2 weeks ago - last edited 2 weeks ago
I have UCRM and UNMS running on the same docker host, and a MikroTik 3001 sending NetFlow data to both UNMS and UCRM.
UCRM was already configured to listen on port 2055 for NetFlow, so when UNMS was (re)installed, it asked about using 2056. After configuring the Mikrotik, neither system was reporting any NetFlow data as having been received.
tcpdump shows the packets are coming in just fine. I attached to the unms-netflow console and found that the scripts were "Listening for netflow packets on port 2055 (5 ms)", not 2056 as configured.
Further digging found that the scripts are looking for the environment variable UNMS_NETFLOW_PORT, but docker-compose.yml is only sending in NETFLOW_PORT. Changing it in docker-compose.yml to UNMS_NETFLOW_PORT and restarting it via unms-cli seems to have done the trick. (UNMS is now reporting NetFlow as ACTIVE.)
Now to figure out why UCRM doesn't see the NetFlow traffic...
a week ago - last edited a week ago
@sirbryan Hello Bryan. Wow, that is an impressive analysis, thank you very much for this report. We will fix this in 0.13.2 release. Once the NetFlow traffic for UNMS is correctly sent to the 2056 port, I believe UCRM should go back to normal and see the NetFlow data again. Maybe a server/router restart will be necessary though.