Alessandro,
Since conntrack -D -p udp does fix the issue, it's clear conntrack
cache is incorrect.
The conjecture here is that pmacct docker container is started (or
probably, restarted) with the UDP traffic flowing. Linux's connection
tracker (conntrack) keeps track on connections, and also
Dusan,
I'm new in this docker world, I don't know swarm
It's think it's a normal docker-compose version 1.29.2, build 5becea4c
--
AlexIT
___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
Dusan,
Thanks. I seemed to have misunderstood yo before. That sounds like it, yes.
After reading through most, this might be _the_ issue:
https://github.com/moby/moby/issues/16720#issuecomment-435637740
https://github.com/moby/moby/issues/16720#issuecomment-444862701
Alessandro, can you try
Dusan, Alessandro,
Let me answer Dusan first.
Missatge de Dusan Pajin del dia dc., 9 de juny
2021 a les 18:08:
>
> Hi Alessandro,
>
> I would say that this is a "known" issue or behavior in docker which is
> experienced by everyone who ever wanted to receive syslog, netflow, telemetry
> or
Hi Dusan,
A know issue? and nobody can solve it ! with udp packets it's a real problem.
And in many situations, it-s not possibile di ricetly-attach to host network.
For scalability I was thinking to have many istances of the same collector (with docker -scale) , and an nginx as
Hi Alessandro,
I would say that this is a "known" issue or behavior in docker which is
experienced by everyone who ever wanted to receive syslog, netflow,
telemetry or any other similar UDP stream from network devices. When you
expose ports in your docker-compose file, the docker will create the
Hi Alessandro,
(thanks for the kind words, first and foremost)
Indeed, the test that Marc proposes is very sound, ie. check the actual
packets coming in "on the wire" with tcpdump: do they really change
sender IP address?
Let me also confirm that what is used to populate peer_ip_src is
Alessandro,
inline
Missatge de Alessandro Montano | FIBERTELECOM
del dia dc., 9 de juny 2021 a les 10:12:
>
> Hi Paolo (and Marc),
>
> this is my first post here ... first of all THANKS FOR YOU GREAT JOB :)
>
> I'm using pmacct/nfacctd container from docker-hub
>
