You can configure the BIG-IP® system to log information about carrier grade network address translation (CGNAT) processes and send the log messages to remote IPFIX collectors.
IPFIX is a set of IETF standards described in RFCs 5101 and 5102. The BIG-IP system supports logging of CGNAT translation events over the IPFIX protocol. IPFIX logs are raw, binary-encoded strings with their fields and field lengths defined by IPFIX templates. IPFIX collectors are external devices that can receive IPFIX templates, and use them to interpret IPFIX logs.
The configuration process involves creating and connecting the following configuration objects.
|Pool of IPFIX collectors||Create a pool of remote log servers to which the BIG-IP® system can send log messages.||Assembling a pool of IPFIX collectors.|
|Destination||Create a log destination to format the logs in IPFIX templates, and forward the logs to the IPFIX collectors.||Creating an IPFIX log destination.|
|Publisher||Create a log publisher to send logs to a set of specified log destinations.||Creating a publisher.|
|Logging Profile (optional)||Create a logging profile to configure logging options for various large scale NAT (LSN) events. The options apply to all HSL destinations.||Creating an LSN logging profile.|
|LSN pool||Associate an LSN pool with a logging profile and log publisher in order to log messages about the traffic that uses the pool.||Configuring an LSN pool.|
A log destination of the IPFIX type specifies that log messages are sent to a pool of IPFIX collectors. Use these steps to create a log destination for IPFIX collectors.
The log destination periodically retransmits all of its IPFIX templates over a UDP connection. The retransmissions are helpful for UDP connections, which are lossy.
|CSV Format||Generates log entries in comma-separated-values (csv) format.|
|Start Outbound Session||Generates event log entries at the start of a translation event for an LSN client.|
|End Outbound Session||Generates event log entries at the end of a translation event for an LSN client.|
|Start Inbound Session||Generates event log entries at the start of an incoming connection event for a translated endpoint.|
|End Inbound Session||Generates event log entries at the end of an incoming connection event for a translated endpoint.|
|Quota Exceeded||Generates event log entries when an LSN client exceeds allocated resources.|
|Errors||Generates event log entries when LSN translation errors occur.|