Gerard,
I've replayed the pcap enclosed in my lab. Actually ntopng shows many many
flows (more than 1k) with several application protocols and not just sFlow.
However, you're right, there's a massive, long lived (35 days, 17:02:11) flow
that is continuously reported by the Meraki netflow. See a
Simone,
Here the link to get the pcap, thanks.
http://www.prival.ca/port6343.pcap
Gerhard,
On May 24, 2018, at 6:07 AM, Simone Mainardi
mailto:maina...@ntop.org>> wrote:
Gerard,
On 22 May 2018, at 14:32, Gerhard Mourani
mailto:gmour...@prival.ca>> wrote:
Simone,
There is no so much config
Gerhard,
> On 1 Jun 2018, at 20:19, Gerhard Mourani wrote:
>
> Hello Simone,
>
> > Please, generate a pcap of what nprobe is getting on port 6343 and upload
> > it somewhere for our inspection.
> I've the cap file, where do you want me to upload it ?
Wherever you like. Just send me the downlo
Hello Simone,
> Please, generate a pcap of what nprobe is getting on port 6343 and upload it
> somewhere for our inspection.
I've the cap file, where do you want me to upload it ?
> Note that typically port 6343 (the one you're using with nprobe) is used by
> sFlow exporters. So maybe there's s
Gerard,
> On 22 May 2018, at 14:32, Gerhard Mourani wrote:
>
> Simone,
>
> There is no so much configuration available on the Meraki device to setup
> Netflow. Only, enable it, define IP of the collector and port
> (https://documentation.meraki.com/MX-Z/Monitoring_and_Reporting/NetFlow_Overvi
Simone,
There is no so much configuration available on the Meraki device to setup
Netflow. Only, enable it, define IP of the collector and port
(https://documentation.meraki.com/MX-Z/Monitoring_and_Reporting/NetFlow_Overview).
According to the Cisco documentation, Meraki use Netflow v9 but ntop
Gerhard,
So that looks more like a Meraki configuration issue. It seems that the Meraki
is doing sFlow on its own generated sFlow traffic. Basically it sends sFlow
packets, then the sFlow process samples sFlow packets and, in turn, it triggers
the generation of additional sFlow packets and so o
Yes
On May 17, 2018, at 9:03 AM, Simone Mainardi
mailto:maina...@ntop.org>> wrote:
On 17 May 2018, at 14:30, Gerhard Mourani
mailto:gmour...@prival.ca>> wrote:
Hi Simone,
Here the ntopng and nNrobe configuration used.
Ntopng:
--interface eth0
--interface tcp://127.0.0.1:5556
--local-network
> On 17 May 2018, at 14:30, Gerhard Mourani wrote:
>
> Hi Simone,
>
> Here the ntopng and nNrobe configuration used.
>
> Ntopng:
> --interface eth0
> --interface tcp://127.0.0.1:5556
> --local-networks 172.22.9.0/24,192.168.0.0/16,172.22.0.0/16,10.0.0.0/8
> --daemon
> --user ntopng
> --pid /va
Hi Simone,
Here the ntopng and nNrobe configuration used.
Ntopng:
--interface eth0
--interface tcp://127.0.0.1:5556
--local-networks 172.22.9.0/24,192.168.0.0/16,172.22.0.0/16,10.0.0.0/8
--daemon
--user ntopng
--pid /var/run/ntopng/ntopng.pid
--http-port 0
--https-port :3001
--data-dir /var/lib/n
Gerhard,
Can you enclose nProbe and ntopng configurations used as well as an example of
what you mean with 'my collector return the flow to the Meraki device'?
Thank you
> On 16 May 2018, at 19:59, Gerhard Mourani wrote:
>
>
> Hello,
>
> I've activated Netflow v9 on Cisco Meraki and receive
11 matches
Mail list logo
