Re: [pmacct-discussion] pmacct and more than 1 AS

[Adam Bogdan]

Hello Paolo,

Thanks for answer - that's clarify a lot :)

Regards


2013/11/18 Paolo Lucente pa...@pmacct.net

 Hi Adam,

 The scenario is supported by pmacct, there are two pieces to it:

 * pmacct BGP daemon acts as a passive BGP neighbor and replies to an
   incoming BGP OPEN message with the same AS number contained in the
   OPEN. This means a single collector can peer with different ASNs no
   problem. If your NetFlow export model is ingress at edge interfaces
   facing customers, peers and transits you should be mostly sorted.

 * If you want to get end to end visibility, ie. a flow from customer
   in AS111 to a transit in AS222: you collect ingress NetFlow at AS111
   but want to see the exit point in AS222, you can use a mix of
   bgp_follow_nexthop and bgp_agent_map. bgp_follow_nexthop allows to
   define IP prefixes to be considered internal BGP next-hops so
   granted pmacct peers with all ASBRs, it can follow BGP tables until
   it hits a foreign BGP next-hop; bgp_agent_map is because routers
   would typically BGP peer with pmacct using one of their loopback
   interfaces; whereas it is very possible ASBRs of AS111 and AS222 are
   eBGP peering using their transfer network IP addresses (ie. /30):
   so bgp_agent_map is useful in this context to map these addresses
   back to the loopback interface used for the BGP peering.

 In case something of the above does not work, then it's most probably
 a bug (or we have to review assumptions) so feel free to follow with
 me privately for some troubleshooting.

 Cheers,
 Paolo

 On Mon, Nov 18, 2013 at 12:53:41PM +0100, Adam Bogdan wrote:
  Hi
 
  I have small problem with pmacct implementation
 
  I have network with 3 ASes - in each AS there is at least 2 routers,
  sometimes more
  Each of these ASes hold some part of the full BGP table
 
  It looks like this:
  AS 111 - R1,R2
  AS 222 - R3,R4
  AS 333 - R5,R6
 
  R1 is connected to uplink1 and uplink2
  R2 is connected to uplink3 and uplink4
  R3 is connected to uplink5 and uplink6
  and so on
 
  Routers in ASes are connected via ibgp and each router is connected with
  each other via ebgp
 
  If I connect customer to any of these ASes he's able to receive all bgp
  routes or some part of it - depends to which AS I'll connect him.
 
  And now I'd like to apply pmacct to see how traffic is flowing between
  uplinks and customers, which AS to which AS is generate
  what amount of traffic.
 
  Question is how to do it ? If I set a machine with quagga I can only
  configure 1 BGP session - should I set 3 collectors, one per AS.
  But then could a problem with peer_ip_src or peer_ip_dst. Any ideas ?
 
  Regards
  Adam

  ___
  pmacct-discussion mailing list
  http://www.pmacct.net/#mailinglists


 ___
 pmacct-discussion mailing list
 http://www.pmacct.net/#mailinglists

___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists

Re: [pmacct-discussion] pmacct and more than 1 AS

[Paolo Lucente]

Hi Adam,

The scenario is supported by pmacct, there are two pieces to it:

* pmacct BGP daemon acts as a passive BGP neighbor and replies to an
  incoming BGP OPEN message with the same AS number contained in the
  OPEN. This means a single collector can peer with different ASNs no
  problem. If your NetFlow export model is ingress at edge interfaces
  facing customers, peers and transits you should be mostly sorted.

* If you want to get end to end visibility, ie. a flow from customer
  in AS111 to a transit in AS222: you collect ingress NetFlow at AS111
  but want to see the exit point in AS222, you can use a mix of
  bgp_follow_nexthop and bgp_agent_map. bgp_follow_nexthop allows to
  define IP prefixes to be considered internal BGP next-hops so
  granted pmacct peers with all ASBRs, it can follow BGP tables until
  it hits a foreign BGP next-hop; bgp_agent_map is because routers
  would typically BGP peer with pmacct using one of their loopback
  interfaces; whereas it is very possible ASBRs of AS111 and AS222 are
  eBGP peering using their transfer network IP addresses (ie. /30):
  so bgp_agent_map is useful in this context to map these addresses
  back to the loopback interface used for the BGP peering.

In case something of the above does not work, then it's most probably
a bug (or we have to review assumptions) so feel free to follow with
me privately for some troubleshooting. 

Cheers,
Paolo

On Mon, Nov 18, 2013 at 12:53:41PM +0100, Adam Bogdan wrote:
 Hi
 
 I have small problem with pmacct implementation
 
 I have network with 3 ASes - in each AS there is at least 2 routers,
 sometimes more
 Each of these ASes hold some part of the full BGP table
 
 It looks like this:
 AS 111 - R1,R2
 AS 222 - R3,R4
 AS 333 - R5,R6
 
 R1 is connected to uplink1 and uplink2
 R2 is connected to uplink3 and uplink4
 R3 is connected to uplink5 and uplink6
 and so on
 
 Routers in ASes are connected via ibgp and each router is connected with
 each other via ebgp
 
 If I connect customer to any of these ASes he's able to receive all bgp
 routes or some part of it - depends to which AS I'll connect him.
 
 And now I'd like to apply pmacct to see how traffic is flowing between
 uplinks and customers, which AS to which AS is generate
 what amount of traffic.
 
 Question is how to do it ? If I set a machine with quagga I can only
 configure 1 BGP session - should I set 3 collectors, one per AS.
 But then could a problem with peer_ip_src or peer_ip_dst. Any ideas ?
 
 Regards
 Adam

 ___
 pmacct-discussion mailing list
 http://www.pmacct.net/#mailinglists


___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists