Configuração de Export Flow Huawei
ip netstream as-mode 32
ip netstream timeout active 1
ip netstream timeout inactive 15
ip netstream tcp-flag enable
ip netstream export version ipfix peer-as bgp-nexthop ttl
ip netstream export template sequence-number fixed
ip netstream export index-switch 32
ip netstream export template timeout-rate 1
ip netstream sampler fix-packets 1000 inbound
ip netstream sampler fix-packets 1000 outbound
ip netstream export source X.X.X.X
ip netstream export host X.X.X.X 2055
ip netstream export template option sampler
ip netstream export template option application-label
#
ipv6 netstream as-mode 32
ipv6 netstream timeout active 1
ipv6 netstream timeout inactive 15
ipv6 netstream tcp-flag enable
ipv6 netstream export version ipfix peer-as bgp-nexthop ttl
ipv6 netstream export template sequence-number fixed
ipv6 netstream export index-switch 32
ipv6 netstream export template timeout-rate 1
ipv6 netstream sampler fix-packets 1024 inbound
ipv6 netstream sampler fix-packets 1024 outbound
ipv6 netstream export source X.X.X.X
ipv6 netstream export host X.X.X.X 2055
ipv6 netstream export template option sampler
É Necessário capturar netstrem apenas as interfaces WAN
interface Eth-Trunk1.10
ip netstream inbound
ip netstream outbound
ipv6 netstream inbound
ipv6 netstream outboundCaso utilize VS lembre de ativar o netstream na caixa principal
slot 10
ip netstream sampler to slot self
ipv6 netstream sampler to slot self
#Caso você prefira e tiver capacidade de hardware no seu servidor para utilizar port mirror, segue a baixo.
interface de destino(interface wanguard)
interface GigabitEthernet1/0/0
port-observing observe-index 1slot 9
mirror to observe-index 1 #porta de origem ( links)
interface GigabitEthernet2/0/0
port-mirroring inbound
port-mirroring outboundNo caso de utilizar Flow, com essas configurações o seu servidor de wanguard já deve estar recebendo o fluxo de pacotes, vamos observar através do TCPDUMP.
tcpdump -i ens18 port 2055