Hi Paolo, Thank you for your reply. I really was hoping it would work :). Do you think it is still possible with nfacctd and just dumping traffic on the ethernet interface instead of receiving netflow?
pon., 15 lut 2021 o 01:07 Paolo Lucente <pa...@pmacct.net> napisał(a): > > Hi Michal, > > Similar topic was discussed recently on the list (*) but, as you can > see, the broad generic answer to it is negative. > > Paolo > > (*) > https://www.mail-archive.com/pmacct-discussion@pmacct.net/msg04028.html > > > On 14/02/2021 22:34, Michał Margula wrote: > > Hi, > > > > I am trying to achieve following setup with pmacct: > > - receive netflow export from X that does not contain AS numbers > > - resend it to Y but adding AS number information > > > > I was able to configure BGP peering with one of our routers (tried both > > with Cisco and FRR). I tried both eBGP and IBGP. I confirmed both on the > > router and the pmacct (via bgp_table_dump_file) that I am correctly > > receiving the BGP feed. I also tried two versions of bgp_agent_map - one > > with router-id of the router and another with just the IP I am peering > > with under bgp_ip. > > > > Then I tried with pmacctd instead of nfacctd but with no luck. AS > > numbers are always empty in netflow export, it is the same when I do > > pmacct -s -a. This is the config I used for nfacctd: > > > > root@netflow:/home/alchemyx# cat /etc/pmacct/nfacctd.conf > > ! nfacctd configuration > > ! > > ! > > ! > > daemonize: true > > pidfile: /var/run/nfacctd.pid > > syslog: daemon > > > > nfacctd_ip: 127.0.0.1 > > nfacctd_port: 2100 > > root@netflow:/home/alchemyx# cat /etc/pmacct/nfacctd.conf > > ! nfacctd configuration > > ! > > ! > > ! > > daemonize: true > > pidfile: /var/run/nfacctd.pid > > syslog: daemon > > > > nfacctd_ip: 127.0.0.1 > > nfacctd_port: 2100 > > > > bgp_daemon: true > > bgp_daemon_ip: 192.168.223.10 > > bgp_daemon_max_peers: 100 > > bgp_daemon_as: 65535 > > bgp_agent_map: /etc/pmacct/bgp_agent.map > > nfacctd_as: bgp > > > > plugins: tee[a] > > tee_receivers[a]: /etc/pmacct/tee_nflow_receivers.lst > > root@netflow:/home/alchemyx# cat /etc/pmacct/bgp_agent.map > > bgp_ip=xxx.yyy.zz.1 ip=0.0.0.0/0 > > > > root@netflow:/home/alchemyx# cat /etc/pmacct/tee_nflow_receivers.lst > > id=1 ip=192.168.222.9:7779 > > > > > > bgp_daemon: true > > bgp_daemon_ip: 192.168.223.10 > > bgp_daemon_max_peers: 100 > > bgp_daemon_as: 65535 > > bgp_agent_map: /etc/pmacct/bgp_agent.map > > nfacctd_as: bgp > > > > plugins: tee[a] > > tee_receivers[a]: /etc/pmacct/tee_nflow_receivers.lst > > root@netflow:/home/alchemyx# cat /etc/pmacct/bgp_agent.map > > bgp_ip=xxx.yyy.zz.1 ip=0.0.0.0/0 > > > > root@netflow:/home/alchemyx# cat /etc/pmacct/tee_nflow_receivers.lst > > id=1 ip=192.168.222.9:7779 > > > > And this is pmacctd config I used: > > > > root@netflow:/home/alchemyx# cat /etc/pmacct/pmacctd.conf > > ! pmacctd configuration > > ! > > ! > > ! > > daemonize: true > > pidfile: /var/run/pmacctd.pid > > syslog: daemon > > > > promisc: true > > aggregate: src_host,dst_host > > interface: ens16f0 > > pmacctd_as: bgp > > pmacctd_net: bgp > > > > nfprobe_receiver: 192.168.222.9:7779 > > nfprobe_version: 9 > > > > bgp_daemon: true > > bgp_daemon_ip: 192.168.223.10 > > bgp_daemon_max_peers: 100 > > bgp_daemon_as: 205679 > > bgp_agent_map: /etc/pmacct/bgp_agent.map > > plugin_buffer_size: 409600 > > plugin_pipe_size: 409600000 > > > > And bgp_agent.map is the same. I feel like I am missing something > > obvious, but can't find it. Any help would be greatly appreciatd. > > > > Kind regards, > > Michał > > > > -- Michał Margula, mic...@margula.pl "W życiu piękne są tylko chwile" [Ryszard Riedel]
_______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists