Netflow (IPFIX): Duration


I enabled ipfix and sent the results to a syslog server.

When I caputure the packets I see to different durations:

SrcPort: 61548
DstPort: 3128
Protocol: TCP (6)
IP ToS: Ox00
[Duration: 0.006000000 seconds (switched)]
StartTime: 1.299000000 seconds
EndTime: 1.305000000 seconds
Flow End Reason: End of Flow detected (3)
Packets: 8
Octets: 1164
[Duration: 0.060000000 seconds (milliseconds)]
StartTime: Feb 1, 2019 10:10:48.053000000 Mitteleuropäische Zeit
EndTime: Feb 1, 2019 10:10:48.113000000 Mitteleuropäische Zeit

Can someone time tell me the reason and which time is the real Duration?

Kind regards,

0 replies

Be the first to reply!