Netflow v9 is broken on Router OS v7.12 #1000
Description
Hello!
We received Netflow v9 pcap dump from customer with Router OS v7.12 which clearly has significant issues with Netflow:
We've retrieved many packets with artificially large length which just cannot exist in network:
1048559
1234160
1470213
1472913
1545919
Example flows:
xx:60422 > cc:22 protocol: tcp flags: ack frag: 0 packets: 1472913 size: 2007342028 bytes ip size: 2007342028 bytes ttl: 0 sample ratio: 1001 agent: cc
xx:60419 > cc:22 protocol: tcp flags: ack frag: 0 packets: 1470213 size: 2003095092 bytes ip size: 2003095092 bytes ttl: 0 sample ratio: 1001 agent: cc
xx:60420 > cc:22 protocol: tcp flags: ack frag: 0 packets: 1048559 size: 1494004676 bytes ip size: 1494004676 bytes ttl: 0 sample ratio: 1001 agent: cc
xx:60420 > cc:22 protocol: tcp flags: ack frag: 0 packets: 1234160 size: 1681949520 bytes ip size: 1681949520 bytes ttl: 0 sample ratio: 1001 agent: cc
xx:926 > cc:2049 protocol: tcp flags: ack frag: 0 packets: 1545919 size: 2318830496 bytes ip size: 2318830496 bytes ttl: 0 sample ratio: 1001 agent: cc
We're not aware about any possible workarounds for it. Please reach [email protected] directly and report this issue to them.