Re: [pmacct-discussion] pretag map line length limits

2019-01-11 Thread Inge Bjørnvall Arnesen
Hi Paolo!

That worked like a charm 

Regards,

-- Inge

-Original Message-
From: pmacct-discussion  On Behalf Of 
Paolo Lucente
Sent: torsdag 10. januar 2019 22.51
To: pmacct-discussion@pmacct.net
Subject: Re: [pmacct-discussion] pretag map line length limits


Hi Inge,

Always great to read from you. 

You are looking for the maps_row_len knob, by default 256 chars. Along with 
maps_entries it allows to specify the two key dimensions to alloc memory for 
the map.

Paolo

On Thu, Jan 10, 2019 at 02:54:09PM +, Inge Bjørnvall Arnesen wrote:
> Hi,
> 
> I have been running nfacct for many years and it has served me well, but as 
> my network gets ever more complex and new transit lines are added, I've come 
> across an issue with how I've been configuring the program. My goal is still 
> to maintain a MySQL DB with  minute Internet traffic entries (both 
> directions) per public IP at my site. My routers report ingress traffic only, 
> so Netflow must be enabled on all edge interfaces, rather than just the 
> designated uplinks and transits.  This means that Netflow reports all traffic 
> that goes via our edge routers and that I have to filter Internet traffic out 
> from other, internal traffic that crosses edge.
> 
> My approach so far has been to use pretag map filters for this. The basic 
> structure for these filters are:
> 
> !  Incoming
> id=1 ip= filter='not ( src net   or src net  prefix n>) and dst net '
> ...
> id=1 ip= filter='not ( src net   or src net  prefix n>) and dst net '
> 
> 
> ! Outgoing
> id=2 ip= filter='not ( dst net   or dst net  prefix n>) and src net '
> ...
> id=2 ip= filter='not ( dst net   or dst net  prefix n>) and src net '
> 
> 
> With RFC1918 prefixes takes up some space to begin with  and the number of 
> public prefixes are increasing, I'm running into an issue where the pretag 
> map line length is exceeded and nfacct fails to start.  Are there ways to 
> increase the maximum line length or other ways of organizing this filtering 
> process that will keep me within the maximum pretag map line length?
> 
> Regards,
> 
> 
>   *   Inge Arnesen
> 
> 
> 
> 

> ___
> pmacct-discussion mailing list
> http://www.pmacct.net/#mailinglists


___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists

Re: [pmacct-discussion] pretag map line length limits

2019-01-10 Thread Paolo Lucente


Hi Inge,

Always great to read from you. 

You are looking for the maps_row_len knob, by default 256 chars. Along
with maps_entries it allows to specify the two key dimensions to alloc
memory for the map.

Paolo

On Thu, Jan 10, 2019 at 02:54:09PM +, Inge Bjørnvall Arnesen wrote:
> Hi,
> 
> I have been running nfacct for many years and it has served me well, but as 
> my network gets ever more complex and new transit lines are added, I've come 
> across an issue with how I've been configuring the program. My goal is still 
> to maintain a MySQL DB with  minute Internet traffic entries (both 
> directions) per public IP at my site. My routers report ingress traffic only, 
> so Netflow must be enabled on all edge interfaces, rather than just the 
> designated uplinks and transits.  This means that Netflow reports all traffic 
> that goes via our edge routers and that I have to filter Internet traffic out 
> from other, internal traffic that crosses edge.
> 
> My approach so far has been to use pretag map filters for this. The basic 
> structure for these filters are:
> 
> !  Incoming
> id=1 ip= filter='not ( src net   or src net  prefix n>) and dst net '
> ...
> id=1 ip= filter='not ( src net   or src net  prefix n>) and dst net '
> 
> 
> ! Outgoing
> id=2 ip= filter='not ( dst net   or dst net  prefix n>) and src net '
> ...
> id=2 ip= filter='not ( dst net   or dst net  prefix n>) and src net '
> 
> 
> With RFC1918 prefixes takes up some space to begin with  and the number of 
> public prefixes are increasing, I'm running into an issue where the pretag 
> map line length is exceeded and nfacct fails to start.  Are there ways to 
> increase the maximum line length or other ways of organizing this filtering 
> process that will keep me within the maximum pretag map line length?
> 
> Regards,
> 
> 
>   *   Inge Arnesen
> 
> 
> 
> 

> ___
> pmacct-discussion mailing list
> http://www.pmacct.net/#mailinglists


___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists