|
1 | 1 | ipt_NETFLOW linux 2.6.x-3.x kernel module by < [email protected]> -- 2008-2014. |
2 | 2 |
|
3 | 3 | High performance NetFlow v5, v9, IPFIX flow data export module for Linux |
4 | | - kernel. Supporting IPv4 and IPv6. Created to be useful for highly loaded |
5 | | - linux router. It should be used as iptables target. Also can export NAT |
6 | | - translation events using NetFlow Event Logging (NEL) for v9, IPFIX, or |
7 | | - specially crafted v5 pseudo-flows. Additional options is SNMP-index |
8 | | - translation rules, aggregation rules, ethernet type, VLAN, and MAC |
9 | | - addresses exporting, flow sampling. |
| 4 | + kernel. Created to be useful for highly loaded linux router. It should be |
| 5 | + used as iptables target. |
| 6 | + |
| 7 | + |
| 8 | +========================= |
| 9 | += Detailed Feature List = |
| 10 | +========================= |
| 11 | + |
| 12 | + * High performance and scalability. For highest performance module could be |
| 13 | + run without conntrack being enabled in kernel. Reported to be able to |
| 14 | + handle up to 10Gbit traffic with more than 1M pps. |
| 15 | + |
| 16 | + * NetFlow v5, v9, and IPFIX are fully supported. |
| 17 | + |
| 18 | + Support of v9/IPFIX is adding flexibility to exporting of flow data |
| 19 | + plus greater visibility of traffic, letting export many additional fields |
| 20 | + besides what was possible in v5 era. Such as |
| 21 | + |
| 22 | + * IPv6 option headers, IPv4 options, TCP options, ethernet type, dot1q |
| 23 | + service and customer VLAN ids, MAC addresses, and |
| 24 | + |
| 25 | + * Full IPv6 support, |
| 26 | + |
| 27 | + * NAT translations events (from conntrack) using NetFlow Event Logging (NEL). |
| 28 | + This is standardized way for v9/IPFIXr, but module export such events even |
| 29 | + for v5 collectors via specially crafted pseudo-records. |
| 30 | + |
| 31 | + * Deterministic (systematic count-based), random and hash Flow Sampling. |
| 32 | + With appropriate differences in support of v5, v9, and IPFIX. |
| 33 | + |
| 34 | + * Options Templates (v9/IPFIX) let export useful statistical, |
| 35 | + configurational, and informational records to collector. |
| 36 | + Such as metering, exporting, sampling stat and reliability stat, sampling |
| 37 | + configuration, network devices ifName, ifDescr list. |
| 38 | + |
| 39 | + * Tested to compile and work out of the box on Centos 5, 6, 7, and Debian. |
| 40 | + Many vanilla Linux kernels since 2.6.18 up to the latest (as of writing |
| 41 | + is 3.16) are supported and tested. |
| 42 | + |
| 43 | + * Module load time and run-time (via sysctl) configuration. |
| 44 | + |
| 45 | + * Flexibility in enabling features via ./configure script. This will let you |
| 46 | + disable features you don't need, which increase compatibility with custom |
| 47 | + kernels and performance. |
| 48 | + |
| 49 | + * SNMP-index translation rules, let convert meaningless and unstable |
| 50 | + interface indexes (ifIndex) to more meaningful numbering scheme. |
10 | 51 |
|
11 | 52 |
|
12 | 53 | ============================ |
|
0 commit comments