBSD.org> wrote:
>
>> It should disappear after 5-10 minutes. We're using several FreeBSD v9
>> sensors with flowd and it seems to run fine (except first 5 minutes
>> while waiting for template). I'm aware about the problem with templates
>> timeout working incorrectly and I plan to fix this soon.
I've done some additional tests and it seems that templates are sent in
regular intervals exactly as specified in 'settemplate'.
However I still haven't tested this on real collector.
>
> Looks like it has disappeared, however I am still not seeing any v9
> collection. I am assuming I am using export9 correctly in the ngctl
> commands?
It seems so.
Can you show "ngctl msg netflow: info" ouput ?
> 1) bce0 -> in promiscuous mode listening to traffic off of a tap
Does bce0 have both UP and RUNNING flags set ?
>
>>
>>>
>>> Commands I am using to export v9 netflow records in ngctl:
>>>
>>> mkpeer bce0: netflow lower iface0
>>> name bce0:lower netflow
>>> connect bce0: netflow: upper out0
>>> mkpeer netflow: ksocket export9 inet/dgram/udp
>>> msg netflow:export9 connect inet/<IP ADDRESS>:<PORT>
>>>
>>>
>>>
>>
>> --
>> WBR, Alexander
>
>
> Thanks
>
> --Brent
>
>
--
WBR, Alexander
More information about the freebsd-net
mailing list