mehrdadrad
commented
4 years ago @ttrading sflow is stable at v.07 please check the counters through http://localhost:8081/flow also make sure the sflow port is correct.
Open ttrading opened 4 years ago
mehrdadrad
commented
4 years ago @ttrading sflow is stable at v.07 please check the counters through http://localhost:8081/flow also make sure the sflow port is correct.
ttrading
commented
4 years ago I managed to make "Host sFlow" work on Ubuntu. I am getting packets on vflow.sflow topic. Before I close this, can someone tell me what fields do represent the bytes and packets transmitted and direction in sflow? Following is a sample message from vlfow.sflow:
{"Version":5,"IPVersion":1,"AgentSubID":100000,"SequenceNo":107,"SysUpTime":1264202,"SamplesNo":2,"Samples":[{"SequenceNo":30,"SourceID":0,"SamplingRate":10000,"SamplePool":300000,"Drops":0,"Input":2,"Output":1073741823,"RecordsNo":1,"Records":{"RawHeader":{"L2":{"SrcMAC":"00:30:48:db:31:2b","DstMAC":"00:0c:29:70:65:f9","Vlan":0,"EtherType":2048},"L3":{"Version":4,"TOS":0,"TotalLen":44,"ID":33278,"Flags":0,"FragOff":0,"TTL":44,"Protocol":6,"Checksum":58153,"Src":"10.10.11.3","Dst":"10.10.10.142"},"L4":{"SrcPort":49337,"DstPort":45388,"DataOffset":6,"Reserved":0,"Flags":2}}}}],"Counters":[{"SequenceNo":43,"SourceIDType":2,"SourceIDIdx":1,"RecordsNo":10,"Records":{}}],"IPAddress":"10.10.10.142","ColTime":1591824373}
ttrading
commented
3 years ago We are sending some sflow v5 traffic to vflow v0.7. Problem is that no packets are making it to the Kafka topic. Other Netflow protocols work fine. We are keeping an eye on the vflow.log but no debug information is provided. We send the sflow packets to the host system and capture them using tcpdump. Is there a way to enable some logging for sflow so that we can start troubleshooting.
Thanks
jakub-pravda
commented
3 years ago Is there any solution? I have the same problem. SFlow receiving works fine, at least according to the logs
[vflow] 2021/06/16 08:19:55 sflow.go:186: rcvd sflow data from: x.x.x.x:55201, size: 1324 bytesbut there isn't any output to Kafka topics. At SFlow stats I see that at least 3900 messages were received, but 0 messages were decoded. Can this be a trouble?
"SFlow": {
"UDPQueue": 0,
"MessageQueue": 0,
"UDPCount": 3958,
"DecodedCount": 0,
"MQErrorCount": 0,
"Workers": 200
}@Jacfal I think your device sends sflow expanded data format, vFlow doesn't support it.
I am testing the sflow collecting with "host sflow" tool (https://sflow.net/host-sflow-linux-config.php).
I can see the packets coming in but nothing is written to the Kafka topics and there are no error messages in the logs. I saw a couple of tickets for sflow and was wondering if anyone has been able to test sflow successfully with vflow v0.7.
Thanks,