Super cool. It would remain the one-liner you have got at the moment:
bgp_ip=1.1.1.1 ip=0.0.0.0/0
Keep me posted.
Paolo
On Sun, Oct 13, 2019 at 04:21:21PM -0400, Brooks Swinnerton wrote:
> I’m actually already doing option 1 : ), what would the map look like for
> that?
>
> On Sun, Oct 13, 2019 at 3:47 PM Paolo Lucente <pa...@pmacct.net> wrote:
>
> >
> > Hi Brooks,
> >
> > You are in an unsupported use-case, ie. same BGP Agent ID maped onto two
> > different entries. You can get out of it in three different ways: 1) my
> > top recommendation: travel both addrress families as part of the same BGP
> > session; 2) use two different BGP Agent ID for ipv4 and for ipv6; 3) use
> > session IP addesses (that is, not BGP Agent ID) for the mapping (although
> > in your case i am afaid this won't work since it's all taking place over
> > loopback interfaces). Let me know if any of this can work for you.
> >
> > Paolo
> >
> > On Sun, Oct 13, 2019 at 01:45:36PM -0400, Brooks Swinnerton wrote:
> > > Hello again!
> > >
> > > I'm using pmacct with Kafka to stream flows. This is paired with the BGP
> > > functionality to add the `src_as` and `dst_as`. This all works great for
> > > IPv4, but I'm struggling to figure out how to do this for IPv6 as well.
> > >
> > > Here is the current configuration:
> > >
> > > ```
> > > !
> > > ! pmacctd configuration example
> > > !
> > > ! Did you know CONFIG-KEYS contains the detailed list of all
> > configuration
> > > keys
> > > ! supported by 'nfacctd' and 'pmacctd' ?
> > > !
> > > ! debug: true
> > > daemonize: false
> > > pcap_interface: ens3
> > > pmacctd_as: bgp
> > > pmacctd_net: bgp
> > > sampling_rate: 10
> > > !
> > > bgp_daemon: true
> > > bgp_daemon_ip: 127.0.0.2
> > > bgp_daemon_port: 180
> > > bgp_daemon_max_peers: 10
> > > bgp_agent_map: /etc/pmacct/peering_agent.map
> > > !
> > > aggregate: src_host, dst_host, src_port, dst_port, src_as, dst_as, proto
> > > !
> > > plugins: kafka
> > > kafka_output: json
> > > kafka_broker_host: kafka.fqdn.com
> > > kafka_topic: pmacct.acct
> > > kafka_refresh_time: 10
> > > kafka_history: 5m
> > > kafka_history_roundoff: m
> > > ```
> > >
> > > Where `/etc/pmacct/peering_agent.map` is defined as:
> > >
> > > ```
> > > bgp_ip=1.1.1.1 ip=0.0.0.0/0 filter='ip'
> > > bgp_ip=1.1.1.1 ip=::/0 filter='ip6'
> > > ```
> > >
> > > (1.1.1.1 is the router ID on the other side of the BGP session)
> > >
> > > This works well for IPv4 traffic, resulting in the following Kafka
> > events:
> > >
> > > ```
> > > {"event_type": "purge", "as_src": 0, "as_dst": 396507, "ip_src":
> > > "23.157.160.138", "ip_dst": "23.129.64.208", "port_src": 37649,
> > "port_dst":
> > > 443, "ip_proto": "tcp", "stamp_inserted": "2019-10-13 17:40:00",
> > > "stamp_updated": "2019-10-13 17:43:11", "packets": 3, "bytes": 156,
> > > "writer_id": "default_kafka/15635"}
> > > {"event_type": "purge", "as_src": 0, "as_dst": 0, "ip_src":
> > > "2607:f8b0:400d:c01::bc", "ip_dst": "2602:fe2e:42:2::2", "port_src":
> > 5228,
> > > "port_dst": 63746, "ip_proto": "tcp", "stamp_inserted": "2019-10-13
> > > 17:40:00", "stamp_updated": "2019-10-13 17:43:11", "packets": 1, "bytes":
> > > 72, "writer_id": "default_kafka/15635"}
> > > ```
> > >
> > > But for IPv6 traffic, neither the `as_src` or `as_dst` comes through.
> >
> > > _______________________________________________
> > > pmacct-discussion mailing list
> > > http://www.pmacct.net/#mailinglists
> >
> >
> > _______________________________________________
> > pmacct-discussion mailing list
> > http://www.pmacct.net/#mailinglists
> >
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
