Hmph, no dice. It looks like BIRD is exporting IPv6 routes:
```
bird> show route export pmacctd46 count
173376 of 337458 routes for 173376 networks in table master4
74479 of 132180 routes for 74479 networks in table master6
Total: 247855 of 469638 routes for 247855 networks in 2 tables
```
But the flows in Kafka still appear to have 0 as the AS for both src and
dst:
```
{"event_type": "purge", "as_src": 0, "as_dst": 0, "ip_src":
"2607:f8b0:4006:814::200e", "ip_dst": "2602:fe2e:42:8:8489:bdf6:1bbe:cc60",
"port_src": 443, "port_dst": 51609, "ip_proto": "tcp", "stamp_inserted":
"2019-10-13 23:10:00", "stamp_updated": "2019-10-13 23:13:51", "packets":
1, "bytes": 352, "writer_id": "default_kafka/25373"}
```
The destination AS being zero makes sense, as that's my own:
```
$ sudo birdc show route for 2602:fe2e:42:8:8489:bdf6:1bbe:cc60 all
BIRD 2.0.6 ready.
Table master6:
2602:fe2e:42::/48 unicast [static4 2019-10-10] * (200)
via 2602:fe2e:1::135 on ens5
Type: static univ
```
But there should be an AS present for the source:
```
$ sudo birdc show route for 2607:f8b0:4006:814::200e all | grep as_path
BGP.as_path: 15169
BGP.as_path: 6939 15169
```
On Sun, Oct 13, 2019 at 4:28 PM Paolo Lucente <pa...@pmacct.net> wrote:
>
> Super cool. It would remain the one-liner you have got at the moment:
>
> bgp_ip=1.1.1.1 ip=0.0.0.0/0
>
> Keep me posted.
>
> Paolo
>
> On Sun, Oct 13, 2019 at 04:21:21PM -0400, Brooks Swinnerton wrote:
> > I’m actually already doing option 1 : ), what would the map look like for
> > that?
> >
> > On Sun, Oct 13, 2019 at 3:47 PM Paolo Lucente <pa...@pmacct.net> wrote:
> >
> > >
> > > Hi Brooks,
> > >
> > > You are in an unsupported use-case, ie. same BGP Agent ID maped onto
> two
> > > different entries. You can get out of it in three different ways: 1) my
> > > top recommendation: travel both addrress families as part of the same
> BGP
> > > session; 2) use two different BGP Agent ID for ipv4 and for ipv6; 3)
> use
> > > session IP addesses (that is, not BGP Agent ID) for the mapping
> (although
> > > in your case i am afaid this won't work since it's all taking place
> over
> > > loopback interfaces). Let me know if any of this can work for you.
> > >
> > > Paolo
> > >
> > > On Sun, Oct 13, 2019 at 01:45:36PM -0400, Brooks Swinnerton wrote:
> > > > Hello again!
> > > >
> > > > I'm using pmacct with Kafka to stream flows. This is paired with the
> BGP
> > > > functionality to add the `src_as` and `dst_as`. This all works great
> for
> > > > IPv4, but I'm struggling to figure out how to do this for IPv6 as
> well.
> > > >
> > > > Here is the current configuration:
> > > >
> > > > ```
> > > > !
> > > > ! pmacctd configuration example
> > > > !
> > > > ! Did you know CONFIG-KEYS contains the detailed list of all
> > > configuration
> > > > keys
> > > > ! supported by 'nfacctd' and 'pmacctd' ?
> > > > !
> > > > ! debug: true
> > > > daemonize: false
> > > > pcap_interface: ens3
> > > > pmacctd_as: bgp
> > > > pmacctd_net: bgp
> > > > sampling_rate: 10
> > > > !
> > > > bgp_daemon: true
> > > > bgp_daemon_ip: 127.0.0.2
> > > > bgp_daemon_port: 180
> > > > bgp_daemon_max_peers: 10
> > > > bgp_agent_map: /etc/pmacct/peering_agent.map
> > > > !
> > > > aggregate: src_host, dst_host, src_port, dst_port, src_as, dst_as,
> proto
> > > > !
> > > > plugins: kafka
> > > > kafka_output: json
> > > > kafka_broker_host: kafka.fqdn.com
> > > > kafka_topic: pmacct.acct
> > > > kafka_refresh_time: 10
> > > > kafka_history: 5m
> > > > kafka_history_roundoff: m
> > > > ```
> > > >
> > > > Where `/etc/pmacct/peering_agent.map` is defined as:
> > > >
> > > > ```
> > > > bgp_ip=1.1.1.1 ip=0.0.0.0/0 filter='ip'
> > > > bgp_ip=1.1.1.1 ip=::/0 filter='ip6'
> > > > ```
> > > >
> > > > (1.1.1.1 is the router ID on the other side of the BGP session)
> > > >
> > > > This works well for IPv4 traffic, resulting in the following Kafka
> > > events:
> > > >
> > > > ```
> > > > {"event_type": "purge", "as_src": 0, "as_dst": 396507, "ip_src":
> > > > "23.157.160.138", "ip_dst": "23.129.64.208", "port_src": 37649,
> > > "port_dst":
> > > > 443, "ip_proto": "tcp", "stamp_inserted": "2019-10-13 17:40:00",
> > > > "stamp_updated": "2019-10-13 17:43:11", "packets": 3, "bytes": 156,
> > > > "writer_id": "default_kafka/15635"}
> > > > {"event_type": "purge", "as_src": 0, "as_dst": 0, "ip_src":
> > > > "2607:f8b0:400d:c01::bc", "ip_dst": "2602:fe2e:42:2::2", "port_src":
> > > 5228,
> > > > "port_dst": 63746, "ip_proto": "tcp", "stamp_inserted": "2019-10-13
> > > > 17:40:00", "stamp_updated": "2019-10-13 17:43:11", "packets": 1,
> "bytes":
> > > > 72, "writer_id": "default_kafka/15635"}
> > > > ```
> > > >
> > > > But for IPv6 traffic, neither the `as_src` or `as_dst` comes through.
> > >
> > > > _______________________________________________
> > > > pmacct-discussion mailing list
> > > > http://www.pmacct.net/#mailinglists
> > >
> > >
> > > _______________________________________________
> > > pmacct-discussion mailing list
> > > http://www.pmacct.net/#mailinglists
> > >
>
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
