vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-12-15 18:12:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add VPP IPFIX configuration (#1711)

Browse Source
This commit is contained in:
Viacheslav Hletenko 2025-11-25 14:06:37 +02:00 committed by GitHub
parent 8c0c0bfe1c
commit 2355b54255
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/vpp/configuration/index.rst
View File

@ -26,6 +26,7 @@ Features that can be enabled on VPP Dataplane:
:includehidden: :includehidden:
acl acl
ipfix
ipsec ipsec
nat/index nat/index
sflow sflow

50
docs/vpp/configuration/ipfix.rst Normal file
View File

@ -0,0 +1,50 @@
VPP IPFIX Configuration
=======================
VPP IPFIX in VyOS allows monitoring and exporting network traffic flows
for analytics, security, and accounting. IPFIX works with the VPP
(Vector Packet Processing) backend to provide high-performance flow tracking.
Overview
--------
VyOS integrates VPP for high-performance packet processing. IPFIX
configuration controls how flows are monitored, exported, and which
interfaces are included.
Key IPFIX Concepts
------------------
- **Active timeout**: Maximum time a flow is kept active before export.
- **Inactive timeout**: Maximum time an idle flow is kept before export.
- **Collector**: The remote host and port to which flow records are sent.
- **Flow layers**: Determines which layer information is included (`l2`, `l3`, `l4`).
- **Interfaces**: Physical or virtual interfaces to monitor.
- **Direction**: Which traffic to monitor (`rx`, `tx`, `both`).
- **Flow variant**: Optional filter for IPv4 or IPv6 flows.
Configuration Options
---------------------
- **active-timeout**: Duration (in seconds) after which active flows are exported.
- **inactive-timeout**: Duration (in seconds) after which idle flows are exported.
- **collector `<ip>` port `<port>`**: IP and UDP port of the IPFIX collector.
- **collector `<ip>` source-address `<ip>`**: Source address for flow export.
- **flowprobe-record `<l2|l3|l4>`**: Layers to include in flow records.
- **interface `<interface>` [direction `<rx|tx|both>`] [flow-variant `<ipv4|ipv6>`]**: Interfaces to monitor, direction of traffic, and optional flow variant filter.
Example Configuration
---------------------
.. code-block:: none
set vpp ipfix active-timeout '15'
set vpp ipfix inactive-timeout '120'
set vpp ipfix collector 192.0.2.2 port '4739'
set vpp ipfix collector 192.0.2.2 source-address '192.0.2.1'
set vpp ipfix flowprobe-record 'l2'
set vpp ipfix flowprobe-record 'l3'
set vpp ipfix flowprobe-record 'l4'
set vpp ipfix interface eth0
set vpp ipfix interface eth1 direction 'both' flow-variant 'ipv4'