# NetFlow configuration on Catalyst and Nexus switches


Background information

- The NetFlow cache on the Multilayer Switch Feature Card (MSFC) captures statistics for flows routed in software.
- The NetFlow cache on the Policy Feature Card (PFC) captures statistics for flows routed in hardware.
- A flow mask defines the format of a cache entry in the NetFlow cache table.
- You need to configure Netflow Data Export (NDE) to export NetFlow statistics to a NetFlow collector.


Catalyst NetFlow configuration

- MSFC configuration

Catalyst(config)# interface vlan10
Catalyst(config-if)# ip route-cache flow
Catalyst(config)# ip flow-export version 5
Catalyst(config)# ip flow-cache timeout active 5 ! Delete active cache entries after 5 minutes
Catalyst(config)# ip flow-cache timeout inactive 15 ! Delete inactive cache entries after 15 seconds

- PFC configuration

Catalyst(config)# mls netflow
Catalyst(config)# mls flow ip full-interface ! Flow mask on the PFC
Catalyst(config)# mls nde sender version 5
Catalyst(config)# mls aging fast ! Default threshold = 100 packets, and timeout = 32 seconds
Catalyst(config)# mls aging long 300 ! Delete active cache entries after 5 minutes
Catalyst(config)# mls aging normal 15 ! Delete inactive cache entries after 15 seconds

- Common configuration

Catalyst(config)# snmp-server ifindex persist
Catalyst(config)# ip flow-export source loopback0
Catalyst(config)# ip flow-export destination 10.0.0.1 9995

- Checks

Catalyst# show ip flow export
Catalyst# show ip cache flow
Catalyst# show mls nde
Catalyst# show snmp mib ifmib ifindex

Nexus NetFlow configuration

- Configuration

Nexus(config)# feature netflow
Nexus(config)# flow exporter collector
Nexus(config-flow-exporter)# description export netflow to collector
Nexus(config-flow-exporter)# destination 10.0.0.1
Nexus(config-flow-exporter)# version 5
Nexus(config-flow-exporter)# source loopback0
Nexus(config-flow-exporter)# transport udp 9995
Nexus(config)# flow monitor monitor_nexus
Nexus(config-flow-monitor)# exporter collector
Nexus(config-flow-monitor)# record netflow-original
Nexus(config)# int vlan10
Nexus(config-if)# ip flow monitor monitor_nexus input
Nexus(config)# flow timeout active 300
Nexus(config)# flow timeout inactive 15

- Checks

Nexus# show flow monitor monitor_nexus
Nexus# show flow exporter collector
Nexus# show flow record netflow-original
Nexus# show hardware flow ip
Nexus# show interface snmp-ifindex
Posted by t0n1
Labels: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)