Question about missing hosts

[a7ypically]

Hi,

I've been running nlbwmon for a few hours but I'm missing many hosts that do not show up. For example I have video cams that constantly transmits data to a server on the Internet but they do not show on nlbwmon. I can see the hosts in conntrack and I can also see that the counters are constantly being reset while the same connection is being kept so it looks like nlbwmon does read the data. I'm not sure how nlbwmon works, but maybe you only add the stats once the connection is ended? In my case the cam uses the same connection. Any tips on how to debug this?

Thanks.

[cbz]

I've seen this as well - one particular host on my network for instance was tracked last month - but for some reason isn't being tracked this month (IP address allocation is the same).

[cbz]

I believe there may be issues with nlbwmon dropping netlink records - I've now noticed this with certain types of traffic also. I'll do some experimentation and post back.

[digglor]

Some hosts on my LAN weren't tracked . Removing the config and reinstalling did not help on my LEDE router.

[jow-]

I'm about to fix an issue where the neighbor mac resolving took too long, causing new traffic / hosts get sorted into the "unknown mac" (00:00:00:00:00:00) bucket - is that what you've been seeing? If you run nlbw -c show do you see the IP address of the missing host together with a all-zero MAC or is there no trace of the host at all?

Also, are you able to see the missing host in ip -4 neigh or ip -6 neigh respectively?

[a7ypically]

I'm now running the latest code with the mac address resolving fix and I now do see all my hosts. I don't remember seeing an "unknown mac" bucket previously so I'm not sure that was indeed the problem.

[jow-]

I assume this is fixed now - if not please open a new issue.