On Tue, 11 Sep 2018 12:16:46 -0700 "Santhosh Fernandes"
<santhosh.fernandes@...> wrote:

I am trying to collect IPFIX flow data from the linux host interface.

Why IPFIX and not sFlow or netflow ?

Can someone guide me the best way to collect the data using XDP.

It depends a bit on you setup. Assuming you want to do this "inline"
on the box receiving the traffic. Then you should know/learn, that XDP
cannot allocate a new packet (that e.g. could be used sending
IPFIX/sFlow info directly). Instead, I would use the perf-ringbuffer
to store sampled-packets (via copy), and then code a userspace program
that reads from this perf-ringbuffer, and it will communicate with the
central IPFIX/sFlow server.

Any samples for reference will be a great help. 

From XDP howto use the perf-ringbuffer via bpf_perf_event_output,
samples are avail here:
https://github.com/torvalds/linux/blob/master/samples/bpf/xdp_sample_pkts_kern.c
https://github.com/torvalds/linux/blob/master/samples/bpf/xdp_sample_pkts_user.c

Notice, there are also plenty of BCC examples using the perf-ringbuffer,
look for BCC code with:
BPF_PERF_OUTPUT(events);
events.perf_submit(ctx, data, sizeof(struct data_t));

--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer