Repeater Filter Service
The Repeater Filter Service is a feature that allows you to intelligently route incoming NetFlow data to different destinations based on configurable rules. While the service was originally designed for simple data forwarding, its enhanced filtering capabilities enable you to direct a subset of data to specific destinations.
The Repeater functionality is available only on Linux and is limited to retransmitting NetFlow data received via UDP.
How It Works
This service uses a list of filters to determine where to forward data from specific exporters. You can create rules to forward flow data from a particular exporter IP address, or an IP subnet of exporters to a distinct destination.
If a specific destination for the Repeater is not defined in any of the filter rules, it will receive all incoming flows by default.
Creating Filters
The filters are defined in lists, which enable you to configure which exporters' flow data is forwarded to which destinations.
Here is a parameter description for the example you provided.
Parameters
| Parameter Name | Description |
|---|---|
| Exporter IPv4 subnet address | The IPv4 address of the network device you want to filter. This is a crucial part of the filter rule. |
| Exporter IPv4 subnet mask | The subnet mask associated with the Exporter IPv4 subnet address. This defines the range of the network or a specific host to be filtered. |
| Repeater destination IPv4 address | The IPv4 address of the host where the filtered flow data will be forwarded. |
| Comment | An optional, user-defined field to add a description or note about the filter rule. |
IPv4 list example:
Exporter IPv4 subnet address, Exporter IPv4 subnet mask, Repeater destination IPv4 address, Comment
10.0.5.21,32,10.0.5.194,my-dev-lab
IPv6 list example:
Exporter IPv6 subnet address, Exporter IPv6 subnet mask, Repeater destination IPv6 address, Comment
2001:0db8:0003::,64,2001:db8:3:4:5:6:7:f,my-ipv6-dev-lab
Please note: Without Repeater filters all flows are re-transmitted to all "Repeter" destinations. If filters are created, only flows matching exporter subnets are re-transmitted to the corresponding destinations.
Catch-All Destination
A special repeater destination, called catch-all, can be created to capture and retransmit flows from exporters not in the list of subnets. It should be specified as: 255.255.255.255,32.
