Re: [Nfdump-discuss] Not showing traffic from one of the network devices

[allen c. <all...@gm...>]

Forgot to add that /var/log/messages is also showing no data for CDR-01A
Sep  6 20:05:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:10:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:15:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:20:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:25:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:30:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:35:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:40:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:45:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:50:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 20:55:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:00:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:05:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:10:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:15:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:20:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:25:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:30:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:35:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:40:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:45:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0
Sep  6 21:50:00 netflow001 nfcapd[1606]: Ident: 'CDR-01A' Flows: 0,
Packets: 0, Bytes: 0, Sequence Errors: 0, Bad Packets: 0


On Fri, Sep 6, 2013 at 9:19 PM, allen chan <all...@gm...>wrote:

> I have two network devices sending netflow traffic to nfdump.
> One is working perfectly but the other does not show any data in the UI.
>
> I confirmed with tcpdump that the netflow data is received by the nfdump
> server.
> Here is a dropbox link with the tcpdump pcap
> https://dl.dropboxusercontent.com/u/35808861/netflow.pcap.tar.gz
>
> Here is some data in case i misconfigured:
>
> from nfsen.conf
>
> %sources = (
>
>     'CBR-01A'       => { 'port' => '9997', 'IP' => '10.12.255.2', 'col' =>
> '#ff0000', 'type' => 'netflow' },
>
>     'CDR-01A'       => { 'port' => '9997', 'IP' => '10.12.255.3', 'col' =>
> '#0000ff', 'type' => 'netflow' },
>
> );
>
>
> from ps -ef | grep nf
>
> netflow   1606     1  0 Aug13 ?        00:12:27 /opt/netflow/bin/nfcapd -w
> -D -p 9997 -u netflow -g apache -B 200000 -S 1 -P
> /opt/netflow/data/nfsen/var/run/p9997.pid -z -n CBR-01A 10.12.255.2
> /opt/netflow/data/nfsen/profiles-data/live/CBR-01A -n CDR-01A 10.12.255.3
> /opt/netflow/data/nfsen/profiles-data/live/CDR-01A
>
> netflow   1609     1  0 Aug13 ?        00:51:19 /usr/bin/perl -w
> /opt/netflow/data/nfsen/bin/nfsend
>
> netflow   1610  1609  0 Aug13 ?        00:00:39
> /opt/netflow/data/nfsen/bin/nfsend-comm
>
> Please let me know what other information i can provide.
> --
> Allen Michael Chan
>



-- 
Allen Michael Chan