Hello Paolo,
Thanks for answer - that's clarify a lot :)
Regards
2013/11/18 Paolo Lucente pa...@pmacct.net
Hi Adam,
The scenario is supported by pmacct, there are two pieces to it:
* pmacct BGP daemon acts as a passive BGP neighbor and replies to an
incoming BGP OPEN message with the same AS number contained in the
OPEN. This means a single collector can peer with different ASNs no
problem. If your NetFlow export model is ingress at edge interfaces
facing customers, peers and transits you should be mostly sorted.
* If you want to get end to end visibility, ie. a flow from customer
in AS111 to a transit in AS222: you collect ingress NetFlow at AS111
but want to see the exit point in AS222, you can use a mix of
bgp_follow_nexthop and bgp_agent_map. bgp_follow_nexthop allows to
define IP prefixes to be considered internal BGP next-hops so
granted pmacct peers with all ASBRs, it can follow BGP tables until
it hits a foreign BGP next-hop; bgp_agent_map is because routers
would typically BGP peer with pmacct using one of their loopback
interfaces; whereas it is very possible ASBRs of AS111 and AS222 are
eBGP peering using their transfer network IP addresses (ie. /30):
so bgp_agent_map is useful in this context to map these addresses
back to the loopback interface used for the BGP peering.
In case something of the above does not work, then it's most probably
a bug (or we have to review assumptions) so feel free to follow with
me privately for some troubleshooting.
Cheers,
Paolo
On Mon, Nov 18, 2013 at 12:53:41PM +0100, Adam Bogdan wrote:
Hi
I have small problem with pmacct implementation
I have network with 3 ASes - in each AS there is at least 2 routers,
sometimes more
Each of these ASes hold some part of the full BGP table
It looks like this:
AS 111 - R1,R2
AS 222 - R3,R4
AS 333 - R5,R6
R1 is connected to uplink1 and uplink2
R2 is connected to uplink3 and uplink4
R3 is connected to uplink5 and uplink6
and so on
Routers in ASes are connected via ibgp and each router is connected with
each other via ebgp
If I connect customer to any of these ASes he's able to receive all bgp
routes or some part of it - depends to which AS I'll connect him.
And now I'd like to apply pmacct to see how traffic is flowing between
uplinks and customers, which AS to which AS is generate
what amount of traffic.
Question is how to do it ? If I set a machine with quagga I can only
configure 1 BGP session - should I set 3 collectors, one per AS.
But then could a problem with peer_ip_src or peer_ip_dst. Any ideas ?
Regards
Adam
___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists