Flexible Netflow Configuration Guide, Cisco IOS Release 15M&T
Flexible NetFlow v9 Export Format
Downloads: This chapterpdf (PDF - 1.27MB) The complete bookPDF (PDF - 3.66MB) | Feedback

Flexible NetFlow v9 Export Format

Flexible NetFlow v9 Export Format

This feature enables sending export packets using the Version 9 export format.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for Flexible NetFlow v9 Export Format

  • The networking device must be running a Cisco release that supports Flexible NetFlow.

Information About Flexible NetFlow v9 Export Format

Flow Exporters

Flow exporters are created as separate components in a router’s configuration. Exporters are assigned to flow monitors to export the data from the flow monitor cache to a remote system such as a NetFlow collector. Flow monitors can support more than one exporter. Each exporter can be customized to meet the requirements of the flow monitor or monitors in which it is used and the NetFlow collector systems to which it is exporting data.

Benefits of Flexible NetFlow Flow Exporters

Flexible NetFlow allows you to configure many different flow exporters, depending on your requirements. Some of the benefits of Flexible NetFlow flow exporters are as follows:

  • Using flow exporters, you can create an exporter for every type of traffic that you want to analyze so that you can send each type of traffic to a different NetFlow collector. Original NetFlow sends the data in a cache for all of the analyzed traffic to a maximum of two export destinations.
  • Flow exporters support up to ten exporters per flow monitor. Original NetFlow is limited to only two export destinations per cache.
  • Flow exporters can use both TCP and UDP for export.
  • Depending on your release, flow exporters can use class of service (CoS) in the packets that are sent to export destinations to help ensure that the packets are given the correct priority throughout the network. Original NetFlow exporters do not use CoS in the packets that are sent to export destinations.
  • Depending on your release, flow exporter traffic can be encrypted.

How to Configure Flexible NetFlow v9 Export Format

Configuring the Flow Exporter

Perform this required task to configure the flow exporter.


Note


Each flow exporter supports only one destination. If you want to export the data to multiple destinations, you must configure multiple flow exporters and assign them to the flow monitor.

You can export to a destination using either an IPv4 or IPv6 address.


SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    flow exporter exporter-name

    4.    description description

    5.    destination {ip-address | hostname} [vrf vrf-name]

    6.    export-protocol {netflow-v5 | netflow-v9 | ipfix}

    7.    dscp dscp

    8.    source interface-type interface-number

    9.    option {exporter-stats | interface-table | sampler-table | vrf-table} [timeout seconds]

    10.    output-features

    11.    template data timeout seconds

    12.    transport udp udp-port

    13.    ttl seconds

    14.    end

    15.    show flow exporter exporter-name

    16.    show running-config flow exporter exporter-name


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.
     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 flow exporter exporter-name


    Example:
    Device(config)# flow exporter EXPORTER-1
     

    Creates the flow exporter and enters Flexible NetFlow flow exporter configuration mode.

    • This command also allows you to modify an existing flow exporter.
     
    Step 4 description description


    Example:
    Device(config-flow-exporter)# description Exports to the datacenter
     

    (Optional) Configures a description to the exporter that will appear in the configuration and the display of the show flow exporter command.

     
    Step 5 destination {ip-address | hostname} [vrf vrf-name]


    Example:
    Device(config-flow-exporter)# destination 172.16.10.2
     

    Specifies the IP address or hostname of the destination system for the exporter.

    Note   

    You can export to a destination using either an IPv4 or IPv6 address.

     
    Step 6 export-protocol {netflow-v5 | netflow-v9 | ipfix}


    Example:
    Device(config-flow-exporter)# export-protocol netflow-v9
     

    Specifies the version of the NetFlow export protocol used by the exporter. The export of extracted fields from NBAR is supported only over IPFIX.

    • Default: netflow-v9.
     
    Step 7 dscp dscp


    Example:
    Device(config-flow-exporter)# dscp 63
     

    (Optional) Configures differentiated services code point (DSCP) parameters for datagrams sent by the exporter.

    • The range for the dscp argument is from 0 to 63. Default: 0.
     
    Step 8 source interface-type interface-number


    Example:
    Device(config-flow-exporter)# source ethernet 0/0
     

    (Optional) Specifies the local interface from which the exporter will use the IP address as the source IP address for exported datagrams.

     
    Step 9 option {exporter-stats | interface-table | sampler-table | vrf-table} [timeout seconds]


    Example:
    Device(config-flow-exporter)# option exporter-stats timeout 120
     

    (Optional) Configures options data parameters for the exporter.

    • You can configure all three options concurrently.
    • The range for the seconds argument is 1 to 86,400. Default: 600.
     
    Step 10 output-features


    Example:
    Device(config-flow-exporter)# output-features
     

    (Optional) Enables sending export packets using quality of service (QoS) and encryption.

     
    Step 11 template data timeout seconds


    Example:
    Device(config-flow-exporter)# template data timeout 120
     

    (Optional) Configures resending of templates based on a timeout.

    • The range for the seconds argument is 1 to 86400 (86400 seconds = 24 hours).
     
    Step 12 transport udp udp-port


    Example:
    Device(config-flow-exporter)# transport udp 650
     

    Specifies the UDP port on which the destination system is listening for exported datagrams.

    • The range for the udp-port argument is from 1 to 65536.
     
    Step 13 ttl seconds


    Example:
    Device(config-flow-exporter)# ttl 15
     

    (Optional) Configures the time-to-live (TTL) value for datagrams sent by the exporter.

    • The range for the seconds argument is from 1 to 255.
     
    Step 14 end


    Example:
    Device(config-flow-exporter)# end
     

    Exits flow exporter configuration mode and returns to privileged EXEC mode.

     
    Step 15 show flow exporter exporter-name


    Example:
    Device# show flow exporter FLOW_EXPORTER-1
     

    (Optional) Displays the current status of the specified flow exporter.

     
    Step 16 show running-config flow exporter exporter-name


    Example:
    Device# show running-config flow exporter FLOW_EXPORTER-1 
     

    (Optional) Displays the configuration of the specified flow exporter.

     

    Configuration Examples for Flexible NetFlow v9 Export Format

    Example: Configuring NetFlow v9 Export Format

    The following example shows how to configure version 9 export for Flexible NetFlow.

    This example starts in global configuration mode.

    !
    flow exporter EXPORTER-1
     destination 172.16.10.2
     export-protocol netflow-v9
     transport udp 90
     exit
    !
    flow record v4_r1
    match ipv4 tos
    match ipv4 protocol
    match ipv4 source address
    match ipv4 destination address
    match transport source-port
    match transport destination-port
    collect counter bytes long
    collect counter packets long
    !
    flow monitor FLOW-MONITOR-1
     record v4_r1
     exporter EXPORTER-1
    !
    ip cef
    !
    interface GigabitEthernet 0/0/0
     ip address 172.16.6.2 255.255.255.0
     ip flow monitor FLOW-MONITOR-1 input
    !
    

    Additional Reference for Flexible NetFlow v9 Export Format

    Related Documents

    Related Topic

    Document Title

    Cisco IOS commands

    Cisco IOS Master Command List, All Releases

    Flexible NetFlow conceptual information and configuration tasks

    Flexible NetFlow Configuration Guide

    Flexible NetFlow commands

    Cisco IOS Flexible NetFlow Command Reference

    Standards

    Standard

    Title

    None

    MIBs

    MIB

    MIBs Link

    None

    To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

    http:/​/​www.cisco.com/​go/​mibs

    RFCs

    RFC

    Title

    RFC 3954

    Cisco Systems NetFlow Services Export Version 9

    Technical Assistance

    Description

    Link

    The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

    To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

    Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

    http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

    Feature Information for Flexible NetFlow - NetFlow v9 Export Format

    The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

    Table 1 Feature Information for Flexible NetFlow - NetFlow v9 Export Format

    Feature Name

    Releases

    Feature Information

    Flexible NetFlow - NetFlow v9 Export Format

    12.2(33)SRE

    12.2(50)SY

    12.4(9)T

    15.0(1)SY

    15.0(1)SY1

    Cisco IOS XE Release 3.1S

    Cisco IOS XE Release 3.2SE

    This feature enables sending export packets using the Version 9 export format.

    Support for this feature was added for Cisco 7200 and 7300 Network Processing Engine (NPE) series routers in Cisco IOS Release 12.2(33)SRE.

    The following commands were introduced or modified: export-protocol.