VAS Experts documentation VAS Experts documentation-mobile
in

Settings

  • Show pagesource
  • Old revisions
  • Export to PDF
  • ODT export
  • Backlinks
  • Show pagesource
  • Old revisions
  • Export to PDF
  • ODT export
  • Backlinks
    • Stingray Service Gateway by VAS ExpertsDPIStatistics gathering and analysis on protocols and directionsConfiguring service

    Table of Contents

    Configuring service

    The option is configured or disabled by parameters in configuration file /etc/dpi/fastdpi.conf.

    NetFlow parameters are cold, so changes require a service restart.

    Statistics export configuration

    To switch on the export of statistics: 

    netflow=1
    • 0 or no parameter - export disabled;
    • 1 - export statistics by protocols (port numbers);
    • 2 - export statistics by directions (independent systems' numbers);
    • 4 - export statistics for billing;
    • 8 - export the complete statistical information on sessions;
    3 = 1 + 2 - simultaneous export of statistics by protocols and by directions. Other values are combined similarly.

    The network interface name to export netflow with statistics: 

    netflow_dev=eth2

    Data export period in seconds: 

    netflow_timeout=10

    Configuration of each type NetFlow

    IP address and port number of netflow collector for statistics by protocols: 

    netflow_collector=192.168.0.1:9997
    It is necessary to specify a separate collector for each type so that the data does not mix!

    IP address and port number of netflow collector with statistics by directions: 

    netflow_as_collector=192.168.0.1:9998

    Directions to collect and aggregate data:

    • 1 for external independent systems only (OK for household operators as there are no other independent systems rather than the operator itself on one side);
    • 2 for internal independent systems only;
    • 3 = 1 + 2 for both (OK for transit operators. However, as the aggregation by AS is made separately, data would be counted twice in the exported statistics - for each of AS participating in data transmission).
    netflow_as_direction=1

    IP address and port number of NetFlow collector with statistics for billing. One has to specify the separate collector to avoid data messing with other statistics: 

    netflow_bill_collector=192.168.0.1:9995
    The billing statistics is formed only for those subscribers that have service 9 enabled.

    Setting up the statistics format: 

    netflow_bill_collector_type=2
    • 0 - netflow_v5 ( default )
    • 1 - ipfix udp
    • 2 - ipfix tcp

    The whole traffic volume is counted by default. This includes packet headers as well. In order to count the useful traffic only1) please specify: 

    netflow_bill_method=1

    The traffic class assigned by DPI is specified in TOS field of netflow with billing statistics. This information can be used to create attractive billing plans.

    IP address and port number of netflow collector with full statistics. One has to specify the separate collector to avoid data messing with other statistics: 

    netflow_full_collector=192.168.0.1:9996
netflow_passive_timeout=30
netflow_active_timeout=300

    Here

    • netflow_passive_timeout=30 - is the time to wait for session activity. If no activity in this time, the session is treated as closed and its information is transmitted
    • netflow_active_timeout=300 - is the time to report on the long sessions: in fact, such sessions are split into fragments of this duration.

    The complete statistics preserved original port numbers. The information on detected protocols is sent in normally empty bytes 46-47. In case one needs to analyse the protocols in use, the system can be configured to send the protocol information in the port number: 

    netflow_full_port_swap=1
    NetFlow protocol does not ensure the delivery of packets as it works over UDP. If the collector has not enough capacity to receive the data, some packets are just lost. The collector has to receive data at rates no less than 60 Mb/s to handle full statistics for 10Gb channel. Please check your collector's capabilities before sending the netflow traffic.

    At the same time short peaks up to 100 Mb/s may happen when sending netflow from DPI. Few collectors are able to receive such data flow with no losses, for example nfsen/nfdump.

    In order to smooth such peaks and load the collector in a uniform way one can set the parameter: 

    netflow_rate_limit=60

    Here 60 is the maximal netflow rate in Mb/s.

    This value has to be set according to 6 Mb/s for each 1Gb of the external channel. Insufficient rate setting leads to data losses already on DPI side. This event is reflected in log file /var/log/dpi/fastdpi_alert.log.

    Configuration Example

    An example is described in the section QoE Stor: DPI Configuration

    1)
    The traffic with no packet headers may be 3.5 times smaller than the total one. For example, the minimal torrent UDP packet may be 64 bytes. The UDP header is 28 bytes and Ethernet frame size is 18 bytes. The resulting useful information is 18 bytes only of 64 total.