ng_netflow
Cristiano Deana
cristiano.deana at gmail.com
Thu Jul 10 14:39:11 UTC 2014
On Thu, Jul 10, 2014 at 4:20 PM, Julian Elischer <julian at freebsd.org> wrote:
Hi, Julian
> Is it possible that you are working with an interface that has TSO on?
it's a vlan interface, the device is a em0.
net.inet.tcp.tso: 1
> if so then netgraph will be seeing huge "aggregate" packets rather than the
> normal packets.
> so teh number of packets may be out by more than a factor of 30.
My bigger problem is with traffic counter, but maybe it's just my error.
> netgraph nodes are relatively simple..
Not really :)
I have problems to find "easy" documentation about it. It's hard to
understand what lower, upper, right, etc meaning. I think I could hav
setup something wrong, maybe counting only incoming packet (or
outgoing).
I followed, not fully undestand, the example in ng_netflow man page:
/usr/sbin/ngctl -f- <<-SEQ
mkpeer fxp0: netflow lower iface0
name fxp0:lower netflow
connect fxp0: netflow: upper out0
mkpeer netflow: ksocket export inet/dgram/udp
msg netflow:export connect inet/10.0.0.1:4444
SEQ
Thank you
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
More information about the freebsd-stable
mailing list