-
Notifications
You must be signed in to change notification settings - Fork 262
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[nfacctd] Setting AS information from BGP no longer works in bleeding-edge #768
Comments
Hi Sander ( @SanderDelden ), I had a quick try at this and i seem unable to reproduce the issue. Is the config in Issue 769 valid also for this issue? Although i am sure innocent, can you post the content of the Paolo |
Hi Paolo, My apologies, should've included the configuration in my initial comment. I've stripped the configuration down to the bare minimum for testing purposes, here you go:
All entries in
The configuration above works in 1.7.8 but the first purge of the cache has all the AS numbers listed as "0". I assume this has to do with the BGP session not being instantly established. This is no problem, just thought I'd mention it. I've check the (debug) logging and nothing strange is observed. |
Hi Sander ( @SanderDelden ), I did manage to reproduce the scenario but unfortunately not the issue - both 1.7.8 and latest commit do work fine. Can you try to set Paolo |
Hi Paolo, Setting |
It would help, yes. A PCAP of both BGP and flows (maybe in two separate traces). Unfortunately BGP traffic can't be replayed so i could only inspect the traces, what would help much-much more (also having in mind #769) would be if i could access the container where flows and BGP are pointed to -- so to debug, recompile, troubleshoot, etc. both 1.7.8 and latest master code. |
Hi Paolo, Would a Teams session (or any other application of your preference) to debug this be possible? |
This could work, yes. Can we switch to unicast email for the details? |
Hello @paololucente, did you by any chance come to a conclusion on this? I have configured pmacct to receive NetFlow v9 messages (including ingress and egress VRFID packet fields) from a Cisco router and have also established iBGP peering between them. The router sends both IPv4 and VPNv4 routes to pmacct which are correctly received. I have also configured:
Below you may find the corresponding config:
pmacct version
I have bumped though into a very strange problem: The dst_as in the original NetFlow pcap is in both cases 0 (in the NetFlow packets), but only in the VPNv4 case pmacct substitutes its value. Should not routes that do not correspond to any rd (i.e. IPv4 routes), to be used to enrich all flows not matching flow_to_rd_map criteria? I am posting the way I have constructed the flow_to_rd_map:
Am I missing anything? |
Description
In the latest commit (bleeding-edge) setting
nfacctd_as
tobgp
will result in the ASN for all flows being set to 0. Changing the setting tonetflow
results in the correct AS data being printed again. The same thing goes forbgp_peer_src_as_type
.Setting both
nfacctd_as
andbgp_peer_src_as_type
tobgp
in 1.7.8 works without any issues.Version
The
bleeding-edge
Docker tag was used: nfacctd 1.7.10-git (20240312-1 (2a62747))Appreciation
Please consider starring this project to boost our reach on github!
✅
If any additional information is required, please let me know.
The text was updated successfully, but these errors were encountered: