Hello there!
I have pmacctd working with the Kafka addon and am attempting to include
`src_as` and `dst_as` information based on the BGP sessions running on the
same machine using the [BIRD router](https://bird.network.cz).
I was able to successfully get the BGP session stood up using a loopback
address, but in both the Kafka consumer and `pmacct -s`, I do not see the
AS values:
```
{"event_type": "purge", "as_src": 0, "as_dst": 0, "ip_src": "1.1.1.138",
"ip_dst": "5.9.43.211", "port_src": 443, "port_dst": 48268, "ip_proto":
"tcp", "stamp_inserted": "2019-10-13 02:50:00", "stamp_updated":
"2019-10-13 02:53:31", "packets": 1, "bytes": 52, "writer_id":
"default_kafka/3725"}
```
The pmacct log seems good:
```
Oct 13 02:51:37 bdr-nyiix pmacctd[3666]: INFO ( default/core ): Promiscuous
Mode Accounting Daemon, pmacctd 1.7.3-git (20190418-00+c4)
Oct 13 02:51:37 bdr-nyiix pmacctd[3666]: INFO ( default/core ):
'--enable-kafka' '--enable-jansson' '--enable-l2' '--enable-64bit'
'--enable-traffic-bins' '-
Oct 13 02:51:37 bdr-nyiix pmacctd[3666]: INFO ( default/core ): Reading
configuration file '/etc/pmacct/pmacctd.peering.conf'.
Oct 13 02:51:37 bdr-nyiix pmacctd[3666]: INFO ( default_kafka/kafka ):
cache entries=16411 base cache memory=54878384 bytes
Oct 13 02:51:38 bdr-nyiix pmacctd[3666]: INFO ( default/core ): [ens3,0]
link type is: 1
Oct 13 02:51:38 bdr-nyiix pmacctd[3666]: INFO ( default/core ):
[/etc/pmacct/peering_agent.map] (re)loading map.
Oct 13 02:51:38 bdr-nyiix pmacctd[3666]: INFO ( default/core ):
[/etc/pmacct/peering_agent.map] map successfully (re)loaded.
Oct 13 02:51:38 bdr-nyiix pmacctd[3666]: INFO ( default_kafka/kafka ):
JSON: setting object handlers.
Oct 13 02:51:38 bdr-nyiix pmacctd[3666]: INFO ( default/core/BGP ): maximum
BGP peers allowed: 2
Oct 13 02:51:38 bdr-nyiix pmacctd[3666]: INFO ( default/core/BGP ): waiting
for BGP data on 127.0.0.1:180
Oct 13 02:51:41 bdr-nyiix pmacctd[3666]: INFO ( default_kafka/kafka ): ***
Purging cache - START (PID: 3673) ***
Oct 13 02:51:41 bdr-nyiix pmacctd[3666]: INFO ( default_kafka/kafka ): ***
Purging cache - END (PID: 3673, QN: 0/0, ET: 0) ***
Oct 13 02:51:41 bdr-nyiix pmacctd[3666]: INFO ( default/core/BGP ):
[127.0.0.1] BGP peers usage: 1/2
Oct 13 02:51:41 bdr-nyiix pmacctd[3666]: INFO ( default/core/BGP ):
[1.1.1.1] Capability: MultiProtocol [1] AFI [1] SAFI [1]
Oct 13 02:51:41 bdr-nyiix pmacctd[3666]: INFO ( default/core/BGP ):
[1.1.1.1] Capability: 4-bytes AS [41] ASN [300000]
Oct 13 02:51:41 bdr-nyiix pmacctd[3666]: INFO ( default/core/BGP ):
[1.1.1.1] BGP_OPEN: Local AS: 300000 Remote AS: 397143 HoldTime: 90
Oct 13 02:51:51 bdr-nyiix pmacctd[3666]: INFO ( default_kafka/kafka ): ***
Purging cache - START (PID: 3678) ***
Oct 13 02:51:53 bdr-nyiix pmacctd[3666]: INFO ( default_kafka/kafka ): ***
Purging cache - END (PID: 3678, QN: 679/679, ET: 0) ***
```
And the configuration is as follows:
```
!
! pmacctd configuration example
!
! Did you know CONFIG-KEYS contains the detailed list of all configuration
keys
! supported by 'nfacctd' and 'pmacctd' ?
!
! debug: true
daemonize: false
pcap_interface: ens3
aggregate: src_host, dst_host, src_port, dst_port, src_as, dst_as, proto
sampling_rate: 10
!
plugins: kafka
kafka_output: json
kafka_broker_host: kafka-broker.fqdn.com
kafka_topic: pmacct.acct
kafka_refresh_time: 10
kafka_history: 5m
kafka_history_roundoff: m
!
bgp_daemon: true
bgp_daemon_ip: 127.0.0.1
bgp_daemon_port: 180
bgp_daemon_max_peers: 1
bgp_agent_map: /etc/pmacct/peering_agent.map
pmacctd_as: bgp
```
With the /etc/pmacct/peering_agent.map as:
```
bgp_ip=1.1.1.1 ip=0.0.0.0/0
```
And the other end of the BGP configuration (in BIRD) being:
```
protocol bgp AS300000v4c1 from transit_customer4 {
description "pmacctd";
local 127.0.0.1 port 179 as 300000;
neighbor 127.0.0.1 port 180 as 300000;
rr client;
}
```
And it has exported ~150k routes.
Is there anything obvious that I'm doing wrong or perhaps a way that I can
turn on more debugging to lead me on the right trail?
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
