arts+ utilities.

From: Patrick Mc Dermott (pmcdermott@wrdp.com)
Date: Wed Aug 08 2001 - 08:17:21 PDT

Next message: Chee Chew: "Re: arts file not updated"

Previous message: Patrick Mc Dermott: "(no subject)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi ,

I'm fairly new to cflowd etc but has anyone seen this before ? Basically the
"artsases" utility doesn't seem to polulate the "Pkts & Bytes" fields,
whereas the artsnets does - see below..

I downloaded and compiled arts++-1-1-a8 & cflowd-2-1-b1 without any issues..
I'm running it on "Red Hat 7.0 - 2.2.16-22enterprise" . The flowdump
utility shows that the raw flow files have the "bytes and pkts" fields. The
flow data is coming from Juniper routers, and Juniper themselves say that it
works perfectly with Free-BSD.

Any thoughts/ideas ?

Thanks,
Patrick Mc Dermott

artsases
---------
router: x.x.x.x
ifIndex: 21 (so-0/0/0.0 x.x.x.x)
period: 08/01/2001 13:58:36 - 08/02/2001 09:56:15 GMT
  Src AS Dst AS Pkts Pkts/sec Bytes Bits/sec
  ------ ------ ------------- ------------- ------------- -------------
    7046 15612 1700.00236574 10947112.1873
     702 15612 940.00130812 109101.2146
    5462 15612 240.000333987 70170.781197
   15612 15612 320.000445317 58190.647824
    2110 15612 170.000236574 28480.317065
    4766 15612 22.78323e-05 960.0106876
    1659 15612 11.39161e-05 480.0053438

artsnets
---------
router: x.x.x.x
ifIndex: 21 (so-0/0/0.0 x.x.x.x)
period: 08/01/2001 13:58:36 - 08/02/2001 09:56:15 GMT
         Src Network Dst Network Pkts Bytes
  ------------------ ------------------ ------------- -------------
    192.165.219.0/24 212.147.134.64/26 170 109471
        62.30.0.0/15 212.147.131.192/28 24 7017
      62.176.32.0/19 212.147.132.192/26 54 6455
    212.147.128.3/32 212.147.130.2/32 18 4920
       62.190.0.0/16 212.147.131.192/28 21 2878
      193.120.0.0/16 212.147.132.128/26 17 2848

flowdump
---------
FLOW
   index: 0xc7ffff
   router: x.x.x.x
   src IP: 192.165.219.4
   dst IP: 212.147.134.100
   input ifIndex: 21
   output ifIndex: 25
   src port: 80
   dst port: 37357
   pkts: 1
   bytes: 44
   IP nexthop: 212.147.132.34
   start time: Wed Aug 1 09:42:49 2001
   end time: Wed Aug 1 09:42:49 2001
   protocol: 6
   tos: 0
   src AS: 7046
   dst AS: 15612
   src masklen: 24
   dst masklen: 26
   TCP flags: 0x12
   engine type: 4
   engine id: 0

--
cflowd mailing list
cflowd@caida.org

Next message: Chee Chew: "Re: arts file not updated"
Previous message: Patrick Mc Dermott: "(no subject)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Aug 08 2001 - 08:37:05 PDT