inactive
369
edits
NetFlow/IPFIX interface: Difference between revisions
no edit summary
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
The Allegro Network Multimeter can generate NetFlow/IPFIX | The Allegro Network Multimeter can generate NetFlow/IPFIX messages for the traffic it anlayses. The [[Settings]] enable users to configure the '''IPFIX''' output. | ||
The IPFIX output can be | The IPFIX output can be configured to use a TCP or UDP connection to send IPFIX messages to a specific IP and port. | ||
See the [[Settings]] for detailed information about how to set the correct values. | See the [[Settings]] for detailed information about how to set the correct values. | ||
| Line 9: | Line 9: | ||
''' IPFIX flow export''' | ''' IPFIX flow export''' | ||
The settings | The settings dialogue allows a user to specify an active flow timeout. Even if a flow is active, the Allegro Network Multimeter will generate and send a flow record in the specified amount of time. | ||
The flow export contains the following data: | The flow export contains the following data: | ||
*Start and end timestamp in nanoseconds (start can be time of last export) | *Start and end timestamp in nanoseconds (start can be time of last export). | ||
*Source and destination IP address | *Source and destination IP address. | ||
*Source and destination port | *Source and destination port. | ||
*Layer 4 protocol (TCP, UDP, ...) | *Layer 4 protocol (TCP, UDP, ...). | ||
*ingress and egress network interface | *ingress and egress network interface. | ||
*IP DSCP class | *IP DSCP class. | ||
*VLAN IDs, if applicable | *VLAN IDs, if applicable. | ||
*Number of bytes and packets per direction | *Number of bytes and packets per direction. | ||
Instead of the ingress/egress network interface, it is possible to report the Virtual Link Group of the flow by enabling the corresponding option in the [[Settings#Global_settings|IPFIX settings]]. | Instead of the ingress/egress network interface, it is possible to report the Virtual Link Group of the flow by enabling the corresponding option in the [[Settings#Global_settings|IPFIX settings]]. | ||
| Line 28: | Line 28: | ||
The Allegro Network Multimeter is able to measure the throughput of interfaces on a millisecond basis to identify micro bursts in network connections. | The Allegro Network Multimeter is able to measure the throughput of interfaces on a millisecond basis to identify micro bursts in network connections. | ||
If | If Allegro-specific interface statistics is enabled in the [[Settings#Global_settings|IPFIX settings]], regular messages are sent containing the number of packets and bytes within a configurable time interval. | ||
The Allegro Network Multimeter can measure time intervals as small as one millisecond | The Allegro Network Multimeter can measure time intervals as small as one millisecond; the exact value can be chosen in the [[Settings#Module_settings|Interface and MAC throughput]] configuration section. | ||
The message format is described as follows. | The message format is described as follows. | ||
| Line 51: | Line 51: | ||
*message type 5 is the "interface throughput update" message. | *message type 5 is the "interface throughput update" message. | ||
*the ingress interface describes the corresponding network interface on which the packets | *the ingress interface describes the corresponding network interface on which the packets were received. The value corresponds to the interface ID in the interface stats web page. | ||
*the packet delta count describes the number of packets within the specificied interval. | *the packet delta count describes the number of packets within the specificied interval. | ||
*the octet delta count describes the number of bytes | *the octet delta count describes the number of bytes on Layer 2 within the specificied interval. | ||
*the update interval describes the duration of the reported interval in milliseconds. | *the update interval describes the duration of the reported interval in milliseconds. | ||
*the ovservation timestamp describes the UTC timestamp of the reported interval in milliseconds. | *the ovservation timestamp describes the UTC timestamp of the reported interval in milliseconds. | ||
| Line 67: | Line 67: | ||
The IPFIX module sends IPFIX templates for all its | The IPFIX module sends IPFIX templates for all its messages which is needed to decode the message. | ||
As reference, the format of the interface throughput updates is as follows: | As reference, the format of the interface throughput updates is as follows: | ||