PDA

View Full Version : Problems with NTOP and SFlow



jqueiroz
03-Jul-2014, 22:13
Hi,

I'm trying to use a SLES 11 SP3 host to collect sflow information with NTOP, but I saw that the traffic is being scaled by the sampling factor --- literally!!!
NTOP gives me that the smallest frame on the flows is 64.000 bytes, and the biggest is 1.500.000 bytes --- clearly, normal packet sizes scaled by the sample rate (1000).

Does anyone know how can I contact the development team for the ntop's sflow plugin?

jmozdzen
04-Jul-2014, 09:39
Hi jqueiroz,

Hi,

I'm trying to use a SLES 11 SP3 host to collect sflow information with NTOP, but I saw that the traffic is being scaled by the sampling factor --- literally!!!
NTOP gives me that the smallest frame on the flows is 64.000 bytes, and the biggest is 1.500.000 bytes --- clearly, normal packet sizes scaled by the sample rate (1000).

Does anyone know how can I contact the development team for the ntop's sflow plugin?

where did you get your SLES11SP3 ntop package from? AFAICT, it's not in the official repositories.

With regards,
Jens

jqueiroz
07-Jul-2014, 16:39
# zypper search ntop
Loading repository data...
Reading installed packages...

S | Name | Summary | Type
--+-------------------+--------------------------------------------------------------------------+-----------
| cacti-plugin-ntop | This is a very simple plugin to allow you to view NTop from within Cacti | package
| cacti-plugin-ntop | This is a very simple plugin to allow you to view NTop from within Cacti | srcpackage
i | ntop | Web-Based Network Traffic Monitor | package
| ntop | Web-Based Network Traffic Monitor | srcpackage
| ntop-debuginfo | Debug information for package ntop | package
| ntop-debugsource | Debug sources for package ntop | package

# zypper service-list
# | Alias | Name | Enabled | Refresh | Type
--+-------------------------------------------------------------------+-------------------------------------------------------+---------+---------+-------
1 | nu_novell_com | nu_novell_com | Yes | No | ris
2 | SLE-11-SDK-SP2-DVD | SLE-11-SDK-SP2-DVD | Yes | No | yast2
3 | SUSE-Linux-Enterprise-Software-Development-Kit-11-SP2_11.2.2-1.66 | SUSE Linux Enterprise Software Development Kit 11 SP2 | No | No | yast2
4 | server:monitoring | server:monitoring | Yes | Yes | rpm-md

# zypper ca
# | Alias | Name | Enabled | Refresh
---+-------------------------------------------------------------------+-------------------------------------------------------+---------+--------
1 | SLE-11-SDK-SP2-DVD | SLE-11-SDK-SP2-DVD | Yes | No
2 | SUSE-Linux-Enterprise-Software-Development-Kit-11-SP2_11.2.2-1.66 | SUSE Linux Enterprise Software Development Kit 11 SP2 | No | No
3 | nu_novell_com:SLE11-SDK-SP1-Pool | SLE11-SDK-SP1-Pool | No | Yes
4 | nu_novell_com:SLE11-SDK-SP1-Updates | SLE11-SDK-SP1-Updates | No | Yes
5 | nu_novell_com:SLE11-SDK-SP2-Core | SLE11-SDK-SP2-Core | No | Yes
6 | nu_novell_com:SLE11-SDK-SP2-Updates | SLE11-SDK-SP2-Updates | No | Yes
7 | nu_novell_com:SLE11-SDK-SP3-Pool | SLE11-SDK-SP3-Pool | Yes | Yes
8 | nu_novell_com:SLE11-SDK-SP3-Updates | SLE11-SDK-SP3-Updates | Yes | Yes
9 | nu_novell_com:SLE11-SP1-Debuginfo-Pool | SLE11-SP1-Debuginfo-Pool | No | Yes
10 | nu_novell_com:SLE11-SP1-Debuginfo-Updates | SLE11-SP1-Debuginfo-Updates | No | Yes
11 | nu_novell_com:SLE11-SP2-Debuginfo-Core | SLE11-SP2-Debuginfo-Core | No | Yes
12 | nu_novell_com:SLE11-SP2-Debuginfo-Updates | SLE11-SP2-Debuginfo-Updates | No | Yes
13 | nu_novell_com:SLE11-SP3-Debuginfo-Pool | SLE11-SP3-Debuginfo-Pool | No | Yes
14 | nu_novell_com:SLE11-SP3-Debuginfo-Updates | SLE11-SP3-Debuginfo-Updates | No | Yes
15 | nu_novell_com:SLE11-Security-Module | SLE11-Security-Module | No | Yes
16 | nu_novell_com:SLE11-WebYaST-SP2-Pool | SLE11-WebYaST-SP2-Pool | No | Yes
17 | nu_novell_com:SLE11-WebYaST-SP2-Updates | SLE11-WebYaST-SP2-Updates | No | Yes
18 | nu_novell_com:SLES11-Extras | SLES11-Extras | No | Yes
19 | nu_novell_com:SLES11-SP1-Pool | SLES11-SP1-Pool | No | Yes
20 | nu_novell_com:SLES11-SP1-Updates | SLES11-SP1-Updates | No | Yes
21 | nu_novell_com:SLES11-SP2-Core | SLES11-SP2-Core | No | Yes
22 | nu_novell_com:SLES11-SP2-Extension-Store | SLES11-SP2-Extension-Store | No | Yes
23 | nu_novell_com:SLES11-SP2-Updates | SLES11-SP2-Updates | No | Yes
24 | nu_novell_com:SLES11-SP3-Extension-Store | SLES11-SP3-Extension-Store | No | Yes
25 | nu_novell_com:SLES11-SP3-Pool | SLES11-SP3-Pool | Yes | Yes
26 | nu_novell_com:SLES11-SP3-Updates | SLES11-SP3-Updates | Yes | Yes
27 | server:monitoring | server:monitoring | Yes | Yes

# zypper info ntop
Loading repository data...
Reading installed packages...


Information for package ntop:

Repository: @System
Name: ntop
Version: 5.0.1-44.1
Arch: x86_64
Vendor:
Support Level: unknown
Installed: Yes
Status: up-to-date
Installed Size: 53.3 MiB
Summary: Web-Based Network Traffic Monitor
Description:
Ntop is a Web-based traffic monitor that shows network usage. It can be
used in both interactive or Web mode using the embedded Web server.

jmozdzen
08-Jul-2014, 10:49
Hi

since it's not from SUSE (that would show in the "Vendor" field it's probably from the Opensuse "server:monitoring". There are maintainers for this (https://build.opensuse.org/package/users/server:monitoring/ntop), you might want to ask them ;)

Regards,
Jens

jqueiroz
09-Jul-2014, 18:29
Thanks, I looked on the pages you suggested and it seems that ntop is deemed EOL. :(

Seems that I'll have to invest on ntopng (darn...).