Guest

Cisco IOS Software Releases 12.0 S

NetFlow Multiple Export Destinations

  • Viewing Options

  • PDF (175.3 KB)
  • Feedback
NetFlow Multiple Export Destinations

Table Of Contents

NetFlow Multiple Export Destinations

Feature Overview

Benefits

Restrictions

Related Documents

Supported Platforms

Supported Standards, MIBs, and RFCs

Prerequisites

Configuration Tasks

Configuring Multiple NetFlow Export Destinations to a Router

Configuring Multiple NetFlow Export Destinations on an Aggregation Cache

Verifying Data Export

Configuration Examples

Multiple NetFlow Export Destinations Example

Multiple NetFlow Export Destinations on an Aggregation Cache Example

Command Reference

ip flow-aggregation cache

ip flow-export destination

show ip flow export


NetFlow Multiple Export Destinations


Feature History

Release
Modification

12.0(19)S

This feature was introduced on the Cisco 12000 Internet router.

12.0(19)ST

This feature was integrated into Cisco IOS Release 12.0(19)ST.

12.2(2)T

This feature was integrated into Cisco IOS Release 12.2(2)T.

12.2(14)S

This feature was integrated into Cisco IOS Release 12.2(14)S.


This feature module describes the NetFlow Multiple Export Destinations feature. It includes information on the benefits of the new feature, supported platforms and standards, and the commands necessary for configuration.

This document includes the following sections:

Feature Overview

Supported Platforms

Supported Standards, MIBs, and RFCs

Prerequisites

Configuration Tasks

Configuration Examples

Command Reference

Feature Overview

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data. With this feature enabled, two identical streams of NetFlow data are sent to the destination host. Currently, the maximum number of export destinations allowed is two.

The NetFlow Multiple Export Destinations feature is only available if NetFlow is configured.

Benefits

The NetFlow Multiple Export Destinations feature improves the chances of receiving complete NetFlow data by providing redundant streams of data. By sending the exact same export data to more than one NetFlow collector, fewer packets will be lost.

Restrictions

To export data to multiple destinations, NetFlow must be configured on the router.

Related Documents

For more information on enabling NetFlow, refer to the "Configuring NetFlow Switching" chapter in the Cisco IOS Switching Services Configuration Guide.

Supported Platforms

This feature is supported on the following platforms for Cisco IOS Release 12.0(19)S and 12.0(19)ST:

Cisco 7200 series

Cisco 7500 series

Cisco 12000 Internet router

This feature is supported on the following platforms for Cisco IOS Release 12.2(2)T:

Cisco 1400 series

Cisco 1600 series

Cisco 1700 series

Cisco 2500 series

Cisco 2600 series

Cisco 3620 router

Cisco 3640 router

Cisco 3660 router

Cisco 4500-M router

Cisco AS5300 Universal Access Server

Cisco AS5800 High Density Carrier Class Access Concentrator

This feature is supported on the following platforms for Cisco IOS Release 12.2(14)S:

Cisco 7200 series

Cisco 7400 series

Cisco 7500 series

Supported Standards, MIBs, and RFCs

Standards

None

MIBs

None

For descriptions of supported MIBs and how to use MIBs, see the Cisco MIB web site on CCO at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.

RFCs

None

Prerequisites

NetFlow must be enabled before any NetFlow data can be exported.

Configuration Tasks

See the following sections for configuration tasks for the NetFlow Export Destinations feature. Each task in the list indicates if the task is optional or required.

Configuring Multiple NetFlow Export Destinations to a Router (Optional)

Configuring Multiple NetFlow Export Destinations on an Aggregation Cache (Optional)

Configuring Multiple NetFlow Export Destinations to a Router

To configure multiple NetFlow export destinations to a router, use the following commands in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# ip flow-export destination ip-address 
udp-port

Enables the exporting of information in NetFlow cache entries.

Step 2 

Router(config)# ip flow-export destination ip-address 
udp-port

Adds a second export destination.


Note Do not enter the same ip address twice. However, entering two different ip addresses with the same udp port number is configurable.


To disable one or both of the NetFlow export destinations, use the following command in global configuration mode:

Command
Purpose
Router# no ip flow-export destination ip-address udp-port

Disables one or both of the NetFlow export destinations.



Note The no command should specify both the ip-address and the udp-port, so that the target can be uniquely identified.


Configuring Multiple NetFlow Export Destinations on an Aggregation Cache

To configure multiple NetFlow export destinations on an aggregation cache, use the following commands in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# ip flow-aggregation cache 
destination-prefix

Configures the Destination Prefix aggregation cache scheme.

Step 2 

Router(config-flow-cache)# export destination 
ip-address port

Enables the exporting of information from NetFlow aggregation caches.

Step 3 

Router(config-flow-cache)# export destination 
ip-address port

Adds a second export destination.

To disable one or both of the NetFlow export destinations, use the following command in global configuration mode:

Command
Purpose
Router# no export destination ip-address port

Disables one or both of the NetFlow export destinations.



Note The no command should specify both the ip-address and the udp-port, so that the target can be uniquely identified.


Verifying Data Export

To verify data export, use the following command in privileged EXEC mode.

Command
Purpose

Router# show ip flow export

Displays the statistics for the data export.


Configuration Examples

This section provides the following configuration examples:

Multiple NetFlow Export Destinations Example

Multiple NetFlow Export Destinations on an Aggregation Cache Example

Multiple NetFlow Export Destinations Example

The following example enables the exporting of information in NetFlow cache entries:

ip flow-export destination 10.42.42.1 9991
ip flow-export destination 10.0.101.254 1999

The following example disables the exporting of information to the first destination while retaining the second destination:

no ip flow-export destination 10.42.42.1 9991

Multiple NetFlow Export Destinations on an Aggregation Cache Example

The following example, enables the exporting of information from the NetFlow aggregation cache:

ip flow-aggregation cache destination-prefix
  export destination 10.0.101.254 9991
  export destination 10.0.101.254 1999

The following example disables the exporting of information to the second destination:

no export destination 10.0.101.254 1999

Command Reference

This section documents modified commands. All other commands used with this feature are documented in the Cisco IOS Release 12.1 command reference publications.

Modified Cisco IOS commands are as follows:

ip flow-aggregation cache

ip flow-export destination

show ip flow export

ip flow-aggregation cache

To enable aggregation cache configuration mode, use the ip flow-aggregation cache command in global configuration mode. To disable aggregation cache configuration mode, use the no form of this command.

ip flow-aggregation cache {as | destination-prefix | prefix | protocol-port | source-prefix}

no ip flow-aggregation cache {as | destination-prefix | prefix | protocol-port | source-prefix}

Syntax Description

as

Configures the autonomous system aggregation cache scheme.

destination-prefix

Configures the destination prefix aggregation cache scheme.

prefix

Configures the prefix aggregation cache scheme.

protocol-port

Configures the protocol port aggregation cache scheme.

source-prefix

Configures the source prefix aggregation cache scheme.


Defaults

This command is not enabled by default.

Command Modes

Global configuration.

Command History

Release
Modification

12.0(3)T

This command was introduced.

12.2(2)T

This command was modified to enable multiple NetFlow export destinations.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S


Usage Guidelines

You can only enable a single aggregation cache configuration scheme, such as the Prefix aggregation cache scheme, per command line.

Examples

The following example shows how to enable an autonomous system aggregation scheme:

ip flow-aggregation cache as

The following example shows how to configure Multiple NetFlow Export Destinations on an Aggregation Cache:

ip flow-aggregation cache destination-prefix
  export destination 10.0.101.254 9991
  export destination 10.0.101.254 1999

Related Commands

Command
Description

show ip cache flow aggregation

Displays the aggregation cache configuration.


ip flow-export destination

To enable the exporting of information in NetFlow cache entries, use the ip flow-export destination command in global configuration mode. To disable the exporting of information, use the no form of this command.

ip flow-export destination ip-address udp-port

no ip flow-export destination ip-address udp-port

Syntax Description

ip-address

IP address of the workstation to which you want to send the NetFlow information.

udp-port

UDP protocol-specific port number.


Defaults

Disabled

Command Modes

Global configuration

Command History

Release
Modification

11.1 CA

This command was introduced.

12.2(2)T

This command was modified to enable multiple NetFlow export destinations.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S


Usage Guidelines

To configure multiple NetFlow export destinations to a router, enter the ip flow-export destination command twice, once for each destination. Do not enter the same ip address twice. However, entering two different ip addresses with the same udp port number is configurable.

There is a lot of information in a NetFlow cache entry. When NetFlow is enabled with the ip route-cache flow command, you can use the ip flow-export destination command to configure the router to export the flow cache entry to a workstation when a flow expires. This feature can be useful for purposes of statistics, billing, and security.

Version 5 format includes the source and destination AS addresses, source and destination prefix masks, and a sequence number. Because this change may appear on your router as a maintenance release, support for version 1 format is maintained with the version 1 keyword.

For more information on version 1 and version 5 data format, refer to the "NetFlow Data Format" section in "Configuring NetFlow Switching" chapter of the Cisco IOS Switching Services Configuration Guide.

Examples

The following example configures the router to export he NetFlow cache entry to multiple export destinations:

ip flow-export destination 10.42.42.1 9991
ip flow-export destination 10.0.101.254 9991

Related Commands

Command
Description

ip route-cache flow

Enables NetFlow accounting for IP routing.


show ip flow export

To display the statistics for the data export, including the main cache and all other enabled caches, use the show ip flow export command in EXEC mode.

show ip flow export

Syntax Description

This command has no keywords and arguments.

Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

11.1CC

This command was introduced.

12.2(2)T

This command was modified to display multiple NetFlow export destinations.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S


Usage Guidelines

The following example shows how to use the show ip flow export command:

show ip flow export

Flow export is enabled
   Exporting flows to 10.42.42.1 (9991) 10.0.101.254 (9991) 
   Exporting using source IP address 10.0.101.203
   Version 5 flow records
   Export Stats for 10.42.42.1 (9991)
           3 flows exported in 3 udp datagrams
           0 flows failed due to lack of export packet
           3 export packets were sent up to process level
           0 export packets were dropped due to no fib
           0 export packets were dropped due to adjacency issues
           0 export packets were dropped enqueuing for the RP
           0 export packets were dropped due to IPC rate limiting
   Export Stats for 10.0.101.254 (9991)
           7 flows exported in 7 udp datagrams
           0 flows failed due to lack of export packet
           6 export packets were sent up to process level
           0 export packets were dropped due to no fib
           0 export packets were dropped due to adjacency issues
           0 export packets were dropped enqueuing for the RP
           0 export packets were dropped due to IPC rate limiting