From owner-freebsd-questions@FreeBSD.ORG Tue May 25 16:54:31 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 302D6106566C for ; Tue, 25 May 2010 16:54:31 +0000 (UTC) (envelope-from reinhard.haller@interactive-net.de) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.9]) by mx1.freebsd.org (Postfix) with ESMTP id AEDDE8FC1A for ; Tue, 25 May 2010 16:54:30 +0000 (UTC) Received: from interactive.dnsalias.net (ppp-82-135-71-60.dynamic.mnet-online.de [82.135.71.60]) by mrelayeu.kundenserver.de (node=mrbap0) with ESMTP (Nemesis) id 0MKbbD-1OGgoU1Kyt-001k0s; Tue, 25 May 2010 18:54:29 +0200 Received: from scalix.interactive.de ([fd08:e8a3:4825:0:20c:29ff:feaa:3622]) by interactive.dnsalias.net with esmtp (Exim 4.71 (FreeBSD)) (envelope-from ) id 1OGxOe-000P2y-IQ for freebsd-questions@freebsd.org; Tue, 25 May 2010 18:54:28 +0200 Received: from scalix.interactive.de (localhost.localdomain [127.0.0.1]) by scalix.interactive.de (8.13.8/8.13.8) with ESMTP id o4PGsRLJ002066 for ; Tue, 25 May 2010 18:54:27 +0200 Received: from [127.0.0.1] (Core2Duo.interactive.de [192.168.0.196]) by scalix.interactive.de (Scalix SMTP Relay 11.4.5.13150) via ESMTP; Tue, 25 May 2010 18:54:27 +0200 (CEST) Date: Tue, 25 May 2010 18:54:25 +0200 From: Reinhard Haller To: freebsd-questions@freebsd.org Message-ID: <4BFC00C1.6070003@interactive-net.de> x-scalix-Hops: 1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9.1.9) Gecko/20100317 Lightning/1.0b1 Thunderbird/3.0.4 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Disposition: inline X-ACL-rcpt: freebsd-questions@freebsd.org X-ACL-Send: reinhard.haller@interactive-net.de X-Provags-ID: V01U2FsdGVkX18avvJxhVb4oYc2Ke0MYhM4I4puxe70arsiIpz u6XgUVB8+HtknJe1JewfH3VVks3exH4ulcKFRZFfFQhPlk9Pue Vqqbar5BuYkeOJ//nHRCnf2Ex00xWbUoMK3drAm6EA6SPhekbg hWA== Subject: ipv6 network traffic monitoring -- searching a working probe software X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2010 16:54:31 -0000 Hi, currently I'm monitoring the network traffic with ng_netflow and nfdump/nfsen is used to collect, display and analyze the network traffic. I'm reviewing the tools to monitor ipv6. ng_netflow doesn't support ipv6 (is there a schedule to implement the needed protocol version 9?). I tried it with softflowd, seeing there is a constant offset of 4294959.134 in the duration and the nfsen filtering (in/out if x) doesn't work at all. YAF flows aren't recognized by nfsen. Any suggestions how to monitor ipv6 traffic? Thanks Reinhard