linux CISCO equipment to simulate the data output of NetFlow

2010-12-17  来源:本站原创  分类:Industry  人气:119 

http://blog.163.com/sd_qiye/blog/static/43530267200821811234264/

First, the system architecture JP8v / | 0hw F
System built on Linux RedHat 9.0 operating system. Is the need to simulate some of the main data export module. We use software to simulate the router NetflowExporter data export capabilities. The software currently only supports popular NetFlow V5 format. In the data acquisition module using flow-tools 0.68 in the kit.
Run NetflowExporter the PC, preferably with two or more CPU, memory requirement depends on the specific flow conditions. According to experience, in the 10 trillion size of the network to achieve NetFlow feature, the memory of not less than 1G. Side should also export the data to achieve the dual-card export data. Data acquisition module to achieve some of the major storage flow aggregation, requires relatively large storage space. In our practical experiments, for example, about ten trillion level of traffic we have to spend a day 3-5G. Followed by compression and then smaller. T (`" {vuC # Q `
Data export module uses two network interfaces eth0 and eth1 (two cards), eth0 needs an internal IP address, but do not need the IP address of eth1 settings (or use an unused private address), while set in the NetflowExporter host listener interface. Then, configure the switch to the router port to a complete copy of the data packet eth1 interface. After NetflowExporter processed through eth0 to UDP packets in the form of export formats to the internal network flow-tools or ntop host, but must be reasonable in the acquisition side configured to receive from the export side the right to issue the Netflow V5 format message. This will generate the traffic data acquisition module file, which can end in the data processing and analysis of the flow of information needed by users. Ntop install flow-tools or the host can be a host or another host is NetflowExporter. System structure as shown in Annex 1.

Second, the concrete realization of 4EC6n u J6L V8r
1, the export module to export some of the data, NetflowExporter host currently only supports Linux and FreeBSD i386 platform, operating system. The Linux platform, for example, the Linux platform in order to install the rpm package to install the software, such as: # rpm-ivh NetflowExporter-0.1.25-1.i386.rpm first run can enter: # netflow, netflow software can then enter the program's user interface. User interface prompt is hostname:: netflow>, recommended to use the show configuration command to understand the current system configuration. If you want to listen on interface eth1, you can enter the command listen on eth1. With the ip flow-export destination xxxx portnumber (where xxxx that the destination host IP address, portnumber for the destination port number) command to specify the NetflowExporter to the destination host and receives the output port. Then enter the enable ip flow-export command to start the output flow function. Recommended setting is completed, with the show configuration command to re-confirm the configuration is correct or not. Then write down the command to save the configuration, in general, the configuration storage file is / etc / netflow.conf. Exit NetflowExporter two commands. One is the exit, this command is to leave the software user interface but the software still work in the background. The second command is terminate, this command will only exit the software user interface also make the software stop working.

lT KOH0t (y3XvT.l
2 module in the data collection terminal using flow-tools 0.68 Kit (http://cng.ateneo.net/cng/wyu/software/flow-tools.php).
One flow-capture is mainly responsible for the collection, compression, storage from the router (data export side) made over the UDP packets. For example: flow-capture-n 105-Z 6-w / var / netflow 0/0/3309, where-n parameter specifies the number of daily create the file, the default value is 95, about 15 minutes to generate a flow of information log file. -Z parameter is used to set the compression level. built flow-tools in the Zlib compression algorithm for data flow. There are 10 compression levels, respectively, expressed from 0 to 9,0 without any compression, 9 is highest compression rate, but the consumption of resources. The results showed that 6 in the choice of compression parameters, when the consumption of the cpu and the compression can be achieved between a good balance, basically the compression ratio in the 3-5:1. -W parameter to specify the current file directory. It should be noted that the directory name must be created manually in advance, or can not generate streaming files, can not automatically create the directory name. 0/0/3309 denote the local (receiver) IP / remote (sending) IP / receiving port number. After running this program, you can prompt the Linux netstat-lnp to see the program specified by the listening port is already open. If you open that program has to work. If the settings did not say there is a problem and needs to re-check the settings. Specific to view / var / log / messages in the message.

CH8T4zh_
3, the data transferred out procedures & P: dK0w + js0 `W
flow-import, and flow-export to import and export of data, including flow-export also supports direct export to Mysql database or exported into Cflow supported stream format or exported as ASCII text files directly. For example: flow-export-f2-mdpkts, doctets, first, last, srcaddr, dstaddr, srcport, dstport, prot, tos <stream file or stream directory> flows.ascii, this command can stream files to record information in all Export to an ASCII file. flow-export-f2-mdpkts, doctets, first, last, srcaddr, dstaddr, srcport, dstport, prot, tos-u "user: password: host: prot: name: table" <stream file or stream directory, the command Record directly into the stream to the specified Mysql database. Note that the order of the specified field can not be reversed, otherwise can not export the proper flow of record.

相关文章
  • linux CISCO equipment to simulate the data output of NetFlow 2010-12-17

    http://blog.163.com/sd_qiye/blog/static/43530267200821811234264/ First, the system architecture JP8v / | 0hw F System built on Linux RedHat 9.0 operating system. Is the need to simulate some of the main data export module. We use software to simulate

  • I used Linux command of the join - merging data files by keyword 2010-10-28

    I used Linux command of the join - merging data files by keyword This link: http://codingstandards.javaeye.com/blog/796299 (reprint, please indicate the source) Use Description Linux, the most common data file format is text format, a number of field

  • Growth path of servlet reads the database for the XML data output when the garbage problem: 2010-03-19

    servlet reads the database for the XML data output when the garbage problem: En First: Your object is to first get out after completing the acquisition before you set the character set, contradictory set up your first response after it during write o

  • linux shell script to re-set input and output 2010-10-20

    Transfer from: http://blog.csdn.net/wenrenhua08/archive/2010/09/02/5857347.aspx Shell script has recently been busy studying, I feel learned a lot, to share this with you. Script iout.sh #!/bin/sh SHDIR="$(dirname -- $(readlink -f -- "$0"))

  • linux symbol Daquan. uninstall the software. Data Redirection 2011-07-11

    linux symbol Daquan http://wenku.baidu.com/view/24083a4df7ec4afe04a1dfcb.html uninstall linux software http://wenku.baidu.com/view/7adec2d8d15abe23482f4d5b.html rmdir and rm http://wenku.baidu.com/view/313fb8c6bb4cf7ec4afed00a.html linux shell redire

  • Database data output to html page 2010-04-03

    Query the database, we often will save up some of the results of inquiries, such as data stored in EXCEL, but if the data stored in the HTML page to display, and the data show a web page out of time, it will be more intuitive. We normally when the qu

  • Practical C # in any type of data into JSON format for data output 2010-10-31

    The following consolidation of arbitrary types of data into json data hyper-utility functions : /// <summary> /// List Go into json /// </summary> /// <typeparam name="T"></typeparam> /// <param name="jsonName&quo

  • Statistics and detailed data output 2011-04-10

    select * from (Select t1 .*, totaltaxfinal, totaltaxfinal2, Ymonth from tb_tax t1 join ( select t.eid, sum (t.taxfinal) as totaltaxfinal, sum (t.taxdue) as totaltaxfinal2, to_char (t.paymentterm, 'yyyy-mm') as Ymonth from tb_tax t group by t.eid, to_

  • linux 安装 mongodb 时的"dbpath (/data/db/) does not " 2015-01-30

    前面安装来说都是很顺利的,但是在启动的时候遇到了这么一个问题 ERROR: dbpath (/data/db/) does not exist. Create this directory or give existing directory in --dbpath. See http://dochub.mongodb.org/core/startingandstoppingmongo 从这个问题来看 ,应该是没有创建 /data/db 目录,那么就用 "sudo mkdir -p /data/

  • Network Neighborhood to mount linux linux local and remote synchronization of data to the Network Neighborhood 2010-07-06

    [Simonsun @ tech100 ~] $ vim db_back_local.sh #! / Bin / sh sudo mount-t cifs-o username = administrator, passwd = pwd / / 172.16.1.8/DB_Dump / home / simonsun / DB_Dump & & sudo rsync-avzP-e 'ssh-p 22' root @ www .***. com: / db / backup / positi

  • linux to the output end of the file to another file 2010-09-25

    ">" Redirects the file overwrite the original file ;">>" appended to the end. 1, redirect standard output, you can use the ">" symbol, for example: dir my_dir> filelisting.txt Standard dir command will redirect

  • Linux input and output redirection and pipes 2011-01-03

    Standard input and output We know that executing a shell command line, it automatically opens three standard document, the standard input file (stdin), usually corresponding to the terminal keyboard; standard output file (stdout) and standard error o

  • Linux view the file encoding, file format conversion and encoding the file name data conversion. 2010-08-22

    Ran into this problem, refer to the article, archive Involved 1.vim in the display and conversion: set fileencoding 2. Convert the entire file using the iconv 3. Convmv convert file name to use If you need to operate in the Linux file under windows,

  • Redirect the output under Linux Shell (change) 2010-09-17

    Linux Shell environment, to support input and output redirection symbols <and> to represent. 0,1 and 2, respectively, the standard input, standard output and standard error message output, can be used to specify the need to redirect standard input o

  • Redirect the output under Linux Shell 2011-04-14

    Linux Shell environment to support input and output redirection symbols <and> to represent. 0, 1 and 2, respectively, the standard input, standard output and standard error output, can be used to specify the need to redirect the standard input or ou

  • linux file system commands 2010-02-04

    Linux supports a large number of local file system type (ext2, ext3, JFS, XFS, ReiserFS, vfat, NTFS), look at / proc / filesystems file to find out the contents of the current Linux kernel can provide the support on which the file system. No matter w

  • Use of U disk controller driver to load the Linux system installation 2010-03-08

    Generally, we install the server process needs to load some of scsi card or raid card driver to the operating system can detect the hard disk. Conventional approach is to use the floppy drive installed, in fact, we are able to carry through U disk lo

  • Linux + OS Interview 2010-03-29

    Linux face questions Daquan http://jythoner.javaeye.com/blog/348231 http://blog.chinaunix.net/u3/108239/showart_2195301.html 1. Fill in the blank: 1. In the Linux system in order to file access device. 2. Linux kernel boot time, from the file / etc /

  • a Reference linux side 2010-04-18

    1. Fill in the blank: 1. In the Linux system to access the device file. 2. Linux kernel boot time, from the file / etc / fstab to read the file system to load. 3. Linux file system each file is identified with i nodes. 4. All disk block consists of f

  • (Assignment) Linux word wonderful Q & A 2010-05-12

    Q & A on Linux wonderful word: Xu Chen / Wei Qiong from: linux treasure (http://www.linuxmine.com) Contact: [email protected] Editor's note: Given the current development status of Linux in China, 90% of the questions can be answered in one sentenc