Welcome to our latest iteration of the NetFlow Traffic Analyzer, available now in your customer portal
Version 2020.2 is the next release following NTA 2019.4 and is compatible with Orion Platform 2020.2
This is one of three articles describing features we're introducing in the NTA 2020.2 GA Release. We’ll post the details of these features in three separate discussion threads in the NTA product forum, to help you focus on the problems you need to solve in your environment. In this thread, we’ll examine how to reconcile inconsistent flow configurations in NTA that would otherwise result in double-counted traffic.
This is a surprisingly common mis-configuration, and it’s difficult to correct in some environments. While we recommend you re-configure your router, we’ll offer you another alternative to manage these scenarios.
Reconcile your flow export configuration
Some routers support a capability to tune the export of flow records on an interface by interface basis. One common configuration choice has the potential to create a conflict in way that flow collection platforms interpret the conversations and traffic volumes associated with a particular interface.
Let’s take the example of a flow export configuration that produces both ingress and egress flow records for a single uplink interface. The other interfaces on this router are configured to export only egress traffic, but this one interface exports both.
NTA will see flow records for all of the interfaces. Each ingress flow record will provide both the ingress and egress interface indexes, allowing NTA to associate the traffic volumes with the correct interfaces with the correct directionality. However – the one interface configured to report both ingress and egress traffic will report double the egress traffic, as the same conversations will be reported on the ingress interface and again on the egress through the uplink.
There’s no simple way to distinguish this from the flow records themselves; you need some insight into the router configuration.
The simple fix for this scenario – and the fix we strongly recommend – is to enable ingress flow export only on all interfaces. That will provide a complete picture of the traffic traversing the router.
If there is some overriding reason that you desire a configuration that reports both ingress and egress flows on a specific interface, or you are unable to reconfigure the router – it’s possible in this release to reconcile the handling of flow records in NTA to account for this.
You will need to know how each of your interfaces are configured for flow export.
Navigate to “Manage Flow Sources” from the NTA Summary page. Select “Nodes”, and then select your router.
Click, “Reconcile Node”, and in this dialog, select the correct option for flow export for each interface. Click “Apply”, and the changes will be applied to flow export records received from this point in time forward. Historical data is not adjusted in any way.
More NTA Goodness
This is one of three articles on the 2020.2 NTA GA Release. Here's the complete set, for your handy reference:
Introducing the NTA 2020.2 GA Release - VMware vSphere Distributed Switch support
Introducing the NTA 2020.2 GA Release - IPAM IP Group Integration
Introducing the NTA 2020.2 GA Release - Node Traffic Reconciliation
New Orion Platform Features
With this NTA RC comes some fantastic new updates & enhancements to the Orion Platform which include:
- Monitor up to 1,000,000 elements per Orion Platform instance.
- For SAM components the limit is increased to be 550,000 components per SAM installation.
- An Orion Map to Success! - Orion Maps improvements, such as creating and customizing text boxes, labels, or layouts, incorporating custom icons, adding shapes, dynamic backgrounds, bulk administration and all new Time Travel.
- Performance enhancements
- Dashboards, Dashboards, Get Your Dashboards! All New Custom Summary Dashboards
- A Gateway To Your Fastest Upgrade Ever! - Upgrade improvements, such as pre-staging upgrades, upgrade plan reports, automating upgrades via Orion SDK
- Enhanced volume status
- 3rd Party Language Pack Support - scripts to extract UI texts from the Orion Web Console
Your Feedback Counts!
The team is incredibly interested in your feedback, and we'd like to hear more about your implementation experiences! Your consistent feedback really shapes our products; we are constantly reviewing your questions, comments, and experiences to come up with brand new feature ideas that we would want to consider for a future release. Visit our NTA Feature Requests area to tell us what you'd like to see.