4.12.1. NetFlow

NetFlow is a protocol for exporting aggregated traffic information with UDP packets flow. NetFlow is generated by ng_netflow(4) node. To enable NetFlow on a particular interface netflow-in or netflow-out options should be used. Best practice is to enable netflow on every interface in system in only one direction: incoming for "ingress" flow or outgoing for "egress" flow.

Note: Netflow configuration is global for the daemon, so it must be done before first bundle get connected.

Note: This feature is available only on FreeBSD 6.0-RELEASE and newer. NetFlow v9 supported only on FreeBSD 9.0-RELEASE and newer.

set netflow peer ip port

Set destination IP address and port, where NetFlow export datagrams will be sent. This options is important to have working NetFlow.

set netflow self ip port

Set optional local IP and port binding, to make NetFlow datagrams originate from a specific source.

set netflow version ver

Choose NetFlow version to export. Supported options are 5 or 9.

Default is 5.

set netflow mtu bytes

Set export interface MTU to build packets of specified size (NetFlow v9-specific).

Default is 1500.

set netflow template time packets

Modify time and packet timeouts to announce data flow templates (NetFlow v9-specific).

Defaults are 600 and 500.

set netflow timeouts inactive active

Modify inactive and active timeout values. For more information, see ng_netflow(4) manual page.

set netflow node nodename

Use existing ng_netflow(4) node instead of creating a new one.

set netflow hook number

Use ng_netflow(4) node's hooks starting from specified number. For detailed information about naming of hooks, see ng_netflow(4) manual page.