diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-03-01 19:09:12 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2022-03-01 19:10:15 +0100 |
| commit | 42c011224e5aef3c27f9de6b5a74e594a404131e (patch) | |
| tree | d80f1be872db781b18992851fe842a9b488fb4de /data/templates/pmacct | |
| parent | 258737a06509f2ff3be8bf21a8ce313ddc2ee191 (diff) | |
| download | vyos-1x-42c011224e5aef3c27f9de6b5a74e594a404131e.tar.gz vyos-1x-42c011224e5aef3c27f9de6b5a74e594a404131e.zip | |
flow-accounting: T4277: support sending flow-data via VRF interface
It should be possible to send the gathered data via a VRF bound interface to
the collector. This is somehow related to T3981 but it's the opposite side of
the netflow process.
set system flow-accounting vrf <name>
Diffstat (limited to 'data/templates/pmacct')
| -rw-r--r-- | data/templates/pmacct/override.conf.tmpl | 17 | ||||
| -rw-r--r-- | data/templates/pmacct/uacctd.conf.tmpl | 74 |
2 files changed, 91 insertions, 0 deletions
diff --git a/data/templates/pmacct/override.conf.tmpl b/data/templates/pmacct/override.conf.tmpl new file mode 100644 index 000000000..216927666 --- /dev/null +++ b/data/templates/pmacct/override.conf.tmpl @@ -0,0 +1,17 @@ +{% set vrf_command = 'ip vrf exec ' + vrf + ' ' if vrf is defined else '' %} +[Unit] +After= +After=vyos-router.service +ConditionPathExists= +ConditionPathExists=/run/pmacct/uacctd.conf + +[Service] +EnvironmentFile= +ExecStart= +ExecStart={{vrf_command}}/usr/sbin/uacctd -f /run/pmacct/uacctd.conf +WorkingDirectory= +WorkingDirectory=/run/pmacct +PIDFile= +PIDFile=/run/pmacct/uacctd.pid +Restart=always +RestartSec=10 diff --git a/data/templates/pmacct/uacctd.conf.tmpl b/data/templates/pmacct/uacctd.conf.tmpl new file mode 100644 index 000000000..b58f7c796 --- /dev/null +++ b/data/templates/pmacct/uacctd.conf.tmpl @@ -0,0 +1,74 @@ +# Genereated from VyOS configuration +daemonize: true +promisc: false +pidfile: /run/pmacct/uacctd.pid +uacctd_group: 2 +uacctd_nl_size: 2097152 +snaplen: {{ packet_length }} +aggregate: in_iface{{ ',out_iface' if enable_egress is defined }},src_mac,dst_mac,vlan,src_host,dst_host,src_port,dst_port,proto,tos,flows +{% set pipe_size = buffer_size | int *1024 *1024 %} +plugin_pipe_size: {{ pipe_size }} +{# We need an integer division (//) without any remainder or fraction #} +plugin_buffer_size: {{ pipe_size // 1000 }} +{% if syslog_facility is defined and syslog_facility is not none %} +syslog: {{ syslog_facility }} +{% endif %} +{% if disable_imt is not defined %} +imt_path: /tmp/uacctd.pipe +imt_mem_pools_number: 169 +{% endif %} + +{% set plugin = [] %} +{% if netflow is defined and netflow.server is defined and netflow.server is not none %} +{% for server in netflow.server %} +{% set _ = plugin.append('nfprobe[nf_' ~ server ~ ']') %} +{% endfor %} +{% endif %} +{% if sflow is defined and sflow.server is defined and sflow.server is not none %} +{% for server in sflow.server %} +{% set _ = plugin.append('sfprobe[sf_' ~ server ~ ']') %} +{% endfor %} +{% endif %} +{% if disable_imt is not defined %} +{% set _ = plugin.append('memory') %} +{% endif %} +plugins: {{ plugin | join(',') }} + +{% if netflow is defined and netflow.server is defined and netflow.server is not none %} +# NetFlow servers +{% for server, server_config in netflow.server.items() %} +nfprobe_receiver[nf_{{ server }}]: {{ server }}:{{ server_config.port }} +nfprobe_version[nf_{{ server }}]: {{ netflow.version }} +{% if netflow.engine_id is defined and netflow.engine_id is not none %} +nfprobe_engine[nf_{{ server }}]: {{ netflow.engine_id }} +{% endif %} +{% if netflow.max_flows is defined and netflow.max_flows is not none %} +nfprobe_maxflows[nf_{{ server }}]: {{ netflow.max_flows }} +{% endif %} +{% if netflow.sampling_rate is defined and netflow.sampling_rate is not none %} +sampling_rate[nf_{{ server }}]: {{ netflow.sampling_rate }} +{% endif %} +{% if netflow.source_address is defined and netflow.source_address is not none %} +nfprobe_source_ip[nf_{{ server }}]: {{ netflow.source_address }} +{% endif %} +{% if netflow.timeout is defined and netflow.timeout is not none %} +nfprobe_timeouts[nf_{{ server }}]: expint={{ netflow.timeout.expiry_interval }}:general={{ netflow.timeout.flow_generic }}:icmp={{ netflow.timeout.icmp }}:maxlife={{ netflow.timeout.max_active_life }}:tcp.fin={{ netflow.timeout.tcp_fin }}:tcp={{ netflow.timeout.tcp_generic }}:tcp.rst={{ netflow.timeout.tcp_rst }}:udp={{ netflow.timeout.udp }} +{% endif %} + +{% endfor %} +{% endif %} + +{% if sflow is defined and sflow.server is defined and sflow.server is not none %} +# sFlow servers +{% for server, server_config in sflow.server.items() %} +sfprobe_receiver[sf_{{ server }}]: {{ server }}:{{ server_config.port }} +sfprobe_agentip[sf_{{ server }}]: {{ sflow.agent_address }} +{% if sflow.sampling_rate is defined and sflow.sampling_rate is not none %} +sampling_rate[sf_{{ server }}]: {{ sflow.sampling_rate }} +{% endif %} +{% if sflow.source_address is defined and sflow.source_address is not none %} +sfprobe_source_ip[sf_{{ server }}]: {{ sflow.source_address }} +{% endif %} + +{% endfor %} +{% endif %} |