Mikrotik’s Traffic Flow
2y ago
58 Views
1 Downloads
1.82 MB
22 Pages
Report/dmca
Download PDF

Transcription

Mikrotik’strafficflow

Hello!I am Isa Pangestu25 yo. Single. NE at PT. Infinys System IndonesiaUsed Mikrotik since : 2013Certificates of Mikrotik : MTCNA, MTCRE, MTCINESharing is Caring. I’d also love to get newexperiences and projects

MIKROTIK’STRAFFIC ic Flow

MikroTik Traffic-Flow is a system thatprovides statistic information about packetswhich pass through the router.

Advantage(s) Network Monitoring Network Accounting Identify your network

FLOW PROTOCOLS Netflow : Cisco jFlow : Juniper sFlow : Dell, HP Traffic Flow : Mikrotik Netstream : Huawei .etc

FLOW ROLES Flow Exporter : export flows recordstowards flow collectors Flow Collector : processing of flowdata received from a flow exporter Analysis Apps : analyzed receivedflow data

Flow /media/File:NetFlow Architecture 2012.png

TRAFFIC FLOW FORMATS : version 1 - the first version of NetFlowdata format, do not use it, unless youhave to version 5 - Version 5 has possibility toinclude BGP AS and flow sequencenumber information. Currently RouterOSdoes not include BGP AS numbers. version 9 - a new format which can beextended with new fields and recordtypes thank's to its template-styledesign

Mikrotik’s traffic flow supportsRecords of Traffic Flow MikrotikMikrotik RouterOS v6.39.1 (stable)

COLLECTTRAFFICMIKROTIKSetup Mikrotik as a Flow Exporter ServerFlow Collector

SETUP MIKROTIK AS A FLOWEXPOTER/ip traffic-flowset cacheentries 64kenabled yesinterfaces ether7First, we enabledwhat interface’sgoing to be exporterthe flow records tothe flow collector./ip traffic-flow targetadd dstaddress 103.x.y.221port 600 srcaddress 103.x.y.229version 5Then, set the targetof flow collector IP.The default port is600.The version flowrecord that we useis version 5.

CREATER SERVER AS A FLOWCOLLECTORIn this case, Iused PRTG as aFlow Collectorwith the IPAddress103.x.y.221I just activatefor src-ip, dst-ip,dst-port, srcport, andprotocolsOur firewallallowed port 600with UDPprotocols tonetwork.

SCREENSHOTS

SCREENSHOTS

SCREENSHOTS

SCREENSHOTS

How do we useTRAFFIC FLOW ASA DDOS DETECTORWe’re still researching it

OUR THOUGHT THE PROCESSExportquery flowrecordsGet Srcmost highBandwidthDiscard allconnectionfromsource

Thanks!Any questions?You can find me at:@isapangestuIsa com

CreditsSpecial thanks to all the people who made andreleased these awesome resources for free: Presentation template by SlidesCarnival Photographs by Unsplash

version 1 - the first version of NetFlow data format, do not use it, unless you have to version 5 - Version 5 has possibility to include BGP AS and flow sequence number information. Currently RouterOS does not include BGP AS numbers. version 9 - a ne

Related Books

MikroTik Traffic Flow Network Monitoring / PRTG

MikroTik Traffic Flow Network Monitoring / PRTG

Managing SIP traffic with Zeus Traffic Manager

Managing SIP traffic with Zeus Traffic Manager

Sistemet Wireless Profesionale MikroTik dhe CAPsMAN

Sistemet Wireless Profesionale MikroTik dhe CAPsMAN

We Attend 173 - MikroTik

We Attend 173 - MikroTik

Using SolidWorks Flow Simulation to Calculate the Flow .

Using SolidWorks Flow Simulation to Calculate the Flow .

Manual: Flow Test Data Book and Flow Handbook for 405 .

Manual: Flow Test Data Book and Flow Handbook for 405 .

MANUAL OF POLICE TRAFFIC SERVICES POLICIES AND PROCEDURES

MANUAL OF POLICE TRAFFIC SERVICES POLICIES AND PROCEDURES

BIG-IP Local Traffic Management: Basics - F5

BIG-IP Local Traffic Management: Basics - F5

Configuration Guide for F5 BIG-IP Local Traffic Manager .

Configuration Guide for F5 BIG-IP Local Traffic Manager .

Configuration Guide for BIG-IP Local Traffic Management - F5

Configuration Guide for BIG-IP Local Traffic Management - F5

Wireshark Packet & Traffic Analysis

Wireshark Packet & Traffic Analysis

and Using Wireshark for Capturing Network Traffic

and Using Wireshark for Capturing Network Traffic

PopularTags

Recent Views