question

Henk S. avatar image
Henk S. asked ·

AMD and Netflow

Can anybody tell me how to instruct the amd gather Netflow traffic? Can I make that work on a communication port or do I still need to alocate a seperate port. Traffic is send to the main interface,

 

KR Henk Stobbe

nam probe
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

1 Answer

Adam P. avatar image
Adam P. answered ·

Make sure nfc service on AMD is running by executing ndstat command. If it's stopped start it by executing service nfc start command.

Using communication interface is fine, as it is to be shared with netflow traffic from routers.

8 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Adam,

 

Thx for the quick response, I have noticed I have a temp licence: AMD_VFC \and the AMD shows the yellow marker, no license for Netflow, I suppose I have to contac sales rep?

 

KR Henk Stobbe

 

 

 

0 Likes 0 · ·

If you have this feature in your contract I believe it's enough to create support ticket that will be routed to License Dept. Otherwise looks like Sales Rep. is right person. I'm not sure but I think you can also ask for emergency license ...

0 Likes 0 · ·

I have received new license but it looks like it is not distributed to amd. I can see it in lic man and console. Any suggestions?

 

KR Henk

0 Likes 0 · ·

Check it in DLM, then go to http://CAS/About and see if it's listed there, then go to AMD and execute:

rcmd show licenses

command. Don't check it in RUM Console as licenses info in relays on the info from the AMD.

0 Likes 0 · ·

I filled in the SNMP params, and everything worked like a charm,

 

KR Henk Stobbe

0 Likes 0 · ·

Adam,

 

License is working (forgot to connect CAS to AMD (wink))

Netflow is arriving on the AMD (tcpdump)

Netflow is configured on Console (I do not see correct flow from the cisco's, I see neighbour flow in error ofcourse)

 have 4 physical interfaces on the AMD, two are connected and used as BOND0, (shows up in config script as unused with correct IP)

 

  • eth0 is default comm In+Out traffic
  • eth1 is unused traffic Y

Do I have to change BOND0 from communication to capture mode, or should it already work? Or is it not possible to use this virtual device?

 

KR Henk Stobbe

 

 

0 Likes 0 · ·

Henk,

NFC receives its traffic through a communication interface, so bond0 configured as comm is perfectly fine.

Wojtek.

0 Likes 0 · ·

Woljtek,

 

Thx for your reply, you are right. Everything works,

 

Henk

0 Likes 0 · ·