OSS Netflow that can use EngineID

Eric Germann ekgermann at semperen.com
Thu Feb 23 14:08:09 UTC 2017


Before I go down a source code path, I wanted to get your input.

I have some Linux routers I’ve built that use lots of GRE tunnels.  I use ipt-netflow to export flow traffic to a collector.  The issue is it seems to randomly pick an interface address and export from that.  If we add a tunnel interface, it can randomly switch to that interface for exporting.

I’ve played with nfsen for collection/display, but it defines a source based on IP.  Since the source IP of the exporter can change, this poses a problem

ipt-netflow supports EngineID, but not a specific export IP.
nfsend supports a specific export IP, but not EngineID.

It seems like the solution is EngineID since we could wire it down.  Does anyone know of a solution to that will pull in based on EngineID and separate it that way before I chomp in to source code of one or the other patch it to support the other.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3705 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20170223/9e5ccc2d/attachment.bin>

More information about the NANOG mailing list