Address | Fluke Recording Equipment instruction

User’s Guide – version 3.1.3

NetFlow Tracker

Using sflowtool to Convert sFlow Records to NetFlow

NetFlow Tracker does not directly support devices which export sFlow records; however, the developer of sFlow provides a tool to convert sFlow records to NetFlow records, available at http://www.inmon.com/technology/sflowTools.php. This is a simple command-line utility which can be run as a daemon on Unix or a service on Windows by using one of the many free service installers available. The required command line options are:

-p <port>

This sets the incoming port number; the device should be configured to send sFlow records to this port on the address of the server running sflowtool.

-c <address>

This sets the address of the NetFlow Tracker server.

-d <port>

This sets the port on the NetFlow Tracker server that NetFlow records are sent to; this must be one of the ports configured in the Listener Ports settings page (2055 is monitored by default).

-S

This asks the tool to create NetFlow packets with the same source address as the incoming sFlow records, thus tricking NetFlow Tracker into believing that the NetFlow packets came directly from the device. Note that the tool will need to be run as root on Unix systems or as an administrator on Windows for this to work. If you use a service installer on Windows to run the tool it will be run under the built-in system account which is similar to an administrator account.

Note that support for this feature depends upon how the tool was compiled from source code and on operating system support – Windows XP does not support IP address spoofing, for example, and as a result recent Windows versions of the tool do not offer the feature on any version of Windows.

-e

This includes the peer AS numbers in the generated NetFlow records rather than the default origin AS numbers.

81

Image 81

Fluke Recording Equipment manual Using sflowtool to Convert sFlow Records to NetFlow, Address

Contents

NetFlow Tracker Grant of Licence and Payment of Fees Software License Agreement Copyright Customer Remedies Confidential Information and Security User’s Guide version NetFlow Tracker Definitions Support Charges Support ServicesUndertakings by You Supplier’s Undertakings Limitation of Liability and indemnity Intellectual Property RightsTermination Miscellaneous Confidential Information and Security Exceptions to Support Services Support HoursResponse Times Contents LONG-TERM Reports Appendix 2 CSV File Format What is NetFlow Tracker? What is NetFlow?Features and Benefits Introduction User’s Guide version NetFlow Tracker Pre-installation Checks InstallationMinimum System Requirements Operating System Support Installation on Microsoft Windows Installation on Solaris and Linux Post-installation Tasks Set up web front-end security Set up Snmp community stringsConfigure your routers and switches Add listener ports Using NetFlow Tracker Interfaces Device traffic meters Changing the displayed chart Working with ChartsChart legend Per-AS data View a standard chart as a tabular report View a standard chart as a pie chartZooming Zooming out Working with Pie Charts Working with Tabular Reports User’s Guide version NetFlow Tracker Report Templates Address ReportsSession Reports QoS Reports Network ReportsInterface Reports Traffic Identification Reports Creating Filtered ReportsOther Reports Report Template Source Data Sample SizeStart Time End Time In/Out Interface Out InterfaceVPN Out VPN Identified Application Recognised ApplicationToS DiffServ Source/Destination Subnet Destination SubnetSource Mask Destination Mask Devices and Interfaces Long-term ReportsPer-device and Per-interface Long-term Reports Filter Editor User’s Guide version NetFlow Tracker Executive Reports Report URL Format General FormReport Format Parameters 0023 Chart0024 0025 True NumberFalse Heading Sections Features128 256 Time Range Parameters Day HourWeek Mon Calendar-based advanced HHmm Applying a time-of-day mask to the time rangeDay1-day2/time1-time2 105 110100 113 120 115140 125 300 285Minute Daily Filter Parameters Name Port/namePort/number Prec TosPrec%20tos Code ByteAddr/mask Password PasswordSecurity Parameters Management Portal Access Control Parameters SecretNull Aclid specifies a permitted long-term report Features Database Server Settings Performance TuningDisk Speed Query Size Snmp Settings Configuration GuideLicensing Listener Ports Device Settings Device SettingsDevice List Archiving Traffic ClassesIdentified Applications Security Settings VPNsDeleting a Device Management Portal Settings Report Settings Saved Filters Long-term ReportsExecutive Reports Span class=repdesctextTest/span Nelements=5 and chartWidth=400 ContentSub-reports User’s Guide version NetFlow Tracker Hostname Resolution Settings IP Application NamesDiffServ Names Database Settings AS NamesSubnet Names User’s Guide version NetFlow Tracker Archiving Backup Performance Counters Memory Settings Interface Scans Unprocessed FlowsetsMissed Flows Missed Exports Enabling Netflow Export on an IOS Device Appendix 1 Device ConfigurationIp cef Ip flow-export destination address Ip flow-cache timeout inactive Ip flow-cache timeout activeShow ip flow export Show ip cache flow Show ip cache verbose flow Mls netflow Ip route-cache flow infer-fieldsMls nde sender version Mls aging long User’s Guide version NetFlow Tracker Set mls nde enable Set mls bridged-flow-statistics enable vlanlistSet system name name Set mls nde address Enabling Flow Detail Records on a Packeteer Device Flow-sampler-map allflows mode random one-out-of 1 exit Enabling NetFlow on an Enterasys Device Address Using sflowtool to Convert sFlow Records to NetFlow Chart CSV format Appendix 2 CSV File FormatTabular report CSV format Appendix 3 Third Party Software Components