Configuring export in IPFIX (Netflow 10)

NetFlow control can be changed by next setting:

netflow_full_collector_type=1

0 - export in NetFlow5 format (default value).
1 - IPFIX export to a UDP collector.
2 - IPFIX export to a TCP collector.

The netflow_tos_format parameter defines the data format of the TOS field in IPFIX.

0 - default value.
3 - bit (priority only).
1 - 6-bit (full DSCP).

The following is an IPFIX (Netflow v10) export template for IPv4.

Export template for IPFIX format (Netflow v10)
№	Size	Type	IANA	Description	Note	Use in QoEStor
1	8	int64	0	OCTET_DELTA_COUNT	NetFlow v9 analogy IN_BYTES	Used
2	8	int64	0	PACKET_DELTA_COUNT	NetFlow v9 analogy IN_PKTS	Used
4	1	int8	0	PROTOCOL_IDENTIFIER	NetFlow v9 analogy PROTOCOL	Used
5	1	int8	0	IP_CLASS_OF_SERVICE	NetFlow v9 analogy TOS	Used
7	2	int16	0	SOURCE_TRANSPORT_PORT	NetFlow v9 analogy L4_SRC_PORT	Used
8	4	int32	0	SOURCE_IPV4_ADDRESS	NetFlow v9 analogy IPV4_SRC_ADDR	Used
11	2	int16	0	DESTINATION_TRANSPORT_PORT	NetFlow v9 analogy L4_DST_PORT	Used
12	4	int32	0	DESTINATION_IPV4_ADDRESS	NetFlow v9 analogy IPV4_DST_ADDR	Used
16	4	int32	0	BGP_SOURCE_AS_NUMBER	NetFlow v9 analogy SRC_AS	Used
17	4	int32	0	BGP_DESTINATION_AS_NUMBER	NetFlow v9 analogy DST_AS	Used
152	8	int64	0	FLOW_START_MILLISECOND		Used
153	8	int64	0	FLOW_END_MILLISECOND		Used
10	2	int16	0	INPUT_SNMP	NetFlow v9 analogy ingressInterface	Used
14	2	int16	0	OUTPUT_SNMP	NetFlow v9 analogy egressInterface	Used
60	1	int8	0	IP_VERSION	NetFlow v9 analogy IP_PROTOCOL_VERSION	Used
2000	8	int64	43823	SESSION_ID		Used
2001	-	string	43823	HTTP_HOST or CN_HTTPS		Used
2002	2	int16	43823	DPI_PROTOCOL		Used
2003	-	string	43823	LOGIN	Radius UserName	Used
225	4	int32	0	POST_NAT_SOURCE_IPV4_ADDRESS		Used
227	2	int16	0	POST_NAPT_SOURCE_TRANSPORT_PORT		Used
2010	2	int16	43823	FRGMT_DELTA_PACKS	Fragmented packets delta. Used in QoEStor.	Used
2011	2	int16	43823	REPEAT_DELTA_PACK	Retransmissions delta. Used in QoEStor.	Used
2012	4	int32	43823	PACKET_DELIVER_TIME	Latency (RTT/2), ms (RTT = Round Trip Time). Used in QoEStor.	Used
2016	2	int16	43823	BRIDGE_CHANNEL_NUM	Channel number (vchannel) or bridge. If vchannel is configured in the DPI configuration, then the channel number will be transmitted, otherwise the bridge number. Used in QoEStor.	Used
6	2	int16	0	TCP_FLAGS	TCP Control Bits	Used
58	2	int16	0	SRC_VLAN	Vlan ID	Used
59	2	int16	0	DST_VLAN	Post Vlan ID	Used
56	6	mac_address	0	SRC_MAC	Source MAC Address	Used
57	6	mac_address	0	DST_MAC	Destination MAC Address	Used
2017	-	raw	43823	MPLS Lables		Used
132	8	int64	0	DROPPED_BYTES	Dropped Octet Delta Count	Used
133	8	int64	0	DROPPED_PACKETS	Dropped Packet Delta Count	Used
2019	1	int8	43823	originalTOS	Original tos value from the IP header	Used

Below is an IPFIX export template for an IPv6 protocl for IPv6. The following fields are missing from this template: SOURCE_IPV4_ADDRESS, DESTINATION_IPV4_ADDRESSs, POST_NAT_SOURCE_IPV4_ADDRESS, POST_NAT_SOURCE_TRANSPORT_PORT, – and contains the following fields:

Export template for IPv6
№	Num of bytes	Data type	IANA	Description	Note
27	16	int128	0	SOURCE_IPV6_ADDRESS	NetFlow v9 analogy IPV6_SRC_ADDR
28	16	int128	0	DESTINATION_IPV6_ADDRESS	NetFlow v9 analogy IPV6_DST_ADDR

To collect, process and store IPFIX we suggest using the QoE Store statistics module and DPIUI2 graphical interface.

For extended information in IPFIX format can be used any universal IPFIX collector, for instance - CESNET ipfixcol or our utility IPFIX Receiver.

Show pagesource Old revisions Backlinks

Profile

Settings

Configuring export in IPFIX (Netflow 10)