From: Nik Hinson (nik.hinson@assurance-dynamics.com)
Date: Fri Jul 12 2002 - 03:02:56 PDT
Yes I had this, there are several things to check.
It's best to start at the router(s). Check that the Cisco (I assume
you're using Cisco routers) thinks it's exporting flow data. Use
something like 'debug ip flow export'.
If that looks OK then make sure you are actually getting UDP packets sent
by the router, use 'debug ip packet detail' or similar. This turned out
to be my problem. I was using 12.1(5)T9 and I assume there's a bug. I
upgraded to 12.2(10) and it works fine.
If this is not your problem you can go on to check that the packets going
out are to the right IP and port number. Also check in your cflowd.conf
that you have all the addresses of the router listed.
Thats all I can think of at the moment.
Regards
Nik Hinson
Many thanks > Hi,
>
> I'm running patched cflowd version but ,
> cflowd creates empty timestamped flow files.
>
> Any suggestion how to fix it ?
_______________________________________________
Cflowd mailing list
Cflowd@caida.org
http://login.caida.org/mailman/listinfo/cflowd
This archive was generated by hypermail 2.1.4 : Fri Jul 12 2002 - 03:16:23 PDT