×

UniFi Video will reach end-of-support on December 31st, 2020.

For more information, please refer to the official community notice.

UISP - NetFlow

Overview

The NetFlow platform brings useful features such as IP data flow recording. This article explains how to configure this feature on UISP.

Table of Contents

  1. Introduction
  2. Configuration
  3. Difference between NMS and CRM NetFlow
  4. Transferred Data
  5. Troubleshooting
  6. Related Articles

Introduction

Back to Top

The UISP supports recording IP data flows thanks to the NetFlow protocol. NetFlow versions 5 and 9 are supported. Any router that supports NetFlow data analysis may be used for this, but it is recommended to use the router that is functioning as the gateway from your network to the Internet. The plan is to gradually increment the use of data collected from NetFlow in a whole range of UISP features. 
It is possible to enable NetFlow on EdgeRouter devices with one click, in order to provide data for the CRM plugin. 

Configuration

Back to Top

In UISP settings there is a section for UISP Gateways. Those are devices on the edge of a network and therefore well suited for measurement of data throughput. It is preferable to use Ubiquiti EdgeRouter devices in order to fully utilize UISP capabilities in this regard. To add a Gateway, go to Settings -> Network and press the button "+ Add new gateway". 
network.png

After that, a pop up will appear where a specific device has to be selected. Once the selection is made a WAN interface needs to be selected from a list of all interfaces found on that device.

gateway.png

Make sure the "Allow NetFlow" is turned ON in order to enable it.

Difference between UISP and CRM NetFlow

Back to Top

  • UISP doesn't count the service traffic between UISP server and devices into the total amount of transferred data. This can lead to some differences from UCRM measurement depending on, where the UISP server is placed in the network topology.
  • UISP newly doesn't count any broadcast communication since it can lead to a discovery of non-existent unknown IP addresses. Also, different discovery protocols can distort transferred data.
  • Before the integration of UCRM with UISP, it was important where are both servers placed in the network topology as the data are measured on the router and periodically send to the server. If the server is inside the measured range the process of sending the data itself is increasing the data flow in the network. On the other hand, if the server is outside the network then this doesn't happen.
  • NetFlow is using the UDP protocol to send the data and if the UISP server was behind the Internet, then a packet loss could occur. Please note that we are working on a better solution where data will be safely transferred via already opened WebSocket, making it secure and more reliable even in the cloud.
  • There can be a noticeable difference if the range of monitored IP in UISP doesn't cover the addresses of all devices that are to be measured.
  • When a duplicate NetFlow packet arrives in UISP within 30 sec, it is not counted in. In UCRM those packets do count.
  • It is critical to make sure all devices are correctly attached to a Client Site and that all of their IP addresses are known to UISP.
User Tip: There should be minimum IP addresses in the section Unknown Devices as those are addresses of devices in the network which UISP is not able to pair with any device. If there are some values in this section, it is possible that NetFlow data would not be accurate. 

Transferred Data

Back to Top

Transferred Data is a feature available in UISP. It is the volume of transferred data for a specific client (remember we are using the term client in a network topology meaning, not as a business term for a customer). You can see it as the 'Usage' item at the upper left corner of the graph. The value is updated every 5 minutes and it shows the amount of data transferred during the last hour. Alternatively, it can show the amount of data transferred during the last day or month, in which case it is being updated each hour.

Additionally, the NetFlow data is a very important element in the integration of UISP with UCRM. The information provided is used to calculate the volume of transferred data per customer.netflow.png



Troubleshooting

Back to Top

  1. On the router where NetFlow data are coming from, check at what IP address and port you pointed NetFlow service.
  2. Go back to the UISP server and find out what is the IP of your UISP instance. Run 'sudo route' and look for the default interface. Then use the command 'sudo ifconfig INTERFACE' to get the IP address.
  3. Find out what port is the NetFlow service using. The command is 'sudo docker ps'. Compare the value from step 1 to the values you acquired in steps 2 and 3.
  4. Return to the router and run tcpdump to find out if NetFlow data are being sent 'sudo tcpdump -i any -n port NFport' the value of NFport should match the port on which the NetFlow service runs.
  5. Run the same test on the UISP server to make sure NetFlow data are received there.
  6. Check the configuration of your router and make sure that NetFlow is configured for a single (WAN) interface.

If all of those points are OK, then please use the support request form to create a ticket.

NOTE: UISP will read the value of Settings->UISP ->UISP Hostname/IP resolves it to IP address and write it to the gateway. When that IP is changed, UISP can recognize it and rewrite the value on the gateway accordingly. If the gateway sees UISP under a different address than the one mentioned above, the NetFlow configuration will not work.

Related Material

Back to Top

UCRM - Ubiquiti's Billing and Customer Management System
UISP - Optional Installation Steps

Was this article helpful?
18 out of 22 found this helpful

Submit an RMA request

Visit the Ubiquiti RMA portal to submit a warranty claim for your Ubiquiti device.

Visit the RMA portal >

Plan your UniFi Deployment

Use the Design Center to design your UniFi Network using the most suitable products.

Try the UniFi Design Center >

Talk to other Ubiquiti users

Visit our worldwide community of Ubiquiti experts for more answers and solutions.

Ask the Ubiquiti Community >