This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Netflow capture from routers we don't have SNMP access to

NTA 3.5 SP1.  We have got our ISP to give us Netflow stats off the routers they have on our site - however, we don't have SNMP access to them, not even read-only.

So, we can only configure them in NPM as ICMP only - NTA complains about the interfaces being undefined when it sees traffic from them, even if I check the "accept flows from undefined interfaces" option.

Is there any solution to this?  I can't see a technical reason why I'd need to be able to SNMP manage the routers to receive the flow?!?

  • The technical reason is that the flows contain interface indexes.  If the interfaces aren't managed within Orion, then we don't know which interface to assign the flows to.

  • Thanks Chris - these routers only have two interfaces, LAN and WAN.  Is there no way to manually configure an Orion object and map the flows onto them?

    I'm not sure that we will succeed in getting SNMP access to the routers unfortunately - the ISP have already said no once, though I'm asking again.

    Do you know if the Engineers Toolkit works with unmonitored Netflows?  My only other option is to get the Netflow redirected to one of the machines we have the toolkit on.

  • I believe both NTA and the realtime NetFlow tool in Toolset work the same way.   Let me check with dev to see if there's a way to manually add the interfaces.   The only problem I see with this approach is what happens when the device gets rebooted during the course of normal maintenance and the interfaces get indexed.   You'll need to have your ISP issue "snmp-server ifindex persist", which may not be viable for your ISP either.