Fluke Recording Equipment IP Application Names, DiffServ Names, Hostname Resolution Settings

Page 68

User’s Guide – version 3.1.3

NetFlow Tracker

IP Application Names

NetFlow Tracker receives application information in the form of a protocol number and port number. These correspond directly to specific network applications. Many are predefined (well-known ports) while others (registered ports) are defined by the software manufacturer. NetFlow Tracker comes configured with the well-known ports as well as many others. You can edit this list yourself with this page. By default, ports below 1024 are not shown on this page as they normally don’t need to be changed but, if required, these can be shown by clicking (more…) in the title of the Port column. A comprehensive list of all the well-known and registered ports is available at http://www.iana.org/assignments/port-numbers.

If an application uses multiple ports or a range of ports you can define it as a grouped application. Grouped applications appear as one entry in the application reports, regardless of context. You may find that a saved filter is more useful as a means of defining, for example, the traffic relating to a networked application running on a cluster of servers.

To define a grouped application you must first give it a unique identifier and a name; you can then add application ports and ranges of ports to it.

DiffServ Names

NetFlow Tracker can filter and report by differentiated service code point; you can assign names to each of the 64 code points here. The standard code point names are already configured.

Hostname Resolution Settings

This page lets you configure aspects of the resolution of hostnames for addresses encountered on reports. These are cached to increase reporting speed and reduce the amount of network traffic generated by the NetFlow Tracker when generating a report. You can change how long a resolved hostname is cached for, the default being 30 minutes, and how long a failure to resolve a hostname for a given address is remembered, the default being 10 seconds. You can also control the size of the cache and the number of threads used to resolve hostnames. If you find that hostname resolution is not working, click “Defaults” to put the settings back to useful default values. Click “Ok” to accept your changes or “Cancel” to abort.

Should you wish to clear the cache of resolved hostnames, disable resolution by clearing “Enable hostname resolution” and clicking “Ok”, then go back into the configuration page and enable resolution again by checking “Enable hostname resolution” and clicking “Ok”.

68

Page 67 Page 69
Image 68
Page 67 Page 69
Contents NetFlow Tracker Software License Agreement Grant of Licence and Payment of FeesCopyright Customer Remedies Confidential Information and Security User’s Guide version NetFlow Tracker Definitions Support Services Support ChargesUndertakings by You Supplier’s UndertakingsTermination Limitation of Liability and indemnityIntellectual Property Rights Confidential Information and Security MiscellaneousResponse Times Exceptions to Support ServicesSupport Hours Contents LONG-TERM Reports Appendix 2 CSV File Format What is NetFlow? What is NetFlow Tracker?Features and Benefits IntroductionUser’s Guide version NetFlow Tracker Installation Pre-installation ChecksMinimum System Requirements Operating System SupportInstallation on Microsoft Windows Installation on Solaris and Linux Post-installation Tasks Set up Snmp community strings Set up web front-end securityConfigure your routers and switches Add listener portsUsing NetFlow Tracker Device traffic meters InterfacesWorking with Charts Changing the displayed chartChart legend Per-AS dataView a standard chart as a pie chart View a standard chart as a tabular reportZooming Zooming outWorking with Pie Charts Working with Tabular Reports User’s Guide version NetFlow Tracker Session Reports Report TemplatesAddress Reports Interface Reports QoS ReportsNetwork Reports Creating Filtered Reports Traffic Identification ReportsOther Reports Report TemplateSample Size Source DataStart Time End TimeOut Interface In/Out InterfaceVPN Out VPNRecognised Application Identified ApplicationToS DiffServDestination Subnet Source/Destination SubnetSource Mask Destination MaskLong-term Reports Devices and InterfacesPer-device and Per-interface Long-term Reports Filter EditorUser’s Guide version NetFlow Tracker Executive Reports Report Format Parameters Report URL FormatGeneral Form Chart 00230024 0025Number TrueFalse HeadingFeatures Sections128 256Time Range Parameters Hour DayWeek MonCalendar-based advanced Day1-day2/time1-time2 HHmmApplying a time-of-day mask to the time range 110 105100 113115 120140 125285 300Minute DailyFilter Parameters Port/number NamePort/name Prec%20tos PrecTos Addr/mask CodeByte Security Parameters PasswordPassword Null Management Portal Access Control ParametersSecret Aclid specifies a permitted long-term report Features Performance Tuning Database Server SettingsDisk Speed Query SizeConfiguration Guide Snmp SettingsLicensing Listener PortsDevice List Device SettingsDevice Settings Identified Applications ArchivingTraffic Classes Deleting a Device Security SettingsVPNs Management Portal Settings Report Settings Executive Reports Saved FiltersLong-term Reports Span class=repdesctextTest/span Sub-reports Nelements=5 and chartWidth=400Content User’s Guide version NetFlow Tracker DiffServ Names Hostname Resolution SettingsIP Application Names Subnet Names Database SettingsAS Names User’s Guide version NetFlow Tracker Backup ArchivingMemory Settings Performance CountersUnprocessed Flowsets Interface ScansMissed Flows Missed ExportsAppendix 1 Device Configuration Enabling Netflow Export on an IOS DeviceIp cef Ip flow-export destination addressIp flow-cache timeout active Ip flow-cache timeout inactiveShow ip flow export Show ip cache flow Show ip cache verbose flowIp route-cache flow infer-fields Mls netflowMls nde sender version Mls aging longUser’s Guide version NetFlow Tracker Set mls bridged-flow-statistics enable vlanlist Set mls nde enableSet system name name Set mls nde addressFlow-sampler-map allflows mode random one-out-of 1 exit Enabling Flow Detail Records on a Packeteer DeviceEnabling NetFlow on an Enterasys Device Using sflowtool to Convert sFlow Records to NetFlow AddressTabular report CSV format Chart CSV formatAppendix 2 CSV File Format Appendix 3 Third Party Software Components
Top Page Image Contents