Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add an option to bind on device for Netflow plugin: SO_BINDTODEVICE #967

Open
pavel-odintsov opened this issue Feb 15, 2023 · 2 comments
Open

Comments

@pavel-odintsov
Copy link
Owner

This option is needed when VRFs are in use on Linux platforms.

It may have side effects and we need to consider them: https://patchwork.ozlabs.org/project/netdev/patch/20200331132009.1306283-1-vincent@bernat.ch/

We may use bind to IP and bind to device in same time.

Some details from Marcel Menzel:
passing the vrf master device name to SO_BINDTODEVICE and 0.0.0.0 makes an app listen on all IPs being set on that specific VRF, passing an explcit IP being configured in that VRF makes it listen on that IP in a specific vrf (passing an IP not configured in a VRF makes it fail then)

@Name919-create
Copy link

This change request (#967) adds a new feature to the Netflow plugin by providing an option to bind the plugin to a specific network interface using the SO_BINDTODEVICE socket option. This is useful when monitoring traffic on a specific interface in a multi-interface setup.

The SO_BINDTODEVICE option will allow the Netflow plugin to listen on a specific interface by specifying the name of the interface as a string, rather than relying on the system's routing table to determine the incoming interface. This can improve the accuracy of the Netflow data collected by the plugin and reduce the amount of unwanted traffic received.

To use this new feature, set the "bind_device" configuration option in the Netflow plugin configuration file to the name of the desired interface. For example:

[INPUT]
Name netflow
bind_device eth0

If the "bind_device" option is not set, the Netflow plugin will continue to listen on all available interfaces as before.

@pavel-odintsov
Copy link
Owner Author

Thank you for feedback and clarification, I appreciate it. I wasn't familiar with this approach previously and I find it pretty useful and flexible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants