Skip to content

Commit dd493c7

Browse files
sever-seversever-sever
committed
Add VPP IPFIX configuration
1 parent b7bda23 commit dd493c7

File tree

2 files changed

+51
-0
lines changed

2 files changed

+51
-0
lines changed

docs/vpp/configuration/index.rst

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ Features that can be enabled on VPP Dataplane:
2626
:includehidden:
2727

2828
acl
29+
ipfix
2930
ipsec
3031
nat/index
3132
sflow

docs/vpp/configuration/ipfix.rst

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
VPP IPFIX Configuration
2+
=======================
3+
4+
VPP IPFIX in VyOS allows monitoring and exporting network traffic flows
5+
for analytics, security, and accounting. IPFIX works with the VPP
6+
(Vector Packet Processing) backend to provide high-performance flow tracking.
7+
8+
Overview
9+
--------
10+
11+
VyOS integrates VPP for high-performance packet processing. IPFIX
12+
configuration controls how flows are monitored, exported, and which
13+
interfaces are included.
14+
15+
Key IPFIX Concepts
16+
------------------
17+
18+
- **Active timeout**: Maximum time a flow is kept active before export.
19+
- **Inactive timeout**: Maximum time an idle flow is kept before export.
20+
- **Collector**: The remote host and port to which flow records are sent.
21+
- **Flow layers**: Determines which layer information is included (`l2`, `l3`, `l4`).
22+
- **Interfaces**: Physical or virtual interfaces to monitor.
23+
- **Direction**: Which traffic to monitor (`rx`, `tx`, `both`).
24+
- **Flow variant**: Optional filter for IPv4 or IPv6 flows.
25+
26+
Configuration Options
27+
---------------------
28+
29+
- **active-timeout**: Duration (in seconds) after which active flows are exported.
30+
- **inactive-timeout**: Duration (in seconds) after which idle flows are exported.
31+
- **collector `<ip>` port `<port>`**: IP and UDP port of the IPFIX collector.
32+
- **collector `<ip>` source-address `<ip>`**: Source address for flow export.
33+
- **flowprobe-record `<l2|l3|l4>`**: Layers to include in flow records.
34+
- **interface `<interface>` [direction `<rx|tx|both>`] [flow-variant `<ipv4|ipv6>`]**: Interfaces to monitor, direction of traffic, and optional flow variant filter.
35+
36+
Example Configuration
37+
---------------------
38+
39+
.. code-block:: none
40+
41+
set vpp ipfix active-timeout '15'
42+
set vpp ipfix inactive-timeout '120'
43+
set vpp ipfix collector 192.0.2.2 port '4739'
44+
set vpp ipfix collector 192.0.2.2 source-address '192.0.2.1'
45+
set vpp ipfix flowprobe-record 'l2'
46+
set vpp ipfix flowprobe-record 'l3'
47+
set vpp ipfix flowprobe-record 'l4'
48+
set vpp ipfix interface eth0
49+
set vpp ipfix interface eth1 direction 'both' flow-variant 'ipv4'
50+

0 commit comments

Comments
 (0)