Reply
Member
Posts: 169
Registered: ‎10-05-2015
Kudos: 66
Solutions: 1

Netflow Commands for UCRM and UNMS

Netflow had been working on UCRM until I added a second server, UNMS, to the config.

 

UCRM auto config:

set system flow-accounting disable-memory-table
set system flow-accounting ingress-capture post-dnat
set system flow-accounting interface eth3
set system flow-accounting interface eth2
set system flow-accounting interface switch0.30
set system flow-accounting interface eth4
set system flow-accounting interface eth0.3000
set system flow-accounting interface switch0.254
set system flow-accounting interface eth0
set system flow-accounting interface eth1
set system flow-accounting interface switch0.50
set system flow-accounting interface eth0.1000
set system flow-accounting interface switch0
set system flow-accounting netflow enable-egress
set system flow-accounting netflow server UCRM-SERVER-IP port 2055
set system flow-accounting netflow timeout expiry-interval 60
set system flow-accounting netflow timeout flow-generic 60
set system flow-accounting netflow timeout icmp 60
set system flow-accounting netflow timeout max-active-life 60
set system flow-accounting netflow timeout tcp-fin 10
set system flow-accounting netflow timeout tcp-generic 60
set system flow-accounting netflow timeout tcp-rst 10
set system flow-accounting netflow timeout udp 60
set system flow-accounting netflow version 9
set system flow-accounting syslog-facility daemon

 

UNMS suggested config:

set system flow-accounting interface eth0
set system flow-accounting ingress-capture post-dnat
set system flow-accounting disable-memory-table
set system flow-accounting netflow server UNMS-SERVER-IP port 2055
set system flow-accounting netflow version 9
set system flow-accounting netflow engine-id 0
set system flow-accounting netflow enable-egress engine-id 1
set system flow-accounting netflow timeout expiry-interval 60
set system flow-accounting netflow timeout flow-generic 60
set system flow-accounting netflow timeout icmp 60
set system flow-accounting netflow timeout max-active-life 60
set system flow-accounting netflow timeout tcp-fin 10
set system flow-accounting netflow timeout tcp-generic 60
set system flow-accounting netflow timeout tcp-rst 10
set system flow-accounting netflow timeout udp 60

 

These two lines are not issued from UCRM auto config, but are suggested in the UNMS config:

 

set system flow-accounting netflow enable-egress engine-id 1
set system flow-accounting netflow engine-id 0

 

Can anyone explain what I need to do to get this working for both UCRM and UNMS?

Highlighted
Ubiquiti Employee
Posts: 3,740
Registered: ‎12-10-2015
Kudos: 1330
Solutions: 292

Re: Netflow Commands for UCRM and UNMS

@Brailyn use the UNMS config (there is an issue in that UCRM's guide and this is already removed in the latest UCRM version)

+ if you need to send the netflow data to 2 consumers (UCRM and UNMS servers) you need to add two commands to set two destinations for the netflow packet, for example:

 

 

...
set system flow-accounting netflow server 192.168.1.1 port 2055 set system flow-accounting netflow server 192.168.1.2 port 2055
...

... just make sure you are using proper IPs and ports. (of course, it can be also under one IP, distinguished by port numbers, e.g. 2055 and 2056, but make sure you configured ucrm/unms properly to listen on these ports)

 

Reply