Hi Paolo! That worked like a charm 😊
Regards, -- Inge -----Original Message----- From: pmacct-discussion <pmacct-discussion-boun...@pmacct.net> On Behalf Of Paolo Lucente Sent: torsdag 10. januar 2019 22.51 To: pmacct-discussion@pmacct.net Subject: Re: [pmacct-discussion] pretag map line length limits Hi Inge, Always great to read from you. You are looking for the maps_row_len knob, by default 256 chars. Along with maps_entries it allows to specify the two key dimensions to alloc memory for the map. Paolo On Thu, Jan 10, 2019 at 02:54:09PM +0000, Inge Bjørnvall Arnesen wrote: > Hi, > > I have been running nfacct for many years and it has served me well, but as > my network gets ever more complex and new transit lines are added, I've come > across an issue with how I've been configuring the program. My goal is still > to maintain a MySQL DB with <n> minute Internet traffic entries (both > directions) per public IP at my site. My routers report ingress traffic only, > so Netflow must be enabled on all edge interfaces, rather than just the > designated uplinks and transits. This means that Netflow reports all traffic > that goes via our edge routers and that I have to filter Internet traffic out > from other, internal traffic that crosses edge. > > My approach so far has been to use pretag map filters for this. The basic > structure for these filters are: > > ! Incoming > id=1 ip=<my edge> filter='not ( src net <my prefix 1 > .... or src net <my > prefix n>) and dst net <my prefix 1>' > ... > id=1 ip=<my edge> filter='not ( src net <my prefix 1 > .... or src net <my > prefix n>) and dst net <my prefix n>' > > > ! Outgoing > id=2 ip=<my edge> filter='not ( dst net <my prefix 1 > .... or dst net <my > prefix n>) and src net <my prefix 1>' > ... > id=2 ip=<my edge> filter='not ( dst net <my prefix 1 > .... or dst net <my > prefix n>) and src net <my prefix n>' > > > With RFC1918 prefixes takes up some space to begin with and the number of > public prefixes are increasing, I'm running into an issue where the pretag > map line length is exceeded and nfacct fails to start. Are there ways to > increase the maximum line length or other ways of organizing this filtering > process that will keep me within the maximum pretag map line length? > > Regards, > > > * Inge Arnesen > > > > > _______________________________________________ > pmacct-discussion mailing list > http://www.pmacct.net/#mailinglists _______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists _______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists
