troubleshooting Question
Do any network wizards out there know anything about netflow V9 templates?
asked on
I am writing a netflow collector in .net, which has lots of interesting challenges including reading the RFC!
However, I need a specific piece of information
Here is a link to a copy of the RFC:
https://www.ietf.org/rfc/r
From this I read this excerpt:
I cannot find any default expiry timeframe for a netflow Flowset Template.
It says it must be configurable at the exporter and the collector. When I set up a PRTG to collect netflow packets, there was not an option to specify the template expiry. I can't see any record in the RFC that the exported can use to tell the collector when to expire templates. PRTG works though.
Therefore there must be a reasonable default value for how long to keep an un-refreshed template before expiring it.
My question is, what is the default timeframe to expire a template - OR - how else can the collector learn this from the exporter? (someone manually configuring it is not the answer I want)
There must be some way in which netflow collectors work out of the box without the user specifying the template expiry. I need to do this.
However, I need a specific piece of information
Here is a link to a copy of the RFC:
https://www.ietf.org/rfc/r
From this I read this excerpt:
The life of a template at the Collector is limited to a fixed refresh
timeout. Templates not refreshed from the Exporter within the
timeout are expired at the Collector. The Collector MUST NOT attempt
to decode the Flow or Options Data Records with an expired Template.
I cannot find any default expiry timeframe for a netflow Flowset Template.
It says it must be configurable at the exporter and the collector. When I set up a PRTG to collect netflow packets, there was not an option to specify the template expiry. I can't see any record in the RFC that the exported can use to tell the collector when to expire templates. PRTG works though.
Therefore there must be a reasonable default value for how long to keep an un-refreshed template before expiring it.
My question is, what is the default timeframe to expire a template - OR - how else can the collector learn this from the exporter? (someone manually configuring it is not the answer I want)
There must be some way in which netflow collectors work out of the box without the user specifying the template expiry. I need to do this.
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.