Page MenuHomeVyOS Platform

Netflow: generate ASNs from the uacctd BGP thread.
Open, NormalPublicFEATURE REQUEST

Description

At this time it's possible generate ASNs only from network file list, if file exist /etc/pmacct/networks.lst.

  1. I'v found a bug: it is doesn't work until you add a "uacctd_as: file" option in configuration file.
  2. I'v make a patch to add functionality generate ASNs from BGP thread.

From pmacct documentation this is a basic working configuration:
pmacctd_as: bgp
bgp_daemon: true
bgp_daemon_ip: 127.0.0.1
bgp_agent_map: /path/to/agent_to_peer.map
bgp_daemon_port: 17917

The bgp_daemon_port can be changed from the standard BGP port (179/TCP) in order to
co-exist with other BGP routing software which might be running on the same host.
Furthermore, they can safely peer each other by using 127.0.0.1 as bgp_daemon_ip.
In pmacctd, bgp_agent_map does the trick of mapping 0.0.0.0 to the IP address of
the BGP peer (ie. 127.0.0.1: 'id=127.0.0.1 ip=0.0.0.0'); this setup, while generic,
was tested working in conjunction with Quagga 0.99.14. Following a relevant fragment
of the Quagga configuration:

router bgp Y
bgp router-id X.X.X.X
neighbor 127.0.0.1 remote-as Y
neighbor 127.0.0.1 port 17917
neighbor 127.0.0.1 update-source X.X.X.X
!

I'v created a bgp-daemon template in path: system netflow-accounting, and all necessary changes for generation config file and bgp_agent_map. My changes also fix bug described above.

Details

Difficulty level
Hard (possibly days)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

syncer triaged this task as Normal priority.Jul 6 2018, 8:38 PM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.
zsdc added a subscriber: zsdc.

According to pmacct configuration, this looks good. We need to check code, and if all is correct I propose to merge this into rolling for testing.
Just the one nuance. Currently, VyOS CLI doesn't allow to set a BGP neighbor to the local IP address. If we accept this patch, then it will be good to remove this restriction.

Why does this BGP neighbor need to be configred in the VyOS CLI? Wouldn't it be added automatically as a side-effect of wanting netflow data to have ASNs? Maybe add a flag to netflow, for those of us who are carrying full tables.

The idea stays actual, but unfortunately, it needs now to be rewritten according to the new config implementation.

zsdc changed Difficulty level from Unknown (require assessment) to Hard (possibly days).Mar 11 2021, 5:09 PM
zsdc set Is it a breaking change? to Unspecified (possibly destroys the router).