Zamkatimu kubisa
1 ADVANTECH Router App Net Flow Pfix
2 Zambiri Zamalonda
3 Malangizo Ogwiritsa Ntchito
4 Zizindikiro zogwiritsidwa ntchito
5 Changelog
6 Kufotokozera kwa module
7 Kusintha
8 Zambiri
9 Malangizo Ogwiritsa Ntchito
10 Engine ID Interoperability
11 Zolemba Zogwirizana
12 Zolemba / Zothandizira
12.1 Maumboni
13 Zolemba Zogwirizana

ADVANTECH-LOGO

ADVANTECH Router App Net Flow Pfix

ADVANTECH-Router-App-NetFlow-Pfix-PRODUCT

Zambiri Zamalonda

Zofotokozera

  • Wopanga: Advantech Czech sro
  • Adilesi: Sokolska 71, 562 04 Usti nad Orlici, Czech Republic
  • Chikalata Nambala ya APP-0085-EN
  • Kubwereza Tsiku: Okutobala 19, 2023

Kufotokozera kwa Module

  • Module ya NetFlow/IPFIX ndi pulogalamu ya rauta yopangidwa ndi Advantech Czech s.r.o. Sizikuphatikizidwa mu firmware yokhazikika ya rauta ndipo imayenera kukwezedwa padera.
  • Gawoli lapangidwa kuti liwunikire kuchuluka kwa ma network. Zimagwira ntchito posonkhanitsa zidziwitso zamtundu wa IP pogwiritsa ntchito kafukufuku woyikidwa pa ma routers omwe ali ndi NetFlow.
  • Izi zimatumizidwa kwa wokhometsa NetFlow ndi analyzer kuti aunikenso.

Web Chiyankhulo

Module ikayikidwa, mutha kuyipeza web mawonekedwe podina pa dzina la gawo patsamba la mapulogalamu a Router pa rauta yanu web mawonekedwe. The web mawonekedwe ali ndi menyu yokhala ndi magawo osiyanasiyana:

Kusintha

Gawo la Configuration limakupatsani mwayi wokonza zosintha zosiyanasiyana za pulogalamu ya rauta ya NetFlow/IPFIX. Kuti mupeze zosintha, dinani chinthucho "Global" mu menyu yayikulu ya module web mawonekedwe. Zinthu zosinthika zikuphatikizapo:

  • Yambitsani Probe: Izi zimayamba kutumiza zambiri za NetFlow kwa wokhometsa wakutali (ngati atafotokozedwa) kapena kwa wokhometsa wamba (ngati athandizidwa).
  • Ndondomeko: Izi zimakupatsani mwayi wosankha protocol yoti mugwiritse ntchito popereka chidziwitso cha NetFlow. Mutha kusankha kuchokera ku NetFlow v5, NetFlow v9, kapena IPFIX (NetFlow v10).
  • ID ya injini: Izi zimakuthandizani kuti muyike Observation Domain ID (ya IPFIX), Source ID (ya NetFlow v9), kapena ID ya Engine (ya NetFlow v5). Izi zimathandiza osonkhanitsa kusiyanitsa pakati pa otumiza kunja angapo. Kuti mudziwe zambiri, onani gawo la Engine ID Interoperability.

Zambiri

Gawo la Information limapereka zambiri za gawoli ndi zilolezo zake. Mutha kulowa gawoli podina chinthucho "Zidziwitso" patsamba lalikulu la gawoli web mawonekedwe.

Malangizo Ogwiritsa Ntchito

Zosonkhanitsa

  • Module ya NetFlow/IPFIX imasonkhanitsa zambiri zamagalimoto a IP kuchokera ku kafukufuku wa rauta. Izi zikuphatikizanso zambiri monga ma IP adilesi akuchokera ndi komwe mukupita, kuwerengera mapaketi, ma byte, ndi zambiri zama protocol.

Kubweza Zambiri Zosungidwa

  • Kuti mutenge zambiri zomwe zasungidwa, muyenera kupeza NetFlow wosonkhanitsa ndi kusanthula komwe gawoli limapereka deta. Wosonkhanitsa ndi kusanthula adzapereka zida ndi malipoti owunikira ndikuwona zomwe zasonkhanitsidwa.

Engine ID Interoperability

  • Zochunira za ID ya Injini pakuchunidwa kumakupatsani mwayi kuti mutchule chizindikiritso chapadera cha omwe mumatumiza kunja. Izi ndizothandiza mukakhala ndi ogulitsa angapo omwe amatumiza deta kwa wosonkhanitsa yemweyo.
  • Pokhazikitsa ma ID osiyanasiyana a Injini, wokhometsa amatha kusiyanitsa pakati pa zomwe adalandira kuchokera kwa ogulitsa osiyanasiyana.

Kutha kwa Magalimoto

  • Gawoli silimapereka chidziwitso chatsatanetsatane chokhudza kutha kwa magalimoto. Chonde onani zikalata zokhudzana ndi izi kapena lemberani Advantech Czech s.r.o. kuti mumve zambiri.

Zolemba Zogwirizana

  • Kuti mudziwe zambiri komanso malangizo atsatanetsatane, chonde onani zolemba zotsatirazi:
  • Buku Lokonzekera
  • Zolemba zina zokhudzana ndi izi zoperekedwa ndi Advantech Czech s.r.o.

FAQ

Q: Kodi wopanga NetFlow/IPFIX ndi ndani?

  • A: Wopanga NetFlow/IPFIX ndi Advantech Czech s.r.o.

Q: Kodi cholinga cha NetFlow/IPFIX ndi chiyani?

  • A: NetFlow/IPFIX idapangidwa kuti iziyang'anira kuchuluka kwa maukonde posonkhanitsa zidziwitso zamtundu wa IP kuchokera ku ma routers omwe ali ndi NetFlow ndikuzipereka kwa wosonkhanitsa ndi kusanthula wa NetFlow.

Q: Ndingapeze bwanji zosintha za module?

  • A: Kuti mupeze zokonda zosinthira, dinani chinthu cha "Global" mu menyu yayikulu ya module web mawonekedwe.

Q: Kodi makonda a ID ya Engine amagwiritsidwa ntchito bwanji?

  • A: Makonda a ID ya Injini amakulolani kuti mutchule chizindikiritso chapadera cha omwe akutumiza kunja, kuthandiza osonkhanitsa kusiyanitsa pakati pa ogulitsa angapo.
  • © 2023 Advantech Czech sro Palibe gawo la bukhuli lomwe lingasindikizidwenso kapena kufalitsidwa mwanjira ina iliyonse kapena mwanjira ina iliyonse, pakompyuta kapena pamakina, kuphatikiza kujambula, kujambula, kapena kusunga zidziwitso zilizonse popanda chilolezo cholemba.
  • Zomwe zili m'bukuli zikhoza kusintha popanda chidziwitso, ndipo sizikuyimira kudzipereka kwa Advantech.
  • Advantech Czech sro sadzakhala ndi mlandu wowononga mwangozi kapena zotsatira zake chifukwa chakupereka, kagwiritsidwe ntchito ka bukhuli.
  • Mayina onse amtundu omwe amagwiritsidwa ntchito m'bukuli ndi zilembo zolembetsedwa za eni ake. Kugwiritsa ntchito zizindikiritso kapena zilembo zina m'bukuli ndizongongoyerekeza chabe ndipo sizikutsimikizira mwini wakeyo.

Zizindikiro zogwiritsidwa ntchito

  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-1Ngozi - Zambiri zokhudzana ndi chitetezo cha ogwiritsa ntchito kapena kuwonongeka kwa rauta.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-2Chidwi - Mavuto omwe angabwere pazochitika zinazake.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-3Zambiri - Malangizo othandiza kapena chidziwitso chapadera.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-4Example - Eksample ya ntchito, lamulo kapena script.

Changelog

NetFlow/IPFIX Changelog

  • v1.0.0 (2020-04-15)
    • Kutulutsidwa koyamba.
  • v1.1.0 (2020-10-01)
    • Zosinthidwa CSS ndi HTML code kuti zigwirizane ndi firmware 6.2.0+.

Kufotokozera kwa module

  • Pulogalamu ya rauta NetFlow/IPFIX ilibe mu firmware yokhazikika ya rauta. Kuyika kwa pulogalamu ya rauta iyi kwafotokozedwa m'buku la Configuration (onani Zolemba Zogwirizana ndi Mutu).
  • Pulogalamu ya rauta NetFlow/IPFIX imatsimikiziridwa kuti imayang'anira kuchuluka kwa maukonde. Ma routers a NetFlow ali ndi kafukufuku yemwe amasonkhanitsa zambiri zamagalimoto a IP ndikuzipereka kwa wosonkhanitsa ndi kusanthula wa NetFlow.

Pulogalamu ya router iyi ili ndi:

  • Kufufuza kwa NetFlow komwe kumatha kutumiza zambiri kwa Network collector ndi analyzer, e. g. ndi httsp://www.paessler.com/prtg.
  • NetFlow osonkhanitsa omwe amasunga zomwe zasonkhanitsidwa ku a file. Ithanso kulandira ndikusunga magalimoto a NetFlow kuchokera kuzipangizo zina.ADVANTECH-Router-App-NetFlow-Pfix-FIG-5

Web Chiyankhulo

  • Kuyika kwa gawoli kukamalizidwa, GUI ya module imatha kuyitanidwa podina dzina la module patsamba la mapulogalamu a Router pa rauta. web mawonekedwe.
  • Mbali yakumanzere ya GUI iyi ili ndi menyu yokhala ndi gawo la menyu Yokonzekera ndi gawo lachidziwitso.
  • Gawo la menyu losintha mwamakonda lili ndi chinthu Chobwerera chokha, chomwe chimasintha kuchokera ku module web tsamba la rauta web masamba kasinthidwe. Menyu yayikulu ya GUI ya module ikuwonetsedwa pa Chithunzi 2.ADVANTECH-Router-App-NetFlow-Pfix-FIG-6

Kusintha

Padziko lonse lapansi

  • Zokonda zonse za pulogalamu ya rauta ya NetFlow/IPFIX zitha kukhazikitsidwa podina chinthu cha Global pamenyu yayikulu ya gawo. web mawonekedwe. Kuthaview za zinthu zosinthika zaperekedwa pansipa.ADVANTECH-Router-App-NetFlow-Pfix-FIG-7
Kanthu Kufotokozera
Yambitsani Probe Yambani kutumiza zambiri za NetFlow kwa Wosonkhanitsa Akutali (pakafotokozedwa), kapena kwa Local Collector (akatha).
Ndondomeko Protocol yogwiritsidwa ntchito: NetFlow v5, Netflow v9, IPFIX (Net- Flow v10)
ID ya injini Observation Domain ID (pa IPFIX, Source Id pa NetFlow v9, kapena Id Id pa NetFlow v5) mtengo. Izi zitha kuthandiza wokhometsa wanu kusiyanitsa pakati pa otumiza kunja angapo. Onaninso gawo la Engine ID Interoperability.
Kanthu Kufotokozera
Samplero (chopanda): perekani mayendedwe aliwonse omwe awonedwa; deterministic: perekani iliyonse ya N-th yowonedwa; mwachisawawa: sankhani mwachisawawa chimodzi mwa maulendo a N; hashi: sankhani hashi-mwachisawawa chimodzi mwa mayendedwe a N.
Sampleer Rate Mtengo wa N.
Magalimoto Osagwira Ntchito Yatha Tumizani mayendedwe ikasiya kugwira ntchito kwa masekondi 15. Mtengo wofikira ndi 15.
Active Traffic Timeout Tumizani kuyenderera kukagwira ntchito kwa masekondi 1800 (mphindi 30). Mtengo wotsikirapo ndi 1800. Onaninso gawo lanthawi yamagalimoto.
Wosonkhanitsa Akutali Adilesi ya IP ya NetFlow wosonkhanitsa kapena kusanthula, komwe angatumize zambiri zamagalimoto za NetFlow. Doko ndilosankha, losasinthika 2055. Malo ofikira amatha kukhala ndi mndandanda wolekanitsidwa ndi koma wa ma adilesi angapo a IP (ndi madoko) kuti awonetsere NetFlow kwa otolera/osanthula awiri kapena kupitilira apo.
Yambitsani Wosonkhanitsa M'deralo Yambani kulandira zambiri za NetFlow kuchokera ku Probe yakomweko (pamene yayatsidwa) kapena kuchokera ku kafukufuku wakutali.
Nthawi Yosungira Imatchula nthawi mumasekondi kuti muzungulire files. Mtengo wokhazikika ndi 300s (5min).
Kutha Ntchito Yosungira Imakhazikitsa nthawi yayitali kwambiri ya moyo files mu chikwatu. Mtengo wa 0 umalepheretsa malire a moyo wawo wonse.
Sungani Nambala za SNMP za Interface Yang'anani kusunga SNMP index ya zolowetsa/zotulutsa (%in, %out) kuphatikiza pagulu lazidziwitso, onani pansipa.
Sungani Next Hop IP Address Yang'anani kuti musunge ma adilesi a IP amtundu wotsatira wa magalimoto otuluka (%nh).
Sungani IP Adilesi Yotumiza kunja Chongani kusunga adilesi ya IP ya rauta yotumiza kunja (%ra).
Sungani ID ya Injini Yotumiza kunja Yang'anani kuti musunge ID ya Injini ya rauta yotumiza kunja (%eng).
Sungani Nthawi Yolandila Kuyenda Onani nthawi yosungiraamp pamene uthenga wotuluka unalandiridwa (%tr).

Gulu 1: Kufotokozera za kasinthidwe

Zambiri

ziphaso Afotokozera mwachidule ziphatso za Open-Source Software (OSS) zogwiritsidwa ntchito ndi gawoliADVANTECH-Router-App-NetFlow-Pfix-FIG-8

Malangizo Ogwiritsa Ntchito

Deta ya NetFlow siyenera kutumizidwa pa WAN, pokhapokha ngati VPN ikugwiritsidwa ntchito. Zomwe sizili zobisika kapena zobisika, kotero munthu wosaloledwa atha kuletsa ndi view zambiri.

Zosonkhanitsa

Zidziwitso zotsatirazi nthawi zonse zimatumizidwa ndi kafukufukuyo ndikusungidwa ndi wosonkhanitsa:

  • Nthawiamp pamene magalimoto anawonekera koyamba (%ts) ndi kuwonedwa komaliza (%te), pogwiritsa ntchito wotchi yofufuza
  • Chiwerengero cha ma byte (%byt) ndi mapaketi (%pkt)
  • Ndondomeko yogwiritsidwa ntchito (% pr)
  • TOS (% mpaka)
  • mbendera TCP (%flg)
  • Adilesi ya IP (%sa, %sap) ndi doko (%sp)
  • Adilesi ya IP (%da, %dap) ndi port (%dp)
  • Mtundu wa ICMP (% it)

Zotsatirazi zimatumizidwanso, koma zimasungidwa pokhapokha mutapempha (onani config pamwamba):

  • SNMP index ya zolowetsa/zotulutsa (%in,%out)
  • Adilesi ya IP ya kuchuluka kwa magalimoto otuluka (%nh)
  • Adilesi ya IP (%ra) ndi ID ya Engine (%eng) ya rauta yotumiza kunja (probe)
  • Nthawiamp pamene mauthenga oyenda adalandiridwa (%tr), pogwiritsa ntchito wotchi ya otolera
  • Mtengo wa m'mabulaketi (% xx) umasonyeza mawonekedwe omwe angagwiritsidwe ntchito ndi nfdump kuti awonetse mtengowu (onani mutu wotsatira).

Kubweza Zambiri Zosungidwa

  • Deta imasungidwa mu /tmp/netflow/nfcapd.yyyymmddHHMM, kumene yyymmddHHMM ndi nthawi yolenga. Chikwatucho chilinso ndi .nfstat file, yomwe imagwiritsidwa ntchito poyang'anira nthawi yomwe yatha.
  • Osasintha izi file. Kukonzekera kutha ntchito gwiritsani ntchito admin GUI.
  • The files ikhoza kuwerengedwa pogwiritsa ntchito lamulo la nfdump. nfdump [zosankha] [sefa]

Onetsani mapaketi a UDP otumizidwa ndi 192.168.88.100:

  • nfdump -r nfcapd.202006011625 'proto udp ndi src ip 192.168.88.100'
    • Onetsani mitsetse yonse pakati pa 16:25 ndi 17:25, kuphatikizira mayendedwe amitundu iwiri (-B):
  • nfdump -R /tmp/netflow/nfcapd.202006011625:nfcapd.202006011725 -B
    • Onetsani Mtundu wa Injini/ID, adilesi yochokera + doko ndi adilesi yopitira + por pamayendedwe onse:
  • nfdump -r /tmp/netflow/nfcapd.202006011625 -o “fmt:%eng %sap %dap”

Engine ID Interoperability

  • Netflow v5 imatanthauzira zizindikiritso ziwiri za 8-bit: Mtundu wa Injini ndi ID ya Injini. Probe pa ma routers a Advantech amatumiza ID ya Engine yokha (0..255). Mtundu wa Injini nthawi zonse umakhala ziro (0). Chifukwa chake, kuyenda komwe kumatumizidwa ndi Engine ID = 513 (0x201) kulandiridwa ngati Mtundu wa Injini/ID = 0/1.ADVANTECH-Router-App-NetFlow-Pfix-FIG-9
  • Netflow v9 imatanthauzira chizindikiritso chimodzi cha 32-bit. Probe pa ma routers a Advantech amatha kutumiza nambala iliyonse ya 32-bit, momwe opanga ena (monga Cisco) amagawa chizindikiritso kukhala ma byte awiri osungidwa, kutsatiridwa ndi Mtundu wa Injini ndi ID ya Injini. Wolandira amatsatira njira yomweyo.
  • Chifukwa chake, kuyenda komwe kumatumizidwa ndi Engine ID = 513 (0x201) kulandiridwa ngati Mtundu wa Injini/ID = 2/1.ADVANTECH-Router-App-NetFlow-Pfix-FIG-10
  • IPFIX imatanthawuza chizindikiritso chimodzi cha 32-bit. Probe pa ma routers a Advantech amatha kutumiza nambala iliyonse ya 32-bit, koma wokhometsa wamba samasungabe mtengo uwu. Chifukwa chake kuyenda kulikonse kudzalandiridwa ngati Mtundu wa Injini/ID = 0/0.ADVANTECH-Router-App-NetFlow-Pfix-FIG-11
  • Malangizo: Ngati mukufuna kusunga ID ya Injini m'malo otolera, yang'anani ID ya Injini Yotumiza Zogulitsa Pakasinthidwe, gwiritsani ntchito Injini ID <256 ndikupewa kugwiritsa ntchito protocol ya IPFIX.
  • Kutha kwa Magalimoto
  • Zofufuza zimatumiza kunja konsekonse, i.e. mapaketi onse omwe ali pamodzi. Ngati palibe mapaketi omwe amawonedwa kwa nthawi yoperekedwa (Inactive Traffic Timeout), kutuluka kwake kumawonedwa ngati kokwanira ndipo kafukufukuyo amatumiza zambiri zamagalimoto kwa wosonkhanitsa.
  • Zambiri za a file kusamutsa koteroko kudzawonekera mwa okhometsa pamene kusamutsidwa kumalizidwa, zomwe zingatenge nthawi yochuluka. Ngati kutumizako kukugwira ntchito kwa nthawi yayitali kwambiri (Active Traffic Timeout) idzawoneka ngati maulendo afupiafupi.
  • Za example, ndi mphindi ya 30 yogwira ntchito yothamanga, kulankhulana kwa mphindi 45 kudzawoneka ngati maulendo awiri: imodzi 30 min ndi 15 min.

Kutha kwa Magalimoto

  • Zofufuza zimatumiza kunja konsekonse, i.e. mapaketi onse omwe ali pamodzi. Ngati palibe mapaketi omwe amawonedwa kwa nthawi yoperekedwa (Inactive Traffic Timeout), kutuluka kwake kumawonedwa ngati kokwanira ndipo kafukufukuyo amatumiza zambiri zamagalimoto kwa wosonkhanitsa.
  • Zambiri za a file kusamutsa koteroko kudzawonekera mwa okhometsa pamene kusamutsidwa kumalizidwa, zomwe zingatenge nthawi yochuluka. Ngati kutumizako kukugwira ntchito kwa nthawi yayitali kwambiri (Active Traffic Timeout) idzawoneka ngati maulendo afupiafupi. Za example, ndi mphindi ya 30 yogwira ntchito yothamanga, kulankhulana kwa mphindi 45 kudzawoneka ngati maulendo awiri: imodzi 30 min ndi 15 min.ADVANTECH-Router-App-NetFlow-Pfix-FIG-12

Zolemba Zogwirizana

  • Mutha kupeza zikalata zokhudzana ndi malonda pa Engineering Portal pa icr.advantech.cz adilesi.
  • Kuti mupeze Quick Start Guide ya rauta yanu, Buku Logwiritsa Ntchito, Buku Lokonzekera, kapena Firmware pitani patsamba la Router Models, pezani mtundu wofunikira, ndikusintha kupita ku Manuals kapena Firmware tabu motsatana.
  • Phukusi ndi zolemba za Router Apps zikupezeka patsamba la Mapulogalamu a Router.
  • Pa Zolemba Zachitukuko, pitani patsamba la DevZone.

Zolemba / Zothandizira

ADVANTECH Router App Net Flow Pfix [pdf] Buku Logwiritsa Ntchito
Router App Net Flow Pfix, App Net Flow Pfix, Net Flow Pfix, Flow Pfix, Pfix

Maumboni

Zolemba Zogwirizana

Siyani ndemanga

Imelo yanu sisindikizidwa. Minda yofunikira yalembedwa *