Netflow quick notes for basic config.
Send NetFlow data to a collector:
- From? (source)
- Where? (destination, port)
- How? (udp, sctp, backup)
- Version? (1,5,9)
SAMPLING / FILTERING
Not all traffic is evaluated to generate NetFlow statistics. Sampling (one packet each N) of filtering (sampling only on a class of traffic).
- applied to interface
- applied to policy map (with optional filter)
- “filter” is applied with “match” in the class map and netflow-samples in policy-map
Aggregate flows based on some criteria. Aggregated flow informations are sent to a specific destination.
ip flow-aggregation cache protocol-port cache entries 2046 cache timeout inactive 200 cache timeout active 45 export destination 10.42.42.1 9992 enabled
No need to export, NetFlow information are shown in the router itself.
enable configure terminal ip flow-top-talkers top number sort-by [bytes | packets cache-timeout milliseconds end
All information and configuration examples taken from NetFlow Configuration Guide on Cisco website.comments powered by Disqus