- Update to version 1.7.3
+ Introduced the RPKI daemon to build a ROA database and check prefixes
validation status and coverages. Resource Public Key Infrastructure
(RPKI) is a specialized public key infrastructure (PKI) framework
designed to secure the Internet routing. RPKI uses certificates to
allow Local Internet Registries (LIRs) to list the Internet number
resources they hold. These attestations are called Route Origination
Authorizations (ROAs). ROA information can be acquired in one of the
two following ways: 1) importing it using the rpki_roas_file config
directive from a file in the RIPE Validator format or 2) connecting
to a RPKI RTR Cache for live ROA updates; the cache IP address/port
being defined by the rpki_rtr_cache config directive (and a few more
optional rpki_rtr_* directives are available and can be reviwed in
the CONFIG-KEYS doc). The ROA fields will be populated with one of
these five values: 'u' Unknown, 'v' Valid, 'i' Invalid no overlaps,
'V' Invalid with a covering Valid prefix, 'U' Invalid with a covering
Unknown prefix.
+ Introducing pmgrpcd.py, written in Python, a daemon to handle gRPC-
based Streaming Telemetry sessions and unmarshall GPB data. Code
was mostly courtesy by Matthias Arnold ( @tbearma1 ). This is in
addition (or feeding into) pmtelemetryd, written in C, a daemon to
handle TCP/UDP-based Streaming Telemetry sessions with JSON-encoded
data.
+ pmacctd, uacctd: added support for CFP (Cisco FabricPath) and Cisco
Virtual Network Tag protocols.
+ print plugin: added 'custom' to print_output. This is to cover two
main use-cases: 1) use JSON or Avro encodings but fix the format of
the messages in a custom way and 2) use a different encoding than
JSON or Avro. See also example in examples/custom and new directives
print_output_custom_lib and print_output_custom_cfg_file. The patch
OBS-URL: https://build.opensuse.org/request/show/704836
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/pmacct?expand=0&rev=89
- Drop support for older distributions
- Update to version 1.7.2
+ nfacctd, sfacctd: added Kafka broker among the options to receive
NetFlow/IPFIX, sFlow data from. Host, port and topic should all be
specified along with an optional config file to pass to librdkafka.
+ nfacctd, sfacctd, pmtelemetryd: added ZeroMQ queue among the options
to receive NetFlow/IPFIX, sFlow or Streaming Telemetry data from. An
IP address and port should be specified.
+ nfacctd, sfacctd: added sampling_direction to the set of supported
primitives, valid values being ingress, egress and unknown.
+ nfacctd, sfacctd: stats, ie. amount of NetFlow/IPFIX or sFlow packets
received per router, are now available when in tee mode. Stats can be
retrieved via a SIGUSR1 UNIX signal.
+ pcap_savefile_replay: a feature to replay content for the specified
amounf of time when reading from a pcap_savefile.
+ pre_tag_map: added several new keys: src_net and dst_net (to tag on
source and destination IP prefixes respectively), bgp_nexthop (to
tag on BGP nexthop) and nat_event.
+ BGP daemon: added bgp_lrgcomm_pattern feature to filter large BGP
communities (in addition to existing equivalent knobs to filter on
standard and extended communities).
+ BMP, Streaming Telemetry daemons: msglog_file and dump_file config
directives now offer $bmp_router, $bmp_router_port, $telemetry_node
and $telemetry_node_port variables.
+ BGP, BMP, Streaming Telemetry daemons: added BGP, BMP and Streaming
Telemetry exporter TCP/UDP port as variable for dump/log filenames
(to better support NAT traversal scenarios).
+ BGP, BMP daemons: added message sequencing to both BGP and BMP dumps
(bgp_table_dump_*, bmp_dump_*). If dumping and logging are enabled
in parallel then sequencing the dumps allows for check pointing at
OBS-URL: https://build.opensuse.org/request/show/652057
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/pmacct?expand=0&rev=85
- update to version 1.7.1
+ pmbgpd: introduced a BGP connect feature meant to map BGP peers
(ie. PE routers) to BGP collectors (ie. nfacctd, sfacctd) via a
standalone BGP daemon (pmbgpd). The aim is to facilitate operations
when re-sizing/re-balancing the collection infrastructure without
impacting (ie. re-configuring) BGP peers. bgp_daemon_xconnect_map
expects full pathname to a file where cross-connects are defined;
mapping works only against the IP source address and not the BGP
Router ID, only 1:1 relationships can be formed (ie. this is about
cross-connecting, not replication) and only one session per BGP
peer is supported (ie. multiple BGP agents are running on the same
IP address or NAT traversal scenarios are not supported [yet]).
A sample map is provided in 'examples/bgp_xconnects.map.example'.
+ pmbgpd: introduced a BGP Looking Glass server allowing to perform
queries, ie. lookup of IP addresses/prefixes or get the list of BGP
peers, against available BGP RIBs. The server is asyncronous and
uses ZeroMQ as transport layer to serve incoming queries. Sample
C/Python LG clients are available in 'examples/lg'. A sample LG
server config is available in QUICKSTART. Request/Reply Looking
Glass formats are documented in 'docs/LOOKING_GLASS_FORMAT'.
+ pmacctd: a single daemon can now listen for traffic on multiple
interfaces via a polling mechanism. This can be configured via a
pcap_interfaces_map feature (interface/pcap_interface can still be
used for backward compatiblity to listen on a single interface). The
map allows to define also ifindex mapping and capturing direction on
a per-interface basis. The map can be reloaded at runtime via a USR2
signal and a sample map is in examples/pcap_interfaces.map.example.
+ Kafka plugin: dynamic partitioning via kafka_partition_dynamic and
kafka_partition_key knobs is introduced. The Kafka topic can contain
variables, ie. $peer_src_ip, $src_host, $dst_port, $tag, etc., which
OBS-URL: https://build.opensuse.org/request/show/605149
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/pmacct?expand=0&rev=84
- update to version 1.6.2
+ BGP, BMP daemons: introduced support for BGP Large Communities IETF
draft (draft-ietf-idr-large-community). Large Communities are stored
in a variable-length field. Thanks to Job Snijders ( @job ) for his
support.
+ BGP daemon: implemented draft-ietf-idr-shutdown. The draft defines a
mechanism to transmit a short freeform UTF-8 message as part of a
Cease NOTIFICATION message to inform the peer why the BGP session is
being shutdown or reset. Thanks to Job Snijders ( @job ) for his
support.
+ tee plugin, pre_tag_map: introduced support for inspetion of specific
flow primitives and selective replication over them. The primitives
supported are: input and output interfaces, source and destination
MAC addresses, VLAN ID. The feature is now limited to sFlow v5 only.
Thanks to Nick Hilliard and Barry O'Donovan for their support.
+ Added src_host_pocode and dst_host_pocode primitives, pocode being a
compact and (de-)aggregatable (easy to identify districts, cities,
metro areas, etc.) geographical representation, based on the Maxmind
v2 City Database. Thanks to Jerred Horsman for his support.
+ Kafka support: introduced support for user-defined (librdkafka) config
file via the new *_kafka_config_file config directives. Full pathname
to a file containing directives to configure librdkafka is expected.
All knobs whose values are string, integer, boolean are supported.
+ AMQP, Kafka plugins: introduced new directives kafka_avro_schema_topic,
amqp_avro_schema_routing_key to transmit Apache Avro schemas at regular
time intervals. The routing key/topic can overlap with the one used to
send actual data.
+ AMQP, Kafka plugins: introduced support for start/stop markers when
encoding is set to Avro (ie. 'kafka_output: avro'); also Avro schema
OBS-URL: https://build.opensuse.org/request/show/489948
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/pmacct?expand=0&rev=82
- update to version 1.5.2
- add patch: pmacct-fix-implicit-pointer-decl.diff
- do not build with ULOG on newer versions > 13.2 since it got removed
from mainstream linux kernel >= 3.17
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7200135bc1e61f1437dc326ae2ef2f310c50b4eb
- update to version 1.5.1
+ BMP daemon: BMP, BGP Monitoring Protocol, can be used to monitor BGP
sessions. The current implementation is base on the draft-ietf-grow-bmp-07
IETF draft. The daemon currently supports BMP events and stats only, ie.
initiation, termination, peer up, peer down and stats reports messages.
Route Monitoring is future (upcoming) work but routes can be currently
sourced via the BGP daemon thread (best path only or ADD-PATH), making
the two daemons complementary. The daemon enables to write BMP messages
to files or AMQP queues, real-time (msglog) or at regular time intervals
(dump) and is a separate thread in the NetFlow (nfacctd) or sFlow (sfacctd)
collectors.
+ tmp_net_own_field directive is introduced to record both individual source
and destination IP addresses and their IP prefix (nets) as part of the same
aggregation method. While this should become default behaviour, a knob for
backward-compatibility is made available for all 1.5 until the next major
release.
+ Introduced nfacctd_stitching and equivalents (ie. sfacctd_stitching):
when set to true, given an aggregation method, two new non-key fields are
added to the aggregate upon purging data to the backend: timestamp_min is
the timestamp of the first element contributing to a certain aggregate
and timestamp_max is the timestamp of the last element. In case the export
protocol provides time references, ie. NetFlow/IPFIX, these are used; if not
the current time (hence time of arrival to the collector) is used instead.
OBS-URL: https://build.opensuse.org/request/show/346126
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/pmacct?expand=0&rev=79
