Flexible Netflow Configuration Guide, Cisco IOS Release 15SY
Configuring Accounting for IPv6 Layer 2 Bridged Traffic
Downloads: This chapterpdf (PDF - 155.0KB) The complete bookPDF (PDF - 1.34MB) | Feedback

Configuring Accounting for IPv6 Layer 2 Bridged Traffic

Configuring Accounting for IPv6 Layer 2 Bridged Traffic

Last Updated: October 12, 2012

This document contains information about and instructions for configuring sampling to reduce the CPU overhead of analyzing traffic with Flexible NetFlow.

NetFlow is a Cisco technology that provides statistics on packets flowing through a router. NetFlow is the standard for acquiring IP operational data from IP networks. NetFlow provides data to support network and security monitoring, network planning, traffic analysis, and IP accounting.

Flexible NetFlow improves on original NetFlow by adding the capability to customize the traffic analysis parameters for your specific requirements. Flexible NetFlow faciltates the creation of more complex configurations for traffic analysis and data export through the use of reusable configuration components.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn . An account on Cisco.com is not required.

Prerequisites for Monitoring IPv6 Bridged Flows

  • You are familiar with the information in the " Cisco IOS Flexible NetFlow Overview " module.
  • The networking device must be running a Cisco IOS release that supports Flexible NetFlow.
  • The networking device must be configured for IPv6 routing.
  • One of the following must be enabled on your router and on any interfaces on which you want to enable Flexible NetFlow: Cisco Express Forwarding IPv6 or distributed Cisco Express Forwarding IPv6.
  • You have configured a flow record, flow monitor, flow exporter, and flow sampler as described in the "Getting Started with Configuring Flexible NetFlow," "Configuring Flexible NetFlow with Predefined Records," " Customizing Flexible NetFlow Flow Records and Flow Monitors," "Configuring Data Export for Flexible NetFlow with Flow Exporters," and "Using Flexible NetFlow Flow Sampling" modules.

Information About Monitoring IPv6 Layer 2 Bridged Traffic

This feature expands the ipv6 flow monitor command to include a layer2-bridged keyword that enables you to configure Flexible Netflow to monitor IPv6 Layer 2 bridged traffic on both Switched Virtual Interfaces (SVIs) and VLANs, with or without flow samplers.

How to Configure the Monitoring of IPv6 Layer 2 Bridged Traffic

Only the keywords and arguments required for the Flexible NetFlow commands used in these tasks are explained in these tasks. For information about the other keywords and arguments available for these Flexible NetFlow commands, refer to the Cisco IOS Flexible NetFlow Command Reference .

Configuring a Flow Record, Flow Monitor, and Exporter to Monitor IPv6 Layer 2 Bridged Traffic

To configure a flow record, flow monitor, and exporter to monitor IPv6 Layer 2 bridged traffic, perform this task.

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    flow record name

4.    match datalink source-vlan-id

5.    match flow cts destination group

6.    match flow cts source group

7.    match flow direction

8.    match interface input

9.    match interface input physical

10.    match interface output

11.    match ipv4 destination address

12.    match ipv4 dscp

13.    match ipv4 precedence

14.    match ipv4 protocol

15.    match ipv4 source address

16.    match ipv4 tos

17.    match transport destination-port

18.    match transport source-port

19.    collect counter bytes

20.    collect counter packets

21.    collect interface output

22.    collect interface input

23.    collect ipv4 destination mask

24.    collect ipv4 destination prefix

25.    collect ipv4 source mask

26.    collect ipv4 source prefix

27.    collect timestamp sys-uptime first

28.    collect timestamp sys-uptime last

29.    collect transport tcp flags

30.    exit

31.    flow exporter exporter-name

32.    export-protocol netflow-v9

33.    destination ip-address

34.    exit

35.    flow monitor name

36.    record record-name

37.    exporter exporter-name

38.    end


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Device> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Device# configure terminal

 

Enters global configuration mode.

 
Step 3
flow record name


Example:

Device(config)# flow record ipv6-bridged-traffic

 

Configures a flow record to monitor IPv6 bridged Layer 2 traffic and enters Flexible NetFlow flow record configuration mode.

 
Step 4
match datalink source-vlan-id


Example:

Device(config-flow-record)# match datalink source-vlan-id

 

Configures the source VLAN ID as a key field.

 
Step 5
match flow cts destination group


Example:

Device(config-flow-record)# match flow cts destination group

 

Configures the flow CTS destination group as a key field.

 
Step 6
match flow cts source group


Example:

Device(config-flow-record)# match flow cts source group

 

Configures the flow CTS source group as a key field.

 
Step 7
match flow direction


Example:

Device(config-flow-record)# match flow direction

 

Configures the flow direction as a key field.

 
Step 8
match interface input


Example:

Device(config-flow-record)# match interface input

 

Configures the input interface as a key field.

 
Step 9
match interface input physical


Example:

Device(config-flow-record)# match interface input physical

 

Configures the physical input interface as a key field.

 
Step 10
match interface output


Example:

Device(config-flow-record)# match interface input

 

Configures the output interface as a key field.

 
Step 11
match ipv4 destination address


Example:

Device(config-flow-record)# match ipv4 destination address

 

Configures the IPv4 destination address as a key field.

 
Step 12
match ipv4 dscp


Example:

Device(config-flow-record)# match ipv4 dscp

 

Configures the IPv4 DSCP as a key field.

 
Step 13
match ipv4 precedence


Example:

Device(config-flow-record)# match ipv4 precedence

 

Configures the IPv4 precedence as a key field.

 
Step 14
match ipv4 protocol


Example:

Device(config-flow-record)# match ipv4 protocol

 

Configures the IPv4 protocol as a key field.

 
Step 15
match ipv4 source address


Example:

Device(config-flow-record)# match ipv4 source address

 

Configures the IPv4 source address as a key field.

 
Step 16
match ipv4 tos


Example:

Device(config-flow-record)# match ipv4 tos

 

Configures the IPv4 TOS as a key field.

 
Step 17
match transport destination-port


Example:

Device(config-flow-record)# match transport destination-port

 

Configures the transport destination port as a key field.

 
Step 18
match transport source-port


Example:

Device(config-flow-record)# match transport source-port

 

Configures the transport source port as a key field.

 
Step 19
collect counter bytes


Example:

Device(config-flow-record)# collect counter bytes

 

Collects the total number of bytes.

 
Step 20
collect counter packets


Example:

Device(config-flow-record)# collect counter packets

 

Collects the total number of packets.

 
Step 21
collect interface output


Example:

Device(config-flow-record)# collect interface output

 

Collects the output interface.

 
Step 22
collect interface input


Example:

Device(config-flow-record)# collect interface input

 

Collects the input interface.

 
Step 23
collect ipv4 destination mask


Example:

Device(config-flow-record)# collect ipv4 destination mask

 

Collects the Ipv4 destination mask.

 
Step 24
collect ipv4 destination prefix


Example:

Device(config-flow-record)# collect ipv4 destination prefix

 

Collects the Ipv4 destination prefix.

 
Step 25
collect ipv4 source mask


Example:

Device(config-flow-record)# collect ipv4 source mask

 

Collects the Ipv4 source mask.

 
Step 26
collect ipv4 source prefix


Example:

Device(config-flow-record)# collect ipv4 source prefix

 

Collects the Ipv4 source prefix.

 
Step 27
collect timestamp sys-uptime first


Example:

Device(config-flow-record)# collect timestamp sys-uptime first

 

Collects the first timestamp of the system uptime.

 
Step 28
collect timestamp sys-uptime last


Example:

Device(config-flow-record)# collect timestamp sys-uptime last

 

Collects the last timestamp of the system uptime.

 
Step 29
collect transport tcp flags


Example:

Device(config-flow-record)# collect transport tcp flags

 

Collects the TCP transport flags.

 
Step 30
exit


Example:

Device(config-flow-record)# exit

 

Exits Flexible NetFlow flow record configuration mode.

 
Step 31
flow exporter exporter-name


Example:

Device(config)# flow exporter my-flow-exporter

 

Creates an FNF flow exporter and enters Flexible NetFlow flow exporter configuration mode.

 
Step 32
export-protocol netflow-v9


Example:

Device(config-flow-exporter)# export-protocol netflow-v9

 

Configures NetFlow Version 9 export as the export protocol.

 
Step 33
destination ip-address


Example:

Device(config-flow-exporter)# destination 209.165.201.1

 

Configures the IP address of the workstation to which you want to send the NetFlow information.

 
Step 34
exit


Example:

Device(config-flow-exporter)# exit

 

Exits Flexible NetFlow flow exporter configuration mode.

 
Step 35
flow monitor name


Example:

Device(config)# flow monitor ipv6-bridged-traffic

 

Configures a flow monitor for IPv6 bridged traffic and enters Flexible NetFlow flow monitor configuration mode.

 
Step 36
record record-name


Example:

Device(config-flow-monitor)# record ipv6-bridged-traffic

 

Specifies the name of a user-defined flow record that was previously configured.

 
Step 37
exporter exporter-name


Example:

Device(config-flow-monitor)# exporter my-flow-exporter

 

Specifies the name of a flow exporter that was previously configured.

 
Step 38
end


Example:

Device(config-flow-monitor)# end

 

Exits Flexible NetFlow flow monitor configuration mode and returns to privileged EXEC mode.

 

Applying a Flow Monitor to a Switched Virtual Interface to Monitor IPv6 Layer 2 Bridged Traffic

To configure Flexible Netlflow to monitor IPv6 Layer 2 Bridged Traffic on a SVI, perform this task:

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    interface vlan number

4.    ipv6 flow monitor monitor-name [sampler monitor-name ] layer2-bridged input

5.    end


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Device> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Device# configure terminal

 

Enters global configuration mode.

 
Step 3
interface vlan number


Example:

Device(config)# interface vlan 100

 

Configures an interface type and enters interface configuration mode.

 
Step 4
ipv6 flow monitor monitor-name [sampler monitor-name ] layer2-bridged input


Example:

Device(config-if)# ipv6 flow monitor ipv6-bridged-traffic sampler S1 layer2-bridged input

 

Applies the monitor to the interface.

 
Step 5
end


Example:

Device(config-if)# end

 

Exits interface configuration mode and returns to privileged EXEC mode.

 

Applying a Flow Monitor to a VLAN to Monitor IPv6 Layer 2 Bridged Traffic

To configure Flexible Netlflow to monitor IPv6 Layer 2 Bridged Traffic on a VLAN, perform this task:

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    interface vlan number

4.    ipv6 flow monitor monitor-name [sampler monitor-name ] layer2-bridged input

5.    end


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Device> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Device# configure terminal

 

Enters global configuration mode.

 
Step 3
interface vlan number


Example:

Device(config)# vlan configuration 100

 

Configures a VLAN and enters VLAN configuration mode.

 
Step 4
ipv6 flow monitor monitor-name [sampler monitor-name ] layer2-bridged input


Example:

Device(config-vlan)# ipv6 flow monitor ipv6-bridged-traffic sampler S1 layer2-bridged input

 

Applies the monitor to the VLAN.

 
Step 5
end


Example:

Device(config-vlan)# end

 

Exits VLAN configuration mode and returns to privileged EXEC mode.

 

Configuration Examples for Monitoring IPv6 Layer 2 Bridged Traffic

You can configure Flexible Netflow to monitor IPv6 Layer 2 bridged traffic on both Switched Virtual Interfaces (SVIs) and VALNs, with or without flow samplers.

Example Configuration for SVI-based Monitoring IPv6 Layer 2 Bridged Traffic

The following example is designed to monitor IPv6 Layer 2 bridged traffic on an SVI. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitorcommand.

This sample starts in global configuration mode:

!
!
flow record bridged-flow-record
 description bridged flow record
 match ipv6 destination address
 match ipv6 source address
 match interface input
 collect counter bytes long
 collect counter packets long
 exit
!
flow monitor bridged-flow-monitor	
 description bridged flow monitor
 record bridged-flow-record
 exit
!
interface vlan 100
 ipv6  flow monitor bridged-flow-monitor layer2-bridged input
 exit
!

Example Configuration for VLAN-Based Monitoring of IPv6 Layer3 Bridged Traffic

The following example is designed to monitor IPv6 Layer 2 bridged traffic on a VLAN. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitorcommand.

This sample starts in global configuration mode:

!
!
flow record bridged-flow-record
 description bridged flow record
 match ipv6 destination address
 match ipv6 source address
 match interface input
 collect counter bytes long
 collect counter packets long
 exit
!
flow monitor bridged-flow-monitor	
 description bridged flow monitor
 record bridged-flow-record
 exit
!
vlan configuration 100
 ipv6  flow monitor bridged-flow-monitor layer2-bridged input
 exit
!

Example Configuration for SVI-based Monitoring IPv6 Layer 2 Bridged Traffic Using a Flow Sampler

The following example is designed to monitor IPv6 Layer 2 bridged traffic on an SVI using a sampler. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitorcommand.

This sample starts in global configuration mode:

!
!
flow record bridged-flow-record
 description bridged flow record
 match ipv6 destination address
 match ipv6 source address
 match interface input
 collect counter bytes long
 collect counter packets long
 exit
!
flow monitor bridged-flow-monitor	
 description bridged flow monitor
 record bridged-flow-record
 exit
!
sampler S1
 mode deterministic 1 out-of 2
 exit
!
interface vlan 100
 ipv6  flow monitor bridged-flow-monitor sampler S1 layer2-bridged input
 exit
!

Example Configuration for VLAN-Based Monitoring of IPv6 Layer3 Bridged Traffic Using a Flow Sampler

The following example is designed to monitor IPv6 Layer 2 bridged traffic on a VLAN using a flow sampler. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitorcommand.

This sample starts in global configuration mode:

!
!
flow record bridged-flow-record
 description bridged flow record
 match ipv6 destination address
 match ipv6 source address
 match interface input
 collect counter bytes long
 collect counter packets long
 exit
!
flow monitor bridged-flow-monitor	
 description bridged flow monitor
 record bridged-flow-record
 exit
!
sampler S1
 mode deterministic 1 out-of 2
 exit
!
vlan configuration 100
 ipv6  flow monitor bridged-flow-monitor sampler S1 layer2-bridged input
 exit
!

Where to Go Next

For information on advanced Flexible NetFlow configurations for specific purposes such as quality of service (QoS) and bandwidth monitoring, application and user flow monitoring and profiling, and security analysis, refer to the "Customizing Cisco IOS Flexible NetFlow Flow Records and Flow Monitors" module.

If you want to configure flow sampling to reduce the CPU overhead of analyzing traffic, refer to the "Using Cisco IOS Flexible NetFlow Flow Sampling to Reduce the CPU Overhead of Analyzing Traffic" module.

If you want to configure data export for Flexible NetFlow, refer to the "Configuring Data Export for Cisco IOS Flexible NetFlow with Flow Exporters" module.

Additional References

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Commands List, All Releases

Overview of Flexible NetFlow

"Cisco IOS Flexible NetFlow Overview"

Flexible NetFlow Feature Roadmap

"Cisco IOS Flexible NetFlow Features Roadmap"

Emulating original NetFlow with Flexible NetFlow

"Getting Started with Configuring Cisco IOS Flexible NetFlow"

Configuring flow exporters to export Flexible NetFlow data.

"Configuring Data Export for Cisco IOS Flexible NetFlow with Flow Exporters"

Configuring flow sampling to reduce the overhead of monitoring traffic with Flexible NetFlow

"Using Cisco IOS Flexible NetFlow Flow Sampling to Reduce the CPU Overhead of Analyzing Traffic"

Configuring Flexible NetFlow using predefined records

"Configuring Cisco IOS Flexible NetFlow with Predefined Records"

Using Flexible NetFlow Top N Talkers to analyze network traffic

"Using Cisco IOS Flexible NetFlow Top N Talkers to Analyze Network Traffic"

Configuring IPv4 multicast statistics support for Flexible NetFlow

"Configuring IPv4 Multicast Statistics Support for Cisco IOS Flexible NetFlow"

Configuration commands for Flexible NetFlow

Cisco IOS Flexible NetFlow Command Reference

Standards

Standard

Title

None

--

MIBs

MIB

MIBs Link

None

To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFC

Title

RFC 3954

Cisco Systems NetFlow Services Export Version 9

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Configuring Accounting for IPv6 Layer 2 Bridged Traffic

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 1 Feature Information for Flexible Netflow IPv6 Bridged Flows Feature

Feature Name

Releases

Feature Information

Flexible Netflow - IPv6 bridged flows

15.1(1)SY

Flexible Netflow has been enhanced to enable the accounting of Layer 2 switched or bridged IPv6 traffic, for both SVIs and pure VLANs.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2012 Cisco Systems, Inc. All rights reserved.