OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: FlangeMonkey on February 11, 2018, 03:12:42 am
-
Sup guys,
Netflow appears to be counting traffic twice, this port UPnP. Am I seeing this correctly, check out the pictures.
EDIT: I'm also seeing the same thing with NAT rules.
Thanks,
-
Mee too
-
I don't think you should have the WAN Interface selected twice.. should be only in the Egress config if I'm not mistaken. If I am, the definitely correct me because then I'M doing it wrong :)
-
I'm basing some of my config on the documentation examples. Additionally, I do want to monitor the WAN interface for direct connections, but I will test this.
-
I was setup the same way.. spoke with fitch in IRC and he mentioned removing WAN from monitoring and keeping it JUST in egress, but the fact it was set for egress SHOULD have stopped it from counting NAT traffic twice anyway, at least that was my understanding :)
-
Interfaces: (Select interface(s) to enable NetFlow on.) all interfaces on which you wont NetFlow/ Insight measures. If you don't select WAN here, there will be no WAN NetFlow/ Insight graphs.
Egress only: (Select interfaces used for WAN traffic to avoid counting NAT traffic twice.) all NAT participating WAN interfaces you selected above.
-
I use
Interfaces: LAN
Egress: WAN
I think that's how it's supposed to work, but I could be wrong. I don't know the Netflow code.
Ad would know best...
Cheers,
Franco
-
I use
Interfaces: LAN
Egress: WAN
I think that's how it's supposed to work, but I could be wrong. I don't know the Netflow code.
Ad would know best...
Cheers,
Franco
I just changed as you said, reset RRD and NetFlow, and it seems to be OK that way, WAN is measured and graphed. I can say that:
1. If this is the way it's supposed to work, the GUI is misleading - it should state Non-WAN Interfaces: and WAN interfaces:, with help comments like Select the WAN/ Non-WAN interfaces to enable NetFlow on.
2. I am definitely sure that since the beginning (about a year now) I have interpreted the interface (and help) and setup the NetFlow as stated in the previous reply and, up to a moment (late 17.1/ early 17.7), I didn't get NAT traffic counted twice. Something must have been changed on the run.
Thank you!
Ciprian
-
On factory settings WAN is the default in egress-only, but the normal interface list is empty. Let me see if the GUI labels can be cleaned up a bit to reflect what they should and should not do. :)
Thanks,
Franco
-
What about changing the default WAN?
For example, my WANs are not physical interfaces, but 2 VLANs both assigned on em0 int (inherited topology/ config). Would them be put in egress-only right when created/ assigned?
For such cases, would a GUI clean-up be sufficient, or maybe a bit of more consistency would be required in the background? And, how is this going to work: if the interface is configured with a GW then is considered to be a WAN int, and as such, put in egress-only by default? And what about using GW groups with HA/ FO scenarios?
Anyway, I'm sure will be OK and appropriately documented, but please mind the fact that an intuitive and consistent behavior, required for situations when setup is (much) more than SOHO, is desirable.
-
The config.xml needs to be populated from the model during first boot or first plugin install. We can only do best guesses here. An example for this is an IP to listen on for a service, it would auto-fill 127.0.0.1 because that is the only value that works out of the box even though its not the correct value for remote operation.
I agree, we need to be more thorough in the documentation area instead. :)
Cheers,
Franco