Hi All, Does nprobe + ntopng support IPFIX Biflow. Can it decode the fields of Biflow properly.
Template for Biflow, flowStartSeconds flowStartSecond + PEN flowEndSeconds flowEndSeconds + PEN IP_SRC_ADDR IP_DST_ADDR L4_SRC_PORT L4_DST_PORT PROTOCOL biflowDirection PACKETS_TOTAL PACKETS_TOTAL + PEN BYTES_TOTAL BYTES_TOTAL + PEN Issues seen 1) Flow duration is not calculated properly 2) Counters are reported incorrectly. For ex: Host A is receiving traffic from Host B, GUI displays, Host A is sending traffic and acting as server, which means, biflowDirection field is ignored. Also TX and RX packets counts are reversed. Please let me know, if Biflow template is supported in nprobe + ntopng. Thanks Rahul
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
