Re: [pmacct-discussion] Dual Stack

2016-12-07 Thread Fabien VINCENT 

Hi Paolo,

Le 2016-12-07 17:54, Paolo Lucente a écrit :

Hi Fabien,

One step back on your question: you refer to the flow records or to the
transport protocol here? You can travel v4 and v6 records within the
same, say, v4 NetFlow/IPFIX/sFlow transport. This is what all exporters
basically do; are you working with an exporter that is behaving in a
different fashion? Like sending v4 records over a v4 transport and v6
records into a v6 transport? If i understand your question correctly,
that would be the only case in which it would apply.



It can be, but this is not what I'm trying to achieve here.


In any case you can select which v4 or v6 address you want to bind to,
one (or otherwise you bind on all and then filter with iptables for
example), with nfacctd_ip, sfacctd_ip and bgp_daemon_ip (the address 
you

listen for NetFlow/IPFIX/sFlow can be different from the BGP one, yes).



How can I see the BGP daemon to listen on a specific IPv4 and IPv6 ? I 
wanted to do it to have both address family.


I run both nfacctd and sfacctd on the same server and BGP daemon have to 
be bind on sepecific seconday ipv4, because they have to bind both on 
TCP/179. And I want to do the same with IPv6 at the same time to have 
IPv6 sessions with DFZ routers.



If this answer does not help, please elaborate a bit more on what you
are trying to achieve.


Is this more clear ?

Thanks !



Cheers,
Paolo


On Tue, Dec 06, 2016 at 01:21:22PM +0100, Fabien VINCENT wrote:

Dear list,

Any help on how to configure sfacctd and nfacctd on dual stack ?

I mean having both IPv4 and IPv6 running on sfacctd, with collector
enabled on both protocols ?

I've seen the trick for bgp_daemon_ip, but don't know how to bind to
specific ip4 and ip6 on my server the sfacctd bgp daemon and the
daemon itself.

Thanks in advance !

___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists


___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists


___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists

Re: [pmacct-discussion] Dual Stack

2016-12-07 Thread Paolo Lucente 

Hi Fabien,

One step back on your question: you refer to the flow records or to the
transport protocol here? You can travel v4 and v6 records within the
same, say, v4 NetFlow/IPFIX/sFlow transport. This is what all exporters
basically do; are you working with an exporter that is behaving in a
different fashion? Like sending v4 records over a v4 transport and v6
records into a v6 transport? If i understand your question correctly,
that would be the only case in which it would apply.

In any case you can select which v4 or v6 address you want to bind to,
one (or otherwise you bind on all and then filter with iptables for
example), with nfacctd_ip, sfacctd_ip and bgp_daemon_ip (the address you
listen for NetFlow/IPFIX/sFlow can be different from the BGP one, yes).

If this answer does not help, please elaborate a bit more on what you
are trying to achieve.

Cheers,
Paolo


On Tue, Dec 06, 2016 at 01:21:22PM +0100, Fabien VINCENT wrote:
> Dear list,
> 
> Any help on how to configure sfacctd and nfacctd on dual stack ?
> 
> I mean having both IPv4 and IPv6 running on sfacctd, with collector
> enabled on both protocols ?
> 
> I've seen the trick for bgp_daemon_ip, but don't know how to bind to
> specific ip4 and ip6 on my server the sfacctd bgp daemon and the
> daemon itself.
> 
> Thanks in advance !
> 
> ___
> pmacct-discussion mailing list
> http://www.pmacct.net/#mailinglists

___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists

Re: [pmacct-discussion] IPv4 and IPv6 sFlow BGP AS

2016-12-07 Thread Paolo Lucente 

Dears,

Just for the archives: this has been solved by this commit:

https://github.com/pmacct/pmacct/commit/0da36b1aba053128532d6c1342e4f777a46b0041

Cheers,
Paolo 

On Sat, Dec 03, 2016 at 01:24:47AM +0200, Сергей Горшков wrote:
> Hi Paolo, thank you for the answer
> 
> root@pmacct:/etc/pmacct# cat bgp_agent.map
> bgp_ip=176.**.**.252  ip=0.0.0.0/0filter='ip'
> bgp_ip=2001:**:**:1::11  ip=0.0.0.0/0filter='ip6'
> 
> Unfortunately, it did not help:-(
> Running takes place perfectly
> Dec 03 01:07:22 INFO ( default/core ): Trying to (re)load map:
> /etc/pmacct/bgp_agent.map
> Dec 03 01:07:22 INFO ( default/core ): map
> '/etc/pmacct/bgp_agent.map' successfully (re)loaded.
> Dec 03 01:07:22 INFO ( default/core/BGP ): maximum BGP peers allowed: 4
> Dec 03 01:07:22 INFO ( default/core/BGP ): waiting for BGP data on :::179
> Dec 03 01:07:24 INFO ( default/core/BGP ): BGP peers usage: 1/4
> Dec 03 01:07:24 INFO ( default/core/BGP ): Capability: MultiProtocol
> [1] AFI [1] SAFI [1]
> Dec 03 01:07:24 INFO ( default/core/BGP ): Capability: 4-bytes AS
> [41] ASN [5**81]
> Dec 03 01:07:24 INFO ( default/core/BGP ): [Id: 31.**.**.2]
> BGP_OPEN: Asn: 5**81 HoldTime: 240
> Dec 03 01:07:27 INFO ( default/core ): waiting for sFlow data on :::6343
> Dec 03 01:07:27 INFO ( default/mysql ): cache entries=32771 base
> cache memory=11369224 bytes
> Dec 03 01:08:01 INFO ( default/mysql ): *** Purging cache - START
> (PID: 1239) ***
> Dec 03 01:08:01 INFO ( default/mysql ): *** Purging cache - END
> (PID: 1239, QN: 3618/3618, ET: 0) ***
> Dec 03 01:08:59 INFO ( default/core/BGP ): BGP peers usage: 2/4
> Dec 03 01:08:59 INFO ( default/core/BGP ): Capability: MultiProtocol
> [1] AFI [2] SAFI [1]
> Dec 03 01:08:59 INFO ( default/core/BGP ): Capability: 4-bytes AS
> [41] ASN [5**81]
> Dec 03 01:08:59 INFO ( default/core/BGP ): [Id: 176.**.**.97]
> BGP_OPEN: Asn: 5**81 HoldTime: 180
> 
> But here's the result of a
> +--+--+++-+---+--+--+--+-+---+---+-+-+
> | agent_id | vlan | as_src | as_dst | ip_src  | ip_dst
> | src_port | dst_port | ip_proto | packets | bytes | flows |
> stamp_inserted  | stamp_updated   |
> +--+--+++-+---+--+--+--+-+---+---+-+-+
> |0 | 3855 |  0 |  0 | 2001:4860::1:0:893c |
> 2001:67c:2d40::47 |0 |0 | ipv6-i   |   1 | 214 |
> 0 | 2016-12-03 01:00:00 | 2016-12-03 01:14:01 |
> +--+--+++-+---+--+--+--+-+---+---+-+-+
> and
> |0 | 3800 |  0 |  0 | 31.43.61.166   |
> 185.38.12.42  |56911 |   80 | tcp  | 1 |
> 64 | 0 | 2016-12-03 01:00:00 | 2016-12-03 01:08:01 |
> 
> Perhaps this will give a little more information to solve the problem
> Sfacct version
> #sfacctd -V
> sFlow Accounting Daemon, sfacctd 1.5.2 (20150907-00)
>  --build=x86_64-linux-gnu
>  --prefix=/usr '--includedir=${prefix}/include'
> '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info'
>  --sysconfdir=/etc
>  --localstatedir=/var
>  --disable-silent-rules '--libdir=${prefix}/lib/x86_64-linux-gnu'
> '--libexecdir=${prefix}/lib/x86_64-linux-gnu'
> --disable-maintainer-mode
>  --disable-dependency-tracking
>  --enable-mmap
>  --enable-pgsql
>  --with-pgsql-includes=/usr/include/postgresql
>  --enable-mysql
>  --enable-sqlite3
>  --enable-ipv6
>  --enable-v4-mapped
>  --enable-64bit
>  --enable-threads
>  --enable-jansson
>  --enable-geoip
>  --enable-rabbitmq
> ---
> Database
> create table acct_v6 (
> agent_id INT(4) UNSIGNED NOT NULL,
> class_id CHAR(16) NOT NULL,
> vlan INT(2) UNSIGNED NOT NULL,
> as_src INT(4) UNSIGNED NOT NULL,
> as_dst INT(4) UNSIGNED NOT NULL,
> ip_src CHAR(15) NOT NULL,
> ip_dst CHAR(15) NOT NULL,
> src_port INT(2) UNSIGNED NOT NULL,
> dst_port INT(2) UNSIGNED NOT NULL,
> ip_proto CHAR(6) NOT NULL,
> packets INT UNSIGNED NOT NULL,
> bytes BIGINT UNSIGNED NOT NULL,
> flows INT UNSIGNED NOT NULL,
> stamp_inserted DATETIME NOT NULL,
> stamp_updated DATETIME,
> PRIMARY KEY (agent_id, class_id, vlan, as_src, as_dst, ip_src,
> ip_dst, src_port, dst_port, ip_proto, stamp_inserted)
> );
> 
> For suggestions, critics, bugs, contact me: Paolo Lucente
> .
> 
> 03.12.2016 0:03, Paolo Lucente пишет:
> >Hi Sergey,
> >
> >I guess what you need is to refine your bgp_agent_map as follows:
> >
> >bgp_ip=176.**.**.252 ip=0.0.0.0/0filter='ip'
> >bgp_ip=2001:**:**:1::11  ip=0.0.0.0/0filter='ip6'
> >
> >Let me know if this works for you.