I have been looking into solutions to achieve reliable load balancing
of my incoming flows across multiple nfacctd servers / daemons.

Basic load balancing is relatively easy (see Nginx configuration
below), but *reliable* load balancing (only sending flows to servers
that have a running nfacctd daemon) is quite more complicated. For
instance, Nginx normally monitors UDP responses from the remote
servers to determine if those servers are health, but this approach
will not work in the case of netflow or ipfix.

Did anybody already managed to solve this? Or has a suggestion perhaps?

Thanks in advance!

stream {
    upstream ipfix_traffic {
        hash $binary_remote_addr;

    server {
        listen 9055 udp;
        proxy_responses 0;
        proxy_pass ipfix_traffic;
        proxy_bind $remote_addr transparent;
        error_log /var/log/nginx/ipfix_traffic.error.log;

Kind regards,


pmacct-discussion mailing list

Reply via email to