Page MenuHomeVyOS Platform
Create Task
Maniphest T2827

Unable to add multiple NetFlow server destinations
Resolved (N/A)PublicBUG
Actions

Description

I am unable to add more than one NetFlow server, even though the configuration allows for it. One server can be added, and receive data, but as soon as another is added, the first stops receiving traffic, but data goes to the second.

Configuration example:

set system flow-accounting netflow engine-id '101'
set system flow-accounting netflow server 199.68.195.141 port '2055'
set system flow-accounting netflow server 199.68.195.142 port '2055'
set system flow-accounting netflow timeout expiry-interval '60'
set system flow-accounting netflow timeout flow-generic '3600'
set system flow-accounting netflow timeout icmp '300'
set system flow-accounting netflow timeout max-active-life '604800'
set system flow-accounting netflow timeout tcp-fin '300'
set system flow-accounting netflow timeout tcp-generic '3600'
set system flow-accounting netflow timeout tcp-rst '120'
set system flow-accounting netflow timeout udp '300'
set system flow-accounting netflow version '9'

The first server that was added was 199.68.195.141 and receives NetFlow data. Once the second, 199.68.195.142, is added, .141 stops receiving NetFlow data, but .142 does receive NetFlow data.

Details

Difficulty level
Unknown (require assessment)
Version
1.2.3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

cpedro created this task.Aug 25 2020, 6:47 PM
pasik added a subscriber: pasik.Aug 26 2020, 2:17 PM
dmbaturin closed this task as Resolved N/A.Jan 9 2024, 8:13 PM
dmbaturin added a subscriber: dmbaturin.

The script was rewritten and adds all servers now.

foo_admin@vyos# show system flow-accounting 
 interface eth0
 netflow {
     engine-id 101
     server 199.68.195.141 {
         port 2055
     }
     server 199.68.195.142 {
         port 2055
     }
     timeout {
         expiry-interval 60
         flow-generic 3600
         icmp 300
         max-active-life 604800
         tcp-fin 300
         tcp-generic 3600
         tcp-rst 120
         udp 300
     }
     version 9
 }
[edit]
foo_admin@vyos# cat /run/pmacct/uacctd.conf 
# Genereated from VyOS configuration
daemonize: true
promisc: false
syslog: daemon
uacctd_group: 2
uacctd_nl_size: 2097152
snaplen: 128
aggregate: in_iface,src_mac,dst_mac,vlan,src_host,dst_host,src_port,dst_port,proto,tos,flows
plugin_pipe_size: 10485760
plugin_buffer_size: 10485
imt_path: /tmp/uacctd.pipe
imt_mem_pools_number: 169

plugins: nfprobe[nf_199-68-195-141],nfprobe[nf_199-68-195-142],memory

# NetFlow servers
nfprobe_receiver[nf_199-68-195-141]: 199.68.195.141:2055
nfprobe_version[nf_199-68-195-141]: 9
nfprobe_engine[nf_199-68-195-141]: 101
nfprobe_timeouts[nf_199-68-195-141]: expint=60:general=3600:icmp=300:maxlife=604800:tcp.fin=300:tcp=3600:tcp.rst=120:udp=300

nfprobe_receiver[nf_199-68-195-142]: 199.68.195.142:2055
nfprobe_version[nf_199-68-195-142]: 9
nfprobe_engine[nf_199-68-195-142]: 101
nfprobe_timeouts[nf_199-68-195-142]: expint=60:general=3600:icmp=300:maxlife=604800:tcp.fin=300:tcp=3600:tcp.rst=120:udp=300

However, if pmacct behavior is wrong for that config, feel free to reopen.