๐Ÿ› ๏ธ Common Problems

Wrong time

It is extremely important that the time of the flow exporting router is properly configured, as well as accurate clock synchronization on the corresponding server.

ntpdate

The ntpdate package can help you set the time.

apt install ntpdate

Synchronize the time with Brazilian NTP servers provided by ntp.br.

ntpdate pool.ntp.br

Changing timezone

To change the timezone, use the following command:

dpkg-reconfigure tzdata

Router Time

It is extremely important that the time/UTC of the router is set correctly, for example, to UTC (-3).

Incorrect ASN names?

asn-cache-names.json

All names are obtained through the whois tool and cached in the directory /opt/rr-flow-api/geo/asn-cache-names.json. This is to optimize the process, eliminating the need for repeated queries. If you encounter any issues with the names, you can edit this file.

Debugging tools

Here are some tools that can help identify issues.

NOTE - Port

In the examples, the flow is being sent to port 3055. If this port is already being used by rr-flow-api, stop the rr-flow-api service with systemctl stop rr-flow-api

tcpdump

The following command will help you identify if the router is correctly sending the data flow.

tcpdump -n udp port 3055 -T cnfp -c 10

Don’t forget to restart the service if you stopped it: systemctl start rr-flow-api

nfcapd

Run the nfcapd (netflow) or sfcapd (sflow) command in debug mode and watch the incoming data in real time.

Netflow collection

nfcapd -E -p 3055 -w /tmp/

Sflow collection

sfcapd -E -p 3055 -w /tmp/

Don’t forget to restart the service if you stopped it: systemctl start rr-flow-api

snmpwalk

Test SNMP connectivity using the snmpwalk command.

Example:

snmpwalk -v2c -c public 192.168.0.1
snmpwalk -v2c -c public udp6:[2001:db8::1]

snmpwalk -v2c -c public 192.168.0.1 .1.3.6.1.2.1.31.1.1.1.18

hdparm

Checking Disk Performance

If you are experiencing slowness in your application and suspect the disk may be the issue, follow these steps to check disk performance.

If the hdparm command is not installed on your system, install it using the command:

apt-get install hdparm

Disk

Replace /dev/sda with the disk device you want to check. The df -hT command can show you your partitions.

Get detailed information about the disk drive.

hdparm -I /dev/sda

Test the read speed of the drive with the following command.

hdparm -tT /dev/sda

/dev/sda:
 Timing cached reads:   37316 MB in  2.00 seconds = 18692.04 MB/sec
 Timing buffered disk reads: 1022 MB in  0.47 seconds = 2182.08 MB/sec

This will perform a read test on the drive and show the average and maximum transfer rates.

To test the write speed of the drive, run the following command:

hdparm -TtW /dev/sda

/dev/sda:
 Timing cached reads:   35522 MB in  2.00 seconds = 17791.90 MB/sec
 Timing buffered disk reads: 1022 MB in  0.46 seconds = 2230.83 MB/sec

This will perform a write test and also show the average and maximum transfer rates.

NOTE

The above tests were performed on a server with nvme disks.