no rrd file generation about as-stats HOT 8 CLOSED

let me explain a bit my setup. I have two 32bit gentoo systems A and B. Both systems reside on the same network setup doing different tasks so things are flexible if I need to change this setup. A runs pmacct with nfbrobe plugin only. B runs quagga and as-stats.

As a startup I followed this guide with some customizations for my setup like having quagga lively feeding pmacct.

I am testing as-stats on a fresh 32bit gentoo/rolling system. Just in case of possible issues with a 32bit system, I've also tested this on a fresh 64bit void-linux/rolling musl-libc with the exact same results.

from as-stats.

Are you sure your configuration is correct ?
If it is not, packets are drop silently, because they do not match your needs (watched host, watched vlan, watched ifindex)

The code is here: https://github.com/manuelkasper/AS-Stats/blob/master/bin/asstatd.pl#L655

from as-stats.

thank you for the useful feedback.

commenting out that return on line 655 did not made any difference.

I also tried a previous as-stats v1.5 with no success.

here is some further information on this 32bit SMP gentoo system:

Linux version 4.9.7-gentoo (root@aifnis) (gcc version 5.4.0 (Gentoo 5.4.0-r2 p1.2, pie-0.6.5) ) #1 SMP Thu Feb 2 13:34:59 EET 2017

rrdtool-1.6.0-r1
File-Find-Rule-0.340.0 / http://search.cpan.org/dist/File-Find-Rule/
File-Find-Rule-Perl-1.130.0 / http://search.cpan.org/dist/File-Find-Rule-Perl/
Net-sFlow-0.11 / http://search.cpan.org/dist/Net-sFlow/

from as-stats.

I uncommented some print statements on the asstatsd.pl and got the following:

DEBUG Sampling Rate for 10.2.19.1_0 is IN: 1 | OUT: 1
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Updated template ID 1024 (source ID 0, from 10.2.19.1)
Updated template ID 1025 (source ID 0, from 10.2.19.1)
Updated template ID 1024 (source ID 0, from 10.2.19.1)
Updated template ID 1025 (source ID 0, from 10.2.19.1)

I forgot to mention that this setup runs on a IP/BGP/AS private 10.0.0.0/8 AWMN network.

I also commented out line 628 without any change on this issue.

More information about my setup can be found here

from as-stats.

Can you provide your configuration, as well as a pcap fed with a couple of flow samples ?

from as-stats.

pmacct/nfprobe config:

daemonize: false
promisc: true
plugin_buffer_size: 10240
plugin_pipe_size: 10240000
pcap_filter: net 10.0.0.0/8
interface: eth0
plugins: nfprobe
nfprobe_receiver: 10.2.19.18:9000
nfprobe_version:9
nfacctd_net: fallback
nfacctd_as_new: fallback
nfprobe_peer_as: true
sfprobe_peer_as: true
bgp_daemon_pipe_size: 1310710
bgp_daemon: true
bgp_daemon_ip: 10.2.19.4
bgp_daemon_id: 10.2.19.4
bgp_agent_map: /etc/pmacct/agent_to_peer.map
bgp_daemon_port: 17917
bgp_follow_nexthop: 10.2.19.0/24, 10.2.146.0/24, 10.0.0.0/8
aggregate: src_host, dst_host, src_port, dst_port, src_as, dst_as, as_path, peer_src_as, peer_dst_as, proto

/etc/pmacct/agent_to_peer.map :
bgp_ip=10.2.19.1 ip=10.0.0.0/8
bgp_ip=10.2.19.3 ip=10.0.0.0/8

nfcapd.zip

from as-stats.

I had some progress:

DEBUG Sampling Rate for 10.2.19.1_0 is IN: 1 | OUT: 1
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Template ID 1024 from 0/10.2.19.1 does not (yet) exist
Updated template ID 1024 (source ID 0, from 10.2.19.1)
Updated template ID 1025 (source ID 0, from 10.2.19.1)
0 => 0 (40 octets, version 4, snmpin 0, snmpout 0)
2493: flushing data for AS 0 (1488059548)
2493: creating RRD file for AS 0
0 => 0 (60 octets, version 4, snmpin 0, snmpout 0)
0 => 0 (40 octets, version 4, snmpin 0, snmpout 0)
0 => 0 (60 octets, version 4, snmpin 0, snmpout 0)
0 => 0 (94 octets, version 4, snmpin 0, snmpout 0)
0 => 0 (78 octets, version 4, snmpin 0, snmpout 0)
0 => 0 (143 octets, version 4, snmpin 0, snmpout 0)
0 => 0 (65 octets, version 4, snmpin 0, snmpout 0)
0 => 0 (139 octets, version 4, snmpin 0, snmpout 0)

my conf/knownlinks :
10.2.19.1 0 SupperQuagga SupperQuagga ABCDEF 1

and some more progress:

DEBUG Sampling Rate for 10.2.19.1_0 is IN: 1 | OUT: 1
Updated template ID 1024 (source ID 0, from 10.2.19.1)
Updated template ID 1025 (source ID 0, from 10.2.19.1)
0 => 7817 (40 octets, version 4, snmpin 0, snmpout 0)
7817 => 0 (132 octets, version 4, snmpin 0, snmpout 0)
0 => 7817 (40 octets, version 4, snmpin 0, snmpout 0)
7817 => 0 (60 octets, version 4, snmpin 0, snmpout 0)
0 => 13101 (40 octets, version 4, snmpin 0, snmpout 0)
13101 => 0 (52 octets, version 4, snmpin 0, snmpout 0)
0 => 22128 (80 octets, version 4, snmpin 0, snmpout 0)
0 => 9474 (40 octets, version 4, snmpin 0, snmpout 0)
9474 => 0 (60 octets, version 4, snmpin 0, snmpout 0)
0 => 10030 (40 octets, version 4, snmpin 0, snmpout 0)
10030 => 0 (60 octets, version 4, snmpin 0, snmpout 0)
0 => 7817 (40 octets, version 4, snmpin 0, snmpout 0)
7817 => 0 (60 octets, version 4, snmpin 0, snmpout 0)

from as-stats.

let me shamefully close this "ticket" as invalid, apologizing for the "lost cycles", since as-stats properly does whatever was designed to do, though quite silently.

being a n00b on this field, I am still exploring and learning its wonders. You may see some of my efforts here

thank you dearly for offering such a handy little tool to the open-source community.

from as-stats.