[Draft PR]: Add goflow2 support

docker-compose.yml

@@ -94,6 +94,31 @@ services:
             - .:/srv/ixpmanager
             - mrtg-data:/srv/mrtg
 
+    sflow-scripts:
+        build:
+            context: tools/docker/containers/sflow-scripts
+        depends_on:
+            - "mysql"
+        ports:
+            - 6343:6343/udp # sFlow
+        networks:
+            ixpmanager:
+                ipv4_address: 172.30.201.21
+                ipv6_address: fd99::21
+                aliases:
+                    - ixpmanager-sflow-scripts
+        extra_hosts:
+            - "rs1-ipv4:172.30.201.30"
+            - "rs1-ipv4.ixpmanager:172.30.201.30"
+            - "rs1-ipv6:172.30.201.30"
+            - "rs1-ipv6.ixpmanager:172.30.201.30"
+            - "switch1:172.30.201.60"
+            - "switch2:172.30.201.61"
+        volumes:
+            - .:/srv/ixpmanager
+        stdin_open: true
+        tty: true
+
     routinator:
         build:
             context: tools/docker/containers/routinator

ipfix.clab.yml

@@ -0,0 +1,40 @@
+name: ipfix-sros
+
+mgmt:
+  network: ixpm_ixpmanager # Connect to IXP manager network
+  # bridge: mgmt-bridge
+  ipv4-subnet: 172.30.201.0/24
+
+topology:
+  kinds:
+    linux:
+      image: ghcr.io/hellt/network-multitool
+
+  nodes:
+    sros:
+      kind: vr-nokia_sros
+      image: vrnetlab/vr-sros:23.10.R3
+      license: /Projects/SR_OS_VSR-SIM_license.txt
+      startup-config: |
+        /configure port 1/1/c1 admin-state enable connector breakout c1-100g
+        /configure port 1/1/c1/1 admin-state enable ethernet mode access encap-type dot1q
+        /configure cflowd collector 172.30.201.1 port 2056 version 10 router-instance "management" admin-state enable template-set l2-ip
+        /configure cflowd active-flow-timeout 30 sample-profile 1 sample-rate 1
+        /configure service vpls "1" admin-state enable service-id 1 customer "1" sap 1/1/c1/1:100 { cflowd true }
+        /configure service vpls "1" interface "i" { ipv4 primary address 192.168.0.0 prefix-length 31 }
+
+    ### CLIENTS ###
+    client1:
+      kind: linux
+      exec:
+        - ip link add link eth1 name eth1.100 type vlan id 100
+        - ip address add 192.168.0.1/31 dev eth1.100
+        - ip link set dev eth1.100 up
+        - ip route replace default via 192.168.0.0
+        - ip -6 address add 2002::192:168:0:1/64 dev eth1.100
+        # - iperf3 -s -p 5201 -D > iperf3_1.log
+        # - iperf3 -s -p 5202 -D > iperf3_2.log
+      group: server
+
+  links:
+    - endpoints: ["sros:eth1","client1:eth1"]

tools/docker/containers/sflow-scripts/Dockerfile

@@ -0,0 +1,42 @@
+FROM ubuntu:23.04
+
+# RUN apt-get -y update && \
+#     apt-get -y upgrade && \
+#     apt-get -y autoremove --purge && \
+#     apt-get -y clean && \
+#     rm -rf /var/lib/apt/lists/* && \
+#     rm -rf /tmp/*
+
+# JvB added for sflow testing
+RUN apt-get -y update && apt-get install -y perl-base bash make gcc cpanminus libmysqlclient-dev
+
+RUN cpanm install NetAddr::IP Config::General NetPacket::TCP 
+
+# Tests fail, force install
+RUN cpanm install DBD::mysql --force
+
+COPY ixpmanager.conf /usr/local/etc/ixpmanager.conf
+
+# sflowtool for traditional workflow
+RUN apt-get install -y git autoconf
+RUN git clone https://github.com/sflow/sflowtool.git && \
+    cd sflowtool && \
+    ./boot.sh && \
+    ./configure --prefix=/usr && \
+    make && \
+    make install
+
+# goflow2 script dependencies - does not support IPFIX v10 format
+RUN cpanm install JSON REST::Client
+RUN apt-get install -y wget librrds-perl
+RUN wget https://github.com/netsampler/goflow2/releases/download/v1.3.6/goflow2_1.3.6_amd64.deb
+RUN apt install -y ./goflow2_1.3.6_amd64.deb
+
+# nfdump does support v10 with MAC addresses
+RUN apt-get install -y nfdump
+# Usage: sudo nfcapd -M /tmp -b 172.30.201.1 -E
+
+WORKDIR /
+
+ENTRYPOINT "/bin/bash"
+CMD "/bin/bash"

tools/docker/containers/sflow-scripts/README.md

@@ -0,0 +1,50 @@
+# Notes
+
+* Need to use a secure connection or restore the default mysql password plugin:
+```
+mysql --protocol=TCP --port 33060 -u root
+ALTER USER 'ixpmanager' IDENTIFIED WITH mysql_native_password BY 'ixpmanager';
+```
+
+## nfcapd
+
+```nfcapd -p 9995 -w /tmp -E```
+
+This will listen for IPFIX UDP packets on port 9995, and print them out to the console for debugging
+
+## nfdump
+
+Only accept from from a single exporter and only extension 6,7,8,10,11 are accepted. Run a given command when files are rotated 
+and automatically expire flows:
+```nfcapd -w -D -T 6,7,8,10,11 -n upstream,192.168.1.1,/netflow/spool/upstream -p 23456 -B 128000 -s 100 -x '/path/command -r %d/%f'  -P /var/run/nfcapd/nfcapd.pid -e```
+
+From ```man nfcapd```:
+Extensions:
+           v5/v7/v9/IPFIX extensions:
+            1 input/output interface SNMP numbers.
+            2 src/dst AS numbers.
+            3 src/dst mask, (dst)TOS, direction.
+            4 line Next hop IP addr line
+            5 line BGP next hop IP addr line
+->          6 src/dst vlan id labels
+->          7 counter output packets
+->          8 counter output bytes
+            9 counter aggregated flows
+->         10 in_src/out_dst MAC address
+->         11 in_dst/out_src MAC address
+           12 MPLS labels 1-10
+           13 Exporting router IPv4/IPv6 address
+           14 Exporting router ID
+           15 BGP adjacent prev/next AS
+           16 time stamp flow received by the collector
+           NSEL/ASA/NAT extensions
+           26 NSEL     ASA event, xtended event, ICMP type/code
+           27 NSEL/NAT xlate ports
+           28 NSEL/NAT xlate IPv4/IPv6 addr
+           29 NSEL     ASA ACL ingress/egress acl ID
+           30 NSEL     ASA username
+           NEL/NAT extensions
+           31 NAT event, ingress egress vrfid
+           32 NAT Block port allocation - block start, end step and size
+           latency extension
+           64 nfpcapd/nprobe client/server/application latency"},

tools/docker/containers/sflow-scripts/ixpmanager.conf

@@ -0,0 +1,20 @@
+<sql>
+        dbase_type      = mysql
+        dbase_database  = ixpmanager
+        dbase_username  = ixpmanager
+        dbase_password  = ixpmanager
+        dbase_hostname  = ixpmanager-mysql
+</sql>
+
+<ixp>
+        # sflowtool = /usr/bin/sflowtool
+        # sflowtool_opts = -4 -p 6343 -l
+        sflowtool = /usr/bin/goflow2
+        debug = 1
+        sflow_rrdcached = 1
+        sflow_rrddir = /data/ixpmatrix
+
+        apikey = APIKeyFromIXPManager
+        apibaseurl = http://ixpmanager-www/ixp/api/v4
+        macdbtype = configured
+</ixp>