Abubuwan da ke ciki boye
1 ADVANTECH Router App Net Flow Pfix
2 Bayanin samfur
3 Umarnin Amfani
4 Alamomin da aka yi amfani da su
5 Canji
6 Bayanin module
7 Kanfigareshan
8 Bayani
9 Umarnin Amfani
10 Interaperability ID
11 Takardu masu alaƙa
12 Takardu / Albarkatu
12.1 Magana
13 Labarai masu alaka

ADVANTECH-LOGO

ADVANTECH Router App Net Flow Pfix

ADVANTECH-Router-App-NetFlow-Pfix-PRODUCT

Bayanin samfur

Ƙayyadaddun bayanai

  • Mai ƙira: Advantech Czech sro
  • Adireshi: Sokolska 71, 562 04 Usti nad Orlici, Jamhuriyar Czech
  • Takardu Saukewa: APP-0085-EN
  • Bita Rana: 19 ga Oktoba, 2023

Bayanin Module

  • Tsarin NetFlow/IPFIX na'ura mai ba da hanya tsakanin hanyoyin sadarwa ce ta Advantech Czech sro Ba a haɗa shi cikin daidaitaccen firmware na na'ura mai ba da hanya tsakanin hanyoyin sadarwa kuma yana buƙatar loda shi daban.
  • An tsara tsarin don sa ido kan zirga-zirgar hanyar sadarwa. Yana aiki ta hanyar tattara bayanan zirga-zirgar IP ta amfani da binciken da aka shigar akan masu amfani da NetFlow.
  • Ana ƙaddamar da wannan bayanin ga mai karɓar NetFlow da mai nazari don ƙarin bincike.

Web Interface

Da zarar an shigar da module, za ku iya samun dama ga nasa web dubawa ta danna kan module sunan a kan Router apps shafi na na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta web dubawa. The web dubawa ya ƙunshi menu mai sassa daban-daban:

Kanfigareshan

Sashen Kanfigareshan yana ba ku damar saita saituna daban-daban na NetFlow/IPFIX na'ura mai ba da hanya tsakanin hanyoyin sadarwa. Don samun dama ga saitunan daidaitawa, danna abin "Global" a cikin babban menu na module's web dubawa. Abubuwan da za a iya daidaita su sun haɗa da:

  • Kunna Bincike: Wannan zaɓin yana fara ƙaddamar da bayanan NetFlow zuwa mai tarawa mai nisa (idan an ayyana) ko ga mai karɓar gida (idan an kunna).
  • Ladabi: Wannan zaɓi yana ba ku damar zaɓar ƙa'idar da za a yi amfani da ita don ƙaddamar da bayanan NetFlow. Kuna iya zaɓar daga NetFlow v5, NetFlow v9, ko IPFIX (NetFlow v10).
  • ID na injin: Wannan zaɓi yana ba ku damar saita ID na Domain Lura (na IPFIX), ID na tushen (na NetFlow v9), ko ID ɗin injin (na NetFlow v5). Wannan yana taimaka wa mai tarawa don bambanta tsakanin masu fitar da kaya da yawa. Don ƙarin bayani, koma zuwa sashin kan Interoperability ID Engine.

Bayani

Sashen Bayani yana ba da cikakkun bayanai game da tsarin da lasisinsa. Kuna iya samun damar wannan sashin ta danna abin "Bayyana" a cikin babban menu na module's web dubawa.

Umarnin Amfani

Bayanin Tattara

  • Tsarin NetFlow/IPFIX yana tattara bayanan zirga-zirgar IP daga binciken na'ura mai ba da hanya tsakanin hanyoyin sadarwa. Wannan ya haɗa da cikakkun bayanai kamar tushe da adiresoshin IP masu zuwa, kirga fakiti, ƙididdigar byte, da bayanan yarjejeniya.

Maido da Bayanin Ajiye

  • Don dawo da bayanan da aka adana, kuna buƙatar samun dama ga mai tarawa na NetFlow da mai nazari wanda tsarin ke ƙaddamar da bayanan. Mai tarawa da mai tantancewa za su samar da kayan aiki da rahotanni don nazari da ganin bayanan da aka tattara.

Interaperability ID

  • Saitin ID ɗin Injiniya a cikin daidaitawa yana ba ku damar tantance mai ganowa na musamman don mai fitar da ku. Wannan yana da amfani idan kuna da masu fitarwa da yawa suna aika bayanai zuwa mai tarawa iri ɗaya.
  • Ta hanyar saita ID na injin daban-daban, mai tarawa zai iya bambanta tsakanin bayanan da aka karɓa daga masu fitarwa daban-daban.

Lokacin zirga-zirga

  • Samfurin ba ya bayar da takamaiman bayani game da lokacin zirga-zirga. Da fatan za a koma zuwa takaddun da ke da alaƙa ko tuntuɓi Advantech Czech sro don ƙarin cikakkun bayanai.

Takardu masu alaƙa

  • Don ƙarin bayani da cikakkun bayanai, da fatan za a duba takaddun masu zuwa:
  • Littafin Kanfigareshan
  • Sauran takaddun da ke da alaƙa da Advantech Czech sro ya bayar

FAQ

Tambaya: Wanene ke ƙera NetFlow/IPFIX?

  • A: Mai ƙera NetFlow/IPFIX shine Advantech Czech sro

Tambaya: Menene manufar NetFlow/IPFIX?

  • A: NetFlow/IPFIX an tsara shi don saka idanu kan zirga-zirgar hanyar sadarwa ta hanyar tattara bayanan zirga-zirgar IP daga masu amfani da NetFlow da kuma ƙaddamar da shi zuwa mai tarawa na NetFlow da mai nazari.

Tambaya: Ta yaya zan iya samun damar saitunan saitin tsarin?

  • A: Don samun dama ga saitunan saitin, danna abu "Global" a cikin babban menu na module's web dubawa.

Tambaya: Menene saitin ID ɗin Injin da ake amfani dashi?

  • A: Saitin ID ɗin Injin yana ba ku damar ƙididdige mai ganowa na musamman don mai fitar da ku, yana taimaka wa mai tarawa don bambanta tsakanin masu fitarwa da yawa.
  • © 2023 Advantech Czech sro Babu wani ɓangare na wannan ɗaba'ar da za a iya sake bugawa ko watsa shi ta kowace hanya ko ta kowace hanya, lantarki ko injiniyoyi, gami da ɗaukar hoto, rikodi, ko kowane tsarin ajiyar bayanai da tsarin dawo da bayanai ba tare da rubutaccen izini ba.
  • Bayani a cikin wannan jagorar yana iya canzawa ba tare da sanarwa ba, kuma baya wakiltar alƙawarin daga ɓangaren Advantech.
  • Advantech Czech sro ba zai zama abin alhakin lalacewa na faruwa ba ko sakamakon lalacewa ta hanyar kayan aiki, aiki, ko amfani da wannan jagorar.
  • Duk sunayen alamar da aka yi amfani da su a cikin wannan jagorar alamun kasuwanci ne masu rijista na masu su. Amfani da alamun kasuwanci ko wasu zayyana a cikin wannan ɗaba'ar don dalilai ne kawai kuma baya zama amincewa da mai alamar kasuwanci.

Alamomin da aka yi amfani da su

  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-1hadari - Bayani game da amincin mai amfani ko yuwuwar lalacewa ga na'ura mai ba da hanya tsakanin hanyoyin sadarwa.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-2Hankali - Matsalolin da zasu iya tasowa a cikin takamaiman yanayi.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-3Bayani - Nasihu masu amfani ko bayani na sha'awa ta musamman.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-4Example – Example na aiki, umarni ko rubutun.

Canji

NetFlow/IPFIX Changelog

  • v1.0.0 (2020-04-15)
    • Sakin farko.
  • v1.1.0 (2020-10-01)
    • An sabunta CSS da lambar HTML don dacewa da firmware 6.2.0+.

Bayanin module

  • NetFlow/IPFIX app ba ya ƙunshe a cikin daidaitaccen firmware na na'ura mai ba da hanya tsakanin hanyoyin sadarwa. An siffanta loda wannan aikace-aikacen na'ura mai ba da hanya tsakanin hanyoyin sadarwa a cikin jagorar Kanfigareshan (duba Takardun da ke da alaƙa Babi).
  • An ƙaddara NetFlow/IPFIX na Router app don sa ido kan zirga-zirgar hanyar sadarwa. NetFlow da aka kunna masu amfani da hanyar sadarwa suna da bincike wanda ke tattara bayanan zirga-zirgar IP kuma ya ƙaddamar da su zuwa mai tarawa na NetFlow da mai nazari.

Wannan aikace-aikacen na'ura mai ba da hanya tsakanin hanyoyin sadarwa ya ƙunshi:

  • Binciken NetFlow wanda zai iya ƙaddamar da bayanai ga mai karɓar hanyar sadarwa mai jituwa da mai nazari, misali http://www.paessler.com/prtg.
  • Mai tara NetFlow wanda ke adana bayanan da aka tattara zuwa a file. Hakanan yana iya karɓa da adana zirga-zirgar NetFlow daga wasu na'urori.ADVANTECH-Router-App-NetFlow-Pfix-FIG-5

Web Interface

  • Da zarar an gama shigar da tsarin, ana iya kiran GUI na module ta danna sunan module akan shafin aikace-aikacen Router na na'ura mai ba da hanya tsakanin hanyoyin sadarwa. web dubawa.
  • Bangaren hagu na wannan GUI ya ƙunshi menu tare da sashin menu na Kanfigareshan da sashin menu na Bayani.
  • Sashen menu na keɓancewa ya ƙunshi abin Dawowa kawai, wanda ke juyawa baya daga na'urar web shafi zuwa na'ura mai ba da hanya tsakanin hanyoyin sadarwa web shafukan daidaitawa. Ana nuna babban menu na GUI na module akan Hoto 2.ADVANTECH-Router-App-NetFlow-Pfix-FIG-6

Kanfigareshan

Duniya

  • Ana iya saita duk saitunan na'ura mai ba da hanya tsakanin hanyoyin sadarwa na NetFlow/IPFIX ta danna kan abun Duniya a cikin babban menu na module. web dubawa. An gamaview Ana ba da abubuwa masu daidaitawa a ƙasa.ADVANTECH-Router-App-NetFlow-Pfix-FIG-7
Abu Bayani
Kunna Bincike Fara tara bayanan NetFlow zuwa mai tarawa mai nisa (lokacin da aka ayyana), ko zuwa ga Mai tara Gida (lokacin da aka kunna).
Yarjejeniya Protocol da za a yi amfani da shi: NetFlow v5, Netflow v9, IPFIX (Net-Flow v10)
ID na injin Domain ID (akan IPFIX, Id Source akan NetFlow v9, ko Injin Id akan NetFlow v5). Wannan na iya taimaka wa mai karɓar ku don bambanta tsakanin masu fitar da kaya da yawa. Duba kuma sashe akan Interoperability ID Engine.
Abu Bayani
Sampler (Ba komai): ƙaddamar da kowane kwarara da aka lura; ƙaddara: ƙaddamar da kowane N-th lura da gudana; bazuwar: zaɓi ɗaya bazuwar daga cikin N gudana; zanta: zaɓi zanta-bazuwar ɗaya daga cikin kwararan N.
Sampdarajar darajar Farashin N.
Kashewar Motsi mara aiki Gabatar da kwarara bayan ba ya aiki na daƙiƙa 15. Tsohuwar ƙimar ita ce 15.
Lokaci Kashe Motsi Mai Aiki Ƙaddamar da kwarara bayan yana aiki don 1800 seconds (minti 30). Tsohuwar ƙimar ita ce 1800. Dubi kuma sashin kan lokacin zirga-zirga.
Mai tarawa mai nisa Adireshin IP na mai karɓar NetFlow ko mai nazari, inda za a ƙaddamar da bayanan zirga-zirgar NetFlow da aka tattara. Port ba na tilas bane, tsoho 2055. Ƙaddamarwa na iya ƙunsar waƙafi da aka raba jerin adiresoshin IP da yawa (da tashoshin jiragen ruwa) don madubi NetFlow zuwa masu tarawa / masu nazari biyu ko fiye.
Kunna Mai Tarin Gida Fara karɓar bayanin NetFlow daga Binciken gida (lokacin da aka kunna) ko daga bincike mai nisa.
Tazarar Ma'aji Yana ƙayyade tazarar lokaci a cikin daƙiƙa don juyawa files. Matsakaicin ƙima shine 300s (minti 5).
Karewa Ma'aji Yana saita max lokacin rayuwa don files a cikin directory. Ƙimar 0 tana kashe iyakar tsawon rayuwa.
Ma'ajiyar Interface Lambobin SNMP Bincika don adana fihirisar SNMP na shigar da / fitarwa (% in, %out) ban da daidaitattun saitin bayanai, duba ƙasa.
Ajiye Adireshin IP na gaba Hop Bincika don adana adireshin IP na hop na gaba na zirga-zirgar waje (% nh).
Adana Adireshin IP ɗin da ake fitarwa Bincika don adana adireshin IP na na'ura mai ba da hanya tsakanin hanyoyin sadarwa (% ra).
Adana ID ɗin Injin Fitarwa Bincika don adana ID ɗin Injin na'ura mai ba da hanya tsakanin hanyoyin sadarwa (% Eng).
Lokacin liyafar Gudun Ajiye Duba don adana lokutan lokaciamp lokacin da aka karɓi bayanan kwarara (%tr).

Tebur 1: Bayanin abubuwan Kanfigareshan

Bayani

lasisi Yana Takaita lasisin Buɗe-Source Software (OSS) lasisin da wannan tsarin ke amfani dashiADVANTECH-Router-App-NetFlow-Pfix-FIG-8

Umarnin Amfani

Bai kamata a aika bayanan NetFlow akan WAN ba, sai dai idan an yi amfani da VPN. Ba a ɓoye bayanan ba ko ɓoyewa, don haka wanda ba shi da izini zai iya shiga view bayanin.

Bayanin Tattara

Mai binciken yana aika daidaitattun saitin bayanai masu zuwa koyaushe kuma mai tattarawa ya adana shi:

  • Lokaciamp lokacin da aka fara ganin zirga-zirga (% ts) kuma na ƙarshe (% te), ta amfani da agogon bincike
  • Adadin bytes (% byt) da fakiti (% pkt)
  • An yi amfani da yarjejeniya (% pr)
  • TOS (%tos)
  • Tutocin TCP (% flg)
  • Adireshin IP na tushen (% sa, % sap) da tashar jiragen ruwa (% sp)
  • Wurin adireshin IP (% da, %dap) da tashar jiragen ruwa (% dp)
  • Nau'in ICMP (% it)

Hakanan ana aika waɗannan abubuwan, amma ana adana su kawai akan buƙata (duba saitin da ke sama):

  • SNMP fihirisar shigarwa/fitarwa (%a, %out)
  • Adireshin IP na hop na gaba na zirga-zirga mai fita (% nh)
  • Adireshin IP (% ra) da ID ɗin injin (% eng) na mai fitar da hanyar sadarwa (bincike)
  • Lokaciamp lokacin da aka karɓi bayanan kwarara (%tr), ta amfani da agogon mai tarawa
  • Ƙimar da ke cikin baka (%xx) tana nuna mai tsarawa da za a yi amfani da ita tare da nfdump don nuna wannan ƙimar (duba babi na gaba).

Maido da Bayanin Ajiye

  • Ana adana bayanai a /tmp/netflow/nfcapd.yyyymmddHHMM, inda yyyymmddHHMM shine lokacin halitta. Littafin kuma ya ƙunshi .nfstat file, wanda ake amfani dashi don saka idanu lokacin karewa.
  • Kar ku canza wannan file. Don saita ƙarewar amfani da GUI mai gudanarwa.
  • The files za a iya karanta ta amfani da umarnin nfdump. nfdump [zaɓi] [tace]

Nuna fakitin UDP da aka aika ta 192.168.88.100:

  • nfdump -r nfcapd.202006011625 'proto udp da src ip 192.168.88.100'
    • Nuna duk yana gudana tsakanin 16:25 da 17:25, ana tattara kwararan hanyoyi (-B):
  • nfdump -R /tmp/netflow/nfcapd.202006011625:nfcapd.202006011725 -B
    • Nuna Nau'in Injin/ID, adireshin tushen + tashar jiragen ruwa da adireshin makoma+ don duk kwarara:
  • nfdump -r /tmp/netflow/nfcapd.202006011625 -o "fmt:% eng % sap % dap"

Interaperability ID

  • Netflow v5 yana bayyana masu gano 8-bit guda biyu: Nau'in Injin da ID ɗin Injin. Bincike akan masu amfani da hanyoyin sadarwa na Advantech yana aika ID ɗin Inji kawai (0..255). Nau'in Injin koyaushe zai zama sifili (0). Don haka, za a karɓi kwararar da aka aika tare da ID ɗin injin = 513 (0x201) azaman Injin Nau'in/ID = 0/1.ADVANTECH-Router-App-NetFlow-Pfix-FIG-9
  • Netflow v9 yana bayyana mai ganowa 32-bit guda ɗaya. Bincike akan masu amfani da hanyoyin sadarwa na Advantech na iya aika kowace lamba 32-bit, ta yaya sauran masana'antun (misali Cisco) suka raba mai ganowa zuwa bytes guda biyu da aka tanada, sannan Nau'in Injin da ID ɗin Injin. Mai karɓa yana bin hanya ɗaya.
  • Don haka, za a karɓi kwararar da aka aika tare da ID ɗin injin = 513 (0x201) azaman Injin Nau'in/ID = 2/1.ADVANTECH-Router-App-NetFlow-Pfix-FIG-10
  • IPFIX yana bayyana mai gano 32-bit guda ɗaya. Bincike akan masu amfani da hanyoyin sadarwa na Advantech na iya aika kowace lamba 32-bit, amma mai karɓar gida bai adana wannan ƙimar ba tukuna. Don haka za a karɓi kowane kwarara azaman Injin Type/ID = 0/0.ADVANTECH-Router-App-NetFlow-Pfix-FIG-11
  • Shawarwari: Idan kuna son adana ID ɗin Injin a cikin mai tarawa na gida, duba ID ɗin Injin Fitar da Kayan Aiki a cikin daidaitawa, yi amfani da ID ɗin Injin <256 kuma ku guji amfani da ka'idar IPFIX.
  • Lokacin zirga-zirga
  • Binciken yana fitar da jigilar kayayyaki zuwa kasashen waje, watau duk fakitin da ke tare. Idan ba a lura da fakiti na wani lokacin da aka ba (Lokacin Kwanan Traffic Mara aiki), ana ɗaukar kwararar a matsayin cikakke kuma binciken yana aika bayanan zirga-zirga zuwa ga mai karɓar.
  • Bayani game da a file don haka canja wuri zai bayyana a cikin mai tarawa da zarar an kammala canja wurin, wanda zai iya ɗaukar lokaci mai yawa. Idan watsawa yana aiki na dogon lokaci (Active Traffic Timeout) zai bayyana azaman gajeriyar gudu.
  • Don misaliampHar ila yau, tare da lokacin wucewar zirga-zirga na mintuna 30, sadarwar mintuna 45 za ta nuna kamar guda biyu: min 30 da minti 15 ɗaya.

Lokacin zirga-zirga

  • Binciken yana fitar da jigilar kayayyaki zuwa kasashen waje, watau duk fakitin da ke tare. Idan ba a lura da fakiti na wani lokacin da aka ba (Lokacin Kwanan Traffic Mara aiki), ana ɗaukar kwararar a matsayin cikakke kuma binciken yana aika bayanan zirga-zirga zuwa ga mai karɓar.
  • Bayani game da a file don haka canja wuri zai bayyana a cikin mai tarawa da zarar an kammala canja wurin, wanda zai iya ɗaukar lokaci mai yawa. Idan watsawa yana aiki na dogon lokaci (Active Traffic Timeout) zai bayyana azaman gajeriyar gudu. Don misaliampHar ila yau, tare da lokacin wucewar zirga-zirga na mintuna 30, sadarwar mintuna 45 za ta nuna kamar guda biyu: min 30 da minti 15 ɗaya.ADVANTECH-Router-App-NetFlow-Pfix-FIG-12

Takardu masu alaƙa

  • Kuna iya samun takaddun da suka danganci samfur akan tashar Injiniya a adireshin icr.advantech.cz.
  • Don samun Jagorar Fara Sauƙaƙe na na'ura mai ba da hanya tsakanin hanyoyin sadarwa, Jagorar Mai amfani, Jagorar Kanfigareshan, ko Firmware je zuwa shafin Samfuran na'ura mai ba da hanya tsakanin hanyoyin sadarwa, nemo samfurin da ake buƙata, kuma canza zuwa Manuals ko Firmware shafin, bi da bi.
  • Ana samun fakitin shigarwa na Router Apps da litattafai akan shafin Rubutun Apps.
  • Don Takardun Ci gaba, je zuwa shafin DevZone.

Takardu / Albarkatu

ADVANTECH Router App Net Flow Pfix [pdf] Jagorar mai amfani
Na'ura mai ba da hanya tsakanin hanyoyin sadarwa App Net Flow Pfix, App Net Flow Pfix, Net Flow Pfix, Flow Pfix, Pfix

Magana

Labarai masu alaka

Bar sharhi

Ba za a buga adireshin imel ɗin ku ba. Ana yiwa filayen da ake buƙata alama *