prost.pierrick at gmail
Jul 3, 2012, 10:55 PM
Post #3 of 4
(280 views)
Permalink
|
|
Re: No Data with Sflow Probe on Unix Server
[In reply to]
|
|
hy peter, thanks for your response, i trying to have optables/Ulog
configuration but same error, the Sflow host was not selected by NTOP. I'm
stopping test for moment but i'll came back to you later. Now i try to
using tap interface.
thanks.
pierrick
2012/7/2 Peter Phaal <peter.phaal [at] gmail>
> ntop does not understand the sFlow Host Structures (the ones being
> reported Unkown, 2000 - 2006):
>
> http://sflow.org/sflow_host.txt
>
> These metrics are used to monitor host performance and you would need
> to use a tool like Ganglia or Graphite to report on them:
>
> http://blog.sflow.com/2012/02/ganglia-33-released.html
> http://blog.sflow.com/2012/01/graphite.html
>
> ntop is looking for network traffic information and for that, you
> either need to enable sFlow on your switches, or configure
> iptables/ULOG to send traffic data to the Host sFlow agent which will
> then export the data to NTop:
>
> http://blog.sflow.com/2010/12/ulog.html
>
> Peter
>
> --------------------------------
> Hy, i'm trying to configure à Sflow probe (www.sflow.com) with Ntop.
>
> Locale packet sniffing (eth0) works wel but with an Sflow Probe, i have no
> packet incoming.
>
>
> sflow {
> DNSSD = off
> polling = 30
> sampling = 400
> collector {
> ip = 192.168.1.91
> udpport = 6343
> }
>
>
>
> A tcpdump on ntop server (192.168.1.91) looks great:
>
>
> 18:01:38.242292 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP
> (17), length 456)
> 192.168.1.82.47489 > sup-sflow.sflow: [udp sum ok] sFlowv5, IPv4 agent
> 192.168.1.82, agent-id 100000, seqnum 41, uptime 1207000, samples 1, length
> 428
> counter sample (2), length 392, seqnum 41, type 2, idx 1, records 6
> enterprise 0, Unknown (2001) length 36
> enterprise 0, Unknown (2005) length 52
> enterprise 0, Unknown (2004) length 72
> enterprise 0, Unknown (2003) length 68
> enterprise 0, Unknown (2006) length 40
> enterprise 0, Unknown (2000) length 64
>
>
>
> When i activate level 6 log on Ntop Server, i'have this:
>
> Mon Jul 2 17:59:41 2012 [sessions.c:477] DEBUG: scanTimedoutTCPSessions:
> freed 0 sessions [total: 12 sessions]
> Mon Jul 2 17:59:41 2012 [hash.c:508] IDLE_PURGE: Device 0 [em1]: 9/38
> hosts deleted, elapsed time is 0.000451 seconds (0.000050 per host)
> Mon Jul 2 17:59:41 2012 [hash.c:482] IDLE_PURGE: Device 1
> [sFlow-device.2] FINISHED selection, 0 [out of 1] hosts selected
> Mon Jul 2 17:59:41 2012 [hash.c:515] IDLE_PURGE: Device sFlow-device.2:
> no hosts [out of 1] deleted
> Mon Jul 2 18:00:41 2012 [hash.c:482] IDLE_PURGE: Device 0 [em1] FINISHED
> selection, 2 [out of 35] hosts selected
>
>
>
> My Web GUI conf for SFlow is Ok, i have no idea about the resolution of
> this problem.
> If someone have an idea.
>
> Thx in advance
>
> pierrick
> _______________________________________________
> Ntop mailing list
> Ntop [at] listgateway
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
--
=======================================================================
Prost Pierrick
Prost.pierrick [at] gmail
Cell Phone : 514-632-7173
Skype : prostpierrick
|
