Litaba pata
1 ADVANTECH Router App Net Flow Pfix
2 Tlhahisoleseding ya Sehlahiswa
3 Litaelo tsa Tšebeliso
4 Matšoao a sebelisitsoeng
5 Changelog
6 Tlhaloso ea mojule
7 Tlhophiso
8 Boitsebiso
9 Litaelo tsa Tšebeliso
10 Tšebelisano ea ID ea Enjine
11 Litokomane Tse Amanang
12 Litokomane / Lisebelisoa
12.1 Litšupiso
13 Related Posts

ADVANTECH-LOGO

ADVANTECH Router App Net Flow Pfix

ADVANTECH-Router-App-NetFlow-Pfix-PRODUCT

Tlhahisoleseding ya Sehlahiswa

Litlhaloso

  • Moetsi: Advantech Czech sro
  • Aterese: Sokolska 71, 562 04 Usti nad Orlici, Czech Republic
  • Tokomane Nomoro: APP-0085-EN
  • Khatiso Letsatsi: 19 Mphalane, 2023

Tlhaloso ea Module

  • The NetFlow/IPFIX module ke router app e entsoeng ke Advantech Czech sro Ha e kenyelelitsoe ho firmware e tloaelehileng ea router mme e hloka ho kenngoa ka thoko.
  • Mojule o etselitsoe ho lekola sephethephethe sa marang-rang. E sebetsa ka ho bokella lintlha tsa sephethephethe sa IP ho sebelisa probe e kentsoeng ho li-routers tse nolofalitsoeng ke NetFlow.
  • Lintlha tsena li romelloa ho mokelli le mohlahlobi oa NetFlow bakeng sa tlhahlobo e eketsehileng.

Web Sehokedi

Hang ha module e kentsoe, u ka khona ho kena ho eona web interface ka ho tobetsa lebitso la mojule leqepheng la li-router apps tsa router ea hau web segokahanyi. The web interface e na le menu e nang le likarolo tse fapaneng:

Tlhophiso

Karolo ea Configuration e u lumella ho hlophisa litlhophiso tse fapaneng tsa sesebelisoa sa router ea NetFlow/IPFIX. Ho fihlella litlhophiso tsa tlhophiso, tobetsa nthong ea "Global" ho menu e kholo ea module web segokahanyi. Lintlha tse ka lokisoang li kenyelletsa:

  • Numella Probe: Khetho ena e qala ho fana ka tlhahisoleseling ea NetFlow ho 'mokelli ea hole (haeba e hlalositsoe) kapa ho 'mokelli oa lehae (haeba e lumelletsoe).
  • Tsamaiso: Khetho ena e u lumella ho khetha protocol e tla sebelisoa bakeng sa tlhahiso ea tlhahisoleseling ea NetFlow. U ka khetha ho NetFlow v5, NetFlow v9, kapa IPFIX (NetFlow v10).
  • ID ea enjine: Khetho ena e u lumella ho beha ID ea Observation Domain (bakeng sa IPFIX), Mohloli oa ID (bakeng sa NetFlow v9), kapa ID ea Engine (bakeng sa NetFlow v5). Sena se thusa 'mokelli ho khetholla pakeng tsa barekisi ba bangata ba kantle ho naha. Bakeng sa tlhaiso-leseling e batsi, sheba karolo ea Engine ID Interoperability.

Boitsebiso

Karolo ea Litaba e fana ka lintlha tse mabapi le mojule le lilaesense tsa ona. U ka fihlella karolo ena ka ho tobetsa nthong ea "Information" ho menu e kholo ea module web segokahanyi.

Litaelo tsa Tšebeliso

Boitsebiso bo Bokelitsoeng

  • Mojule oa NetFlow/IPFIX o bokella tlhahisoleseling ea sephethephethe sa IP ho tsoa ho probe ea router. Sena se kenyelletsa lintlha tse kang liaterese tsa IP tsa mohloli le moo u eang teng, lipalo tsa lipakete, lipalo tsa li-byte, le lintlha tsa protocol.

Ho Khutlisa Boitsebiso bo Bolokiloeng

  • Ho fumana tlhaiso-leseling e bolokiloeng, o hloka ho fihlella mokelli le mohlahlobi oa NetFlow moo mojule o romellang data ho eona. 'Mokelli le mohlahlobi o tla fana ka lisebelisoa le litlaleho bakeng sa ho hlahloba le ho bona boitsebiso bo bokeletsoeng.

Tšebelisano ea ID ea Enjine

  • Litlhophiso tsa ID ea Enjine ho litlhophiso li u lumella ho hlakisa sekhetho se ikhethileng bakeng sa morekisi oa hau. Sena se bohlokoa ha o na le barekisi ba bangata ba romellang data ho 'mokelli a le mong.
  • Ka ho beha li-ID tsa Enjine tse fapaneng, moqokeleli a ka khetholla lipakeng tsa data e fumanoeng ho tsoa ho barekisi ba fapaneng.

Nako ea Sephethephethe

  • Mojule ha o fane ka lintlha tse tobileng mabapi le nako ea sephethephethe. Ka kopo, sheba litokomane tse amanang le tsona kapa ikopanye le Advantech Czech sro bakeng sa lintlha tse ling.

Litokomane Tse Amanang

  • Bakeng sa tlhaiso-leseling e batsi le litaelo tse felletseng, ka kopo sheba litokomane tse latelang:
  • Bukana ea Tlhophiso
  • Litokomane tse ling tse amanang tse fanoeng ke Advantech Czech sro

LBH

Q: Ke mang moetsi oa NetFlow/IPFIX?

  • A: Moetsi oa NetFlow/IPFIX ke Advantech Czech sro

P: Sepheo sa NetFlow/IPFIX ke sefe?

  • A: NetFlow/IPFIX e etselitsoe ho lekola sephethephethe sa marang-rang ka ho bokella tlhahisoleseling ea sephethephethe sa IP ho tsoa ho li-routers tse nolofalitsoeng ke NetFlow le ho li romella ho mokelli le mohlahlobi oa NetFlow.

P: Nka fihlella litlhophiso tsa tlhophiso ea mojule joang?

  • A: Ho fihlella litlhophiso tsa tlhophiso, tobetsa nthong ea "Global" ho menu e kholo ea module web segokahanyi.

P: Setlhophiso sa ID ea Enjine se sebelisetsoa eng?

  • A: Litlhophiso tsa ID ea Enjine li u lumella ho hlakisa sekhetho se ikhethileng bakeng sa morekisi oa hau, ho thusa 'mokelli ho khetholla lipakeng tsa barekisi ba bangata.
  • © 2023 Advantech Czech sro Ha ho karolo ea sengoliloeng sena e ka hlahisoang bocha kapa ho fetisoa ka mokhoa ofe kapa ofe kapa ka mekhoa efe kapa efe, ea elektroniki kapa ea mochini, ho kenyeletsoa ho nka linepe, ho rekota, kapa mokhoa ofe kapa ofe oa polokelo le mokhoa oa ho khutlisa tlhahisoleseling ntle le tumello e ngotsoeng.
  • Lintlha tse bukeng ena li ka fetoha ntle le tsebiso, 'me ha li emele boitlamo ba Advantech.
  • Advantech Czech sro e ke ke ea ikarabella bakeng sa litšenyehelo tsa tšohanyetso kapa tse bakiloeng ke thepa, tšebetso, kapa tšebeliso ea bukana ena.
  • Mabitso ohle a marang-rang a sebelisitsoeng bukeng ena ke matšoao a ngolisitsoeng a beng ba ona. Ts'ebeliso ea mats'oao kapa mabitso a mang khatisong ena ke molemong oa litšupiso feela, 'me ha e fane ka tumello ea mong'a lets'oao.

Matšoao a sebelisitsoeng

  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-1Kotsi - Tlhahisoleseling mabapi le polokeho ea mosebelisi kapa tšenyo e ka bang teng ho router.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-2Tlhokomeliso – Mathata a ka hlahang maemong a itseng.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-3Boitsebiso - Malebela a bohlokoa kapa lintlha tse khahlisang haholo.
  • ADVANTECH-Router-App-NetFlow-Pfix-FIG-4Example - Example ea tshebetso, taelo kapa script.

Changelog

NetFlow/IPFIX Changelog

  • v1.0.0 (2020-04-15)
    • Tokollo ea pele.
  • v1.1.0 (2020-10-01)
    • CSS e ntlafalitsoeng le khoutu ea HTML ho tsamaisana le firmware 6.2.0+.

Tlhaloso ea mojule

  • Sesebelisoa sa router NetFlow/IPFIX ha se teng ho firmware e tloaelehileng ea router. Ho kenya sesebelisoa sena sa router ho hlalositsoe bukeng ea Configuration (sheba Litokomane Tse Amanang le Khaolo).
  • Sesebelisoa sa router NetFlow/IPFIX se ikemiselitse ho lekola sephethephethe sa marang-rang. Li-routers tse nolofalitsoeng ke NetFlow li na le probe e bokellang tlhahisoleseling ea sephethephethe sa IP ebe e e romella ho mokelli le mohlahlobi oa NetFlow.

Sesebelisoa sena sa router se na le:

  • NetFlow probe e ka romellang tlhahisoleseling ho moqokeleli oa marang-rang le mohlahlobi, mohlala httsp://www.paessler.com/prtg.
  • Moqokeleli oa NetFlow ea bolokang litaba tse bokeletsoeng ho file. E ka boela ea amohela le ho boloka sephethephethe sa NetFlow ho lisebelisoa tse ling.ADVANTECH-Router-App-NetFlow-Pfix-FIG-5

Web Sehokedi

  • Hang ha ts'ebetso ea mojule e felile, GUI ea module e ka kopuoa ka ho tobetsa lebitso la mojule leqepheng la lisebelisoa tsa Router tsa router. web segokahanyi.
  • Karolo e ka ho le letšehali ea GUI ena e na le menu e nang le karolo ea "Configuration" le karolo ea menu ea Boitsebiso.
  • Karolo ea menu ea Customization e na le feela ntho ea Khutlisa, e khutlelang morao ho tsoa ho module web leqepheng la ho router web maqephe a tlhophiso. Lenane la mantlha la GUI ea module le bonts'oa ho Setšoantšo sa 2.ADVANTECH-Router-App-NetFlow-Pfix-FIG-6

Tlhophiso

Lefatšeng ka bophara

  • Litlhophiso tsohle tsa li-router tsa NetFlow/IPIX li ka hlophisoa ka ho tobetsa ntho ea Global ho menu e kholo ea module. web segokahanyi. Ho fedileview ea lintho tse lokisehang e fanoe ka tlase.ADVANTECH-Router-App-NetFlow-Pfix-FIG-7
Ntho Tlhaloso
Numella Probe Qala ho fetisetsa tlhahisoleseling ea NetFlow ho Mokopitsi oa Remote (ha a hlalositsoe), kapa ho Mobokelli oa Lehae (ha a nolofalitsoe).
Protocol Protocol e tla sebelisoa: NetFlow v5, Netflow v9, IPFIX (Net- Flow v10)
ID ea enjine Observation Domain ID (ho IPFIX, Source Id ho NetFlow v9, kapa Id Id ho NetFlow v5) boleng. Sena se ka thusa 'mokelli oa hau ho khetholla lipakeng tsa barekisi ba bangata. Sheba hape karolo ea Tšebelisano-'moho ea ID ea Enjene.
Ntho Tlhaloso
Sampler (ha e na letho): fana ka phallo e 'ngoe le e 'ngoe e hlokometsoeng; deterministic: fana ka phallo e 'ngoe le e 'ngoe e hlokometseng N-th; ka tšohanyetso: khetha ka mokhoa o sa reroang e le 'ngoe ho tsoa ho N e phallang; hash: khetha hash-randomly e le 'ngoe ho N e phallang.
Sampleer Rate Theko ea N.
Nako e sa sebetseng ea Sephethephethe Kenya phallo ka mor'a hore e khaotse ho sebetsa ka metsotsoana e 15. Boleng ba kamehla ke 15.
Nako ea Nako ea Sephethephethe Kenya phallo ka mor'a hore e sebetse ka metsotsoana e 1800 (metsotso e 30). Boleng ba kamehla ke 1800. Sheba hape karolo mabapi le linako tsa nako ea sephethephethe.
'Mokelli ea hole Aterese ea IP ea mokelli kapa mohlahlobi oa NetFlow, moo a ka romellang tlhahisoleseling e bokelletsoeng ea sephethephethe sa NetFlow. Boema-kepe ke boikhethelo, kamehla 2055. Sebaka sa ho fihla se ka ba le lenane le arohaneng la likoma la liaterese tse ngata tsa IP (le likou) ho bonahatsa NetFlow ho babokelli/bahlahlobisisi ba babeli kapa ho feta.
Lumella 'Mokelli oa Sebaka Qala ho fumana leseli la NetFlow ho tsoa ho Probe ea lehae (ha e nolofalitsoe) kapa ho tsoa ho probe e hole.
Nako ea ho Boloka E totobatsa nako ea ho potoloha ka metsotsoana files. Boleng ba kamehla ke 300s (5mins).
Ho Felloa ke Nako ea polokelo E beha nako e telele ea bophelo bakeng sa files bukeng. Nomoro ea 0 e tima tekanyo ea bophelo bohle.
Linomoro tsa SNMP tsa Store Interface Sheba ho boloka index ea SNMP ea sebopeho sa ho kenya / se hlahisoang (% in, %out) ho phaella ho sete e tloaelehileng ea tlhahisoleseding, sheba ka tlase.
Boloka Aterese ea Next Hop ea IP Sheba ho boloka aterese ea IP ea sephethephethe se latelang sa sephethephethe (%nh).
Aterese ea IP e Romellang Sheba ho boloka aterese ea IP ea router e romelang kantle (%ra).
Lebenkele la ID ea Enjine ea ho Romela kantle Sheba ho boloka ID ea Enjine ea router e romelloang kantle (%eng).
Nako ea Kamohelo ea Phallo ea Boloka Sheba nako ea ho bolokaamp ha lintlha tsa phallo li amoheloa (%tr).

Lethathamo la 1: Tlhaloso ea lintho tsa tlhophiso

Boitsebiso

dilaesense E akaretsa laesense ya Open-Source Software (OSS) e sebelisoang ke mojule onaADVANTECH-Router-App-NetFlow-Pfix-FIG-8

Litaelo tsa Tšebeliso

Lintlha tsa NetFlow ha lia lokela ho romelloa ka WAN, ntle le haeba VPN e sebelisoa. Lintlha ha lia ngoloa ka tlhaho kapa ha li hlaka, kahoo motho ea sa lumelloeng a ka li thibela le ho li thibela. view boitsebiso.

Boitsebiso bo Bokelitsoeng

Lintlha tse latelang tse tloaelehileng li lula li romelloa ke probe le ho bolokoa ke 'mokelli:

  • Nakoamp ha sephethephethe se qala ho bonoa (%ts) le ho qetela ho bonoa (%te), ho sebelisoa oache ea probe
  • Palo ea li-byte (%byt) le lipakete (%pkt)
  • Protocol e sebelisitsoeng (%pr)
  • TOS (%tos)
  • Lifolakha tsa TCP (%flg)
  • Mohloli oa aterese ea IP (%sa, %sap) le boema-kepe (%sp)
  • Aterese ea IP (%da, %dap) le port (%dp)
  • Mofuta oa ICMP (%it)

Tse latelang le tsona li rometsoe, empa li bolokiloe feela ka kopo (sheba config ka holimo):

  • Lenane la SNMP la sebopeho sa ho kenya / sephetho (%in,% out)
  • Aterese ea IP ea sephethephethe se tlang (%nh)
  • Aterese ea IP (%ra) le Engine ID (%eng) ea router e romelang kantle (probe)
  • Nakoamp ha lintlha tsa phallo li amoheloa (%tr), ho sebelisoa oache ea mokelli
  • Boleng ba masakaneng (%xx) bo bontša sebopeho se tla sebelisoa le nfdump ho bontša boleng bona (sheba khaolo e latelang).

Ho Khutlisa Boitsebiso bo Bolokiloeng

  • Lintlha li bolokiloe ho /tmp/netflow/nfcapd.yyyymmddHHMM, moo yyyymmddHHMM e leng nako ea pōpo. Lenane le boetse le kenyelletsa .nfstat file, e sebelisetsoang ho shebella nako ea ho fela.
  • Se ke oa fetola sena file. Ho hlophisa ho felloa ke nako sebelisa admin GUI.
  • The files e ka baloa ho sebelisoa taelo ea nfdump. nfdump [likgetho] [filthara]

Hlahisa lipakete tsa UDP tse rometsoeng ke 192.168.88.100:

  • nfdump -r nfcapd.202006011625 'proto udp le src ip 192.168.88.100'
    • Hlahisa phallo kaofela lipakeng tsa 16:25 le 17:25, 'me u kopanye metsamao ea mahlakore a mabeli (-B):
  • nfdump -R /tmp/netflow/nfcapd.202006011625:nfcapd.202006011725 -B
    • Bontša Mofuta oa Enjine/ID, aterese ea mohloli+boema-kepe le aterese ea moo u eang teng+por bakeng sa phallo eohle:
  • nfdump -r /tmp/netflow/nfcapd.202006011625 -o “fmt:%eng %sap %dap”

Tšebelisano ea ID ea Enjine

  • Netflow v5 e hlalosa li-identifiers tse peli tsa 8-bit: Mofuta oa Enjine le ID ea Enjine. Probe on Advantech routers e romella feela Engine ID (0..255). Mofuta oa Enjine o tla lula o le zero (0). Kahoo, phallo e rometsoeng ka Engine ID = 513 (0x201) e tla amoheloa e le Mofuta oa Enjene/ID = 0/1.ADVANTECH-Router-App-NetFlow-Pfix-FIG-9
  • Netflow v9 e hlalosa sekhetho se le seng sa 32-bit. Probe on Advantech routers e ka romela nomoro efe kapa efe ea 32-bit, joang bahlahisi ba bang (mohlala Cisco) ba arola sekhetho ka li-byte tse peli tse bolokiloeng, tse lateloang ke Mofuta oa Enjine le ID ea Enjine. Moamoheli o latela mokhoa o tšoanang.
  • Kahoo, phallo e rometsoeng ka Engine ID = 513 (0x201) e tla amoheloa e le Mofuta oa Enjene/ID = 2/1.ADVANTECH-Router-App-NetFlow-Pfix-FIG-10
  • IPFIX e hlalosa sekhetho se le seng sa 32-bit. Probe on Advantech routers e ka romella nomoro efe kapa efe ea 32-bit, empa mokelli oa lehae ha a e-so boloke boleng bona. Kahoo phallo efe kapa efe e tla amoheloa joalo ka Mofuta oa Enjine/ID = 0/0.ADVANTECH-Router-App-NetFlow-Pfix-FIG-11
  • Keletso: Haeba u batla ho boloka ID ea Enjine ho mokelli oa lehae, sheba ID ea Enjene ea Exporting Store ho tlhophiso, sebelisa Engine ID <256 'me u qobe ho sebelisa protocol ea IPFIX.
  • Nako ea Sephethephethe
  • The probe e romela thepa eohle e phallang, ke hore, lipakete tsohle tse kopane. Haeba ho sa hlokomeloe lipakete ka nako e itseng (Inactive Traffic Timeout), phallo e nkoa e le e feletseng 'me probe e romela tlhahisoleseding ea sephethephethe ho 'mokelli.
  • Tlhahisoleseding e mabapi le a file phetiso e tla hlaha ka hona ho mokelli hang ha phetisetso e phethiloe, e ka nkang nako e ngata. Haeba phetisetso e sebetsa nako e telele haholo (Active Traffic Timeout) e tla hlaha e le phallo e khuts'oane e mengata.
  • Bakeng sa mohlalaampLe, ka metsotso e 30 ea nako ea sephethephethe e sebetsang, puisano ea metsotso ea 45 e tla bontša e le phallo e 'meli: metsotso e le' ngoe ea 30 le metsotso e le 'ngoe ea 15.

Nako ea Sephethephethe

  • The probe e romela thepa eohle e phallang, ke hore, lipakete tsohle tse kopane. Haeba ho sa hlokomeloe lipakete ka nako e itseng (Inactive Traffic Timeout), phallo e nkoa e le e feletseng 'me probe e romela tlhahisoleseding ea sephethephethe ho 'mokelli.
  • Tlhahisoleseding e mabapi le a file phetiso e tla hlaha ka hona ho mokelli hang ha phetisetso e phethiloe, e ka nkang nako e ngata. Haeba phetisetso e sebetsa nako e telele haholo (Active Traffic Timeout) e tla hlaha e le phallo e khuts'oane e mengata. Bakeng sa mohlalaampLe, ka metsotso e 30 ea nako ea sephethephethe e sebetsang, puisano ea metsotso ea 45 e tla bontša e le phallo e 'meli: metsotso e le' ngoe ea 30 le metsotso e le 'ngoe ea 15.ADVANTECH-Router-App-NetFlow-Pfix-FIG-12

Litokomane Tse Amanang

  • U ka fumana litokomane tse amanang le sehlahisoa ho Engineering Portal atereseng ea icr.advantech.cz.
  • Ho fumana Tataiso ea ho Qala ka Potlako ea router ea hau, Buka ea Mosebelisi, Buka ea Tlhophiso, kapa Firmware e ea leqepheng la Meetso ea Router, fumana mofuta o hlokahalang, 'me u fetohele ho "Manuals" kapa "Firmware tab" ka ho latellana.
  • Liphutheloana tsa ho kenya Lisebelisoa tsa Router le libuka li fumaneha leqepheng la Lisebelisoa tsa Router.
  • Bakeng sa Litokomane tsa Nts'etsopele, e-ea leqepheng la DevZone.

Litokomane / Lisebelisoa

ADVANTECH Router App Net Flow Pfix [pdf] Bukana ea Mosebelisi
Router App Net Flow Pfix, App Net Flow Pfix, Net Flow Pfix, Flow Pfix, Pfix

Litšupiso

Related Posts

Tlohela maikutlo

Aterese ea hau ea lengolo-tsoibila e ke ke ea phatlalatsoa. Libaka tse hlokahalang li tšoailoe *