Re: [Nfdump-discuss] [nfdump-discuss] Hi

Thu, 03 Oct 2019 05:29:38 -0700 

On 03/10/2019 13:13, nfdump-discuss-requ...@lists.sourceforge.net wrote:



I have setup from this link 
https://blog.alexgittings.com/installing-nfsen-on-ubuntu/. And things 
seems to work but I am not sure if it is correct.


root@NETFLOW:/home/ubuntu# ps -ax | grep nfs

5090 ?        Ss     0:00 /var/netflow/bin/nfsend-comm

5167 ?        Ss     0:10 /usr/bin/perl -w /var/netflow/bin/nfsend

5168 ?        Ss     0:01 /var/netflow/bin/nfsend-comm

7316 pts/0    S+     0:00 grep --color=auto nfs

root@NETFLOW:/home/ubuntu# ps -ax | grep nfc


5163 ?        S      0:00 /usr/local/bin/nfcapd -w -D -p 9995 -u 
netflow -g www-data -B 200000 -S 1 -P /var/netflow/var/run/p9995.pid 
-z -I upstream1 -l /var/netflow/profiles-data/live/upstream1


7318 pts/0    S+     0:00 grep --color=auto nfc


This is what I have after the install . The problem is on my Router 
its keeps saying zero flow successfully send yet I can ping from my 
router to my collector.



Based on your 'ps' output it looks like you have nfsend and nfcapd 
running happily.  You should see files appearing under 
/var/netflow/profiles-data/live/upstream1 - maybe they are all small and 
the same size (276 bytes?) which indicates nothing being written.



The most important thing to check is whether your router is actually 
sending any flow data.  On your netflow server, listen for netflow data 
like this:


    tcpdump -i eth0 -nn udp port 9995


If nothing arrives, then either the router isn't sending any flow data, 
or some intervening firewall is blocking the packets.  How you fix that 
depends on what sort of router you have, and what sort of 
firewalling/filtering exists on your network.



You might find these docs useful (they include configuration commands 
for IOS Flexible Netflow):


https://nsrc.org/activities/agendas/en/nmm-5-days/netmgmt/en/netflow/exercise1-flow-export.html
https://nsrc.org/activities/agendas/en/nmm-5-days/netmgmt/en/netflow/exercise2-install-nfdump-nfsen.html
https://nsrc.org/activities/agendas/en/nmm-5-days/netmgmt/en/netflow/exercise3-nfsen-top-talkers.html
https://nsrc.org/activities/agendas/en/nmm-5-days/netmgmt/en/netflow/exercise4-using-NfSen.pdf



_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss














    











					Reply via email to