Sunday, February 21, 2016

Netflow

NetFlow

 Edit 0 1

Components


Records - predefined & user-defined key fields (src ip, dst ip, src port, dst port, etc)
Flow Monitor - applied to interface; collects information about flows
Flow Exporters - sends cached flow information to outside systems (NetFlow collector)
Flow Samplers - analyzes a ratio of packets coming through an interface

Configuration


config# flow exporter ipv4flowexport
config-flow-exporter# destination 192.168.1.110
config-flow-exporter# dscp 8
config-flow-exporter# transport udp 1333

config# flow monitor ipv4flow
config-flow-monitor# description Monitors all IPv4 traffic
config-flow-monitor# record netflow ipv4 original-input
config-flow-monitor# cache timeout inactive 600
config-flow-monitor# cache timeout active 180
config-flow-monitor# cache entries 5000
config-flow-monitor# statistics packet protocol

config# interface FastEthernet0/0
config-if# ip address 192.168.39.9 255.255.255.0
config-if# ip flow monitor ipv4flow input

View/Debug Commands


show flow record
show flow monitor
show flow exporter
show flow interface
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)