This documentation has been moved
Cisco IOS NetFlow Features Roadmap
Downloads: This chapterpdf (PDF - 225.0KB) The complete bookPDF (PDF - 3.83MB) | Feedback

Cisco IOS NetFlow Features Roadmap

Table Of Contents

Cisco IOS NetFlow Features Roadmap


Cisco IOS NetFlow Features Roadmap


First Published: June 19, 2006
Last Updated: July 20, 2011

This roadmap lists the features documented in the Cisco IOS NetFlow Configuration Guide. This roadmap is organized by software releases and features available in that release. For any feature, click the link in the "Where Documented" column to view the document that contains information about the feature.

Many legacy features have been incorporated into the configuration files, and these features may not have entries in this roadmap. In addition, information in this roadmap supports other software releases or platforms. For the latest feature information and caveats, see the release notes for your platform and software release.

Feature and Release Support

Table 1 lists Cisco IOS NetFlow feature support for the following Cisco IOS software release trains:

Cisco IOS Software Release 12.0S

Cisco IOS Software Release 12.2S

Cisco IOS Software Release 12.2SB

Cisco IOS Software Release 12.2SR

Cisco IOS Software Release 12.2SX

Cisco IOS Software Releases 12.2T, 12.3, 12.3T, 12.4, 12.4T and 15.0M

Cisco IOS XE Software Release

Cisco IOS Software Release 12.2ZY

Cisco IOS Software Release 12.2SY

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.


Table 1 lists the most recent release of each software train first and the features in alphabetical order within the release.

Table 1 Supported Cisco IOS NetFlow Features 

Release
Feature Name
Feature Description
Where Documented
Cisco IOS Software Release 12.0S

12.0(26)S
12.0(25)S 12.0(24)S

MPLS-aware NetFlow

Multiprotocol Label Switching (MPLS)-aware NetFlow is an extension of the NetFlow accounting feature that provides highly granular traffic statistics for Cisco routers. MPLS-aware NetFlow collects statistics on a per-flow basis just as NetFlow does. MPLS-aware NetFlow uses the NetFlow Version 9 export format.

Configuring MPLS-aware NetFlow

12.0(26)S

NetFlow BGP Next Hop Support

The NetFlow Border Gateway Protocol (BGP) Next Hop Support feature lets you measure network traffic on a per BGP next hop basis. Without the NetFlow BGP Next Hop Support feature, NetFlow exports only IP next hop information (which provides data on only the next router); this feature adds BGP next hop information to the data export.

Configuring NetFlow BGP Next Hop Support for Accounting and Analysis

12.0(11)S

NetFlow Minimum Prefix Mask for Router-Based Aggregation

The NetFlow Minimum Prefix Mask for Router-Based Aggregation feature allows you to set a minimum mask size for prefix aggregation, destination-prefix aggregation, and source-prefix aggregation schemes.

Configuring NetFlow Aggregation Caches

12.0(19)S

NetFlow Multiple Export Destinations

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data.

Configuring NetFlow and NetFlow Data Export

12.0(22)S

NetFlow Subinterface Support

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis.

Configuring NetFlow and NetFlow Data Export

12.0(15)S

NetFlow ToS-Based Router Aggregation

The NetFlow ToS-Based Router Aggregation feature enables you to limit router-based type of service (ToS) aggregation of NetFlow export data. The aggregation of export data provides a summarized NetFlow export data that can be exported to a collection device. The result is lower bandwidth requirements for NetFlow export data and reduced platform requirements for NetFlow data collection devices.

Configuring NetFlow Aggregation Caches

12.0(24)S

NetFlow v9 Export Format

NetFlow Version 9 is a flexible and extensible format that provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, Multiprotocol Label Switching (MPLS), and Border Gateway Protocol (BGP) next hop. The distinguishing feature of the NetFlow Version 9 format is that it is template based.

Configuring NetFlow and NetFlow Data Export

12.0(26)S

Random Sampled NetFlow

Random Sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Packets are sampled as they arrive (before any NetFlow cache entries are made for those packets). Statistical traffic sampling substantially reduces consumption of router resources (especially CPU resources) while providing valuable NetFlow data. The main uses of Random Sampled NetFlow are traffic engineering, capacity planning, and applications where full NetFlow is not needed for an accurate view of network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

Cisco IOS Software Release 12.2S

12.2(18)S

NetFlow BGP Next Hop Support

The NetFlow Border Gateway Protocol (BGP) Next Hop Support feature lets you measure network traffic on a per BGP next hop basis. Without the NetFlow BGP Next Hop Support feature, NetFlow exports only IP next hop information (which provides data on only the next router); this feature adds BGP next hop information to the data export.

Configuring NetFlow BGP Next Hop Support for Accounting and Analysis

12.2(25)S

NetFlow Input Filters

The NetFlow Input Filters feature provides NetFlow data for a specific subset of traffic by letting you create filters to select flows for NetFlow processing. For example, you can select flows from a specific group of hosts. This feature also lets you select various sampling rates for selected flows. The NetFlow Input Filters feature is used, for example, for class-based traffic analysis and monitoring on-network or off-network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

12.2(25)S

NetFlow MIB

The NetFlow MIB feature provides MIB objects to allow you to monitor flow cache information, the current NetFlow configuration, and statistics.

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

12.2(25)S

NetFlow MIB and Top Talkers

The NetFlow MIB and Top Talkers feature uses NetFlow functionality to obtain information regarding heaviest traffic patterns and most-used applications in the network.

Configuring NetFlow Top Talkers using Cisco IOS CLI Commands or SNMP Commands

12.2(18)S

NetFlow Multicast Support

The NetFlow Multicast Support feature lets you capture multicast-specific data (both packets and bytes) for multicast flows. For example, you can capture the packet-replication factor for a specific flow as well as for each outgoing stream. This feature provides complete end-to-end usage information about network traffic for a complete multicast traffic billing solution.

Configuring NetFlow Multicast Accounting

12.2(14)S

NetFlow Multiple Export Destinations

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data.

Configuring NetFlow and NetFlow Data Export

12.2(14)S

NetFlow Subinterface Support

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis.

Configuring NetFlow and NetFlow Data Export

12.2(14)S

NetFlow ToS-Based Router Aggregation

The NetFlow ToS-Based Router Aggregation feature enables you to limit router-based type of service (ToS) aggregation of NetFlow export data. The aggregation of export data provides a summarized NetFlow export data that can be exported to a collection device. The result is lower bandwidth requirements for NetFlow export data and reduced platform requirements for NetFlow data collection devices.

Configuring NetFlow Aggregation Caches

12.2(18)S

NetFlow v9 Export Format

NetFlow Version 9 is a flexible and extensible format that provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, Multiprotocol Label Switching (MPLS), and Border Gateway Protocol (BGP) next hop. The distinguishing feature of the NetFlow Version 9 format is that it is template based.

Configuring NetFlow and NetFlow Data Export

12.2(18)S

Random Sampled NetFlow

Random Sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Packets are sampled as they arrive (before any NetFlow cache entries are made for those packets). Statistical traffic sampling substantially reduces consumption of router resources (especially CPU resources) while providing valuable NetFlow data. The main uses of Random Sampled NetFlow are traffic engineering, capacity planning, and applications where full NetFlow is not needed for an accurate view of network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

Cisco IOS Software Release 12.2SB

12.2(28)SBB

Egress NetFlow Accounting

The Egress NetFlow Accounting feature allows NetFlow statistics to be gathered on egress traffic (traffic that is exiting the router). Previous versions of NetFlow allowed statistics to be gathered only on ingress traffic (traffic that is entering the router).

Configuring NetFlow and NetFlow Data Export

12.2(27)SBC

NetFlow BGP Next Hop Support

The NetFlow Border Gateway Protocol (BGP) Next Hop Support feature lets you measure network traffic on a per BGP next hop basis. Without the NetFlow BGP Next Hop Support feature, NetFlow exports only IP next hop information (which provides data on only the next router); this feature adds BGP next hop information to the data export.

Configuring NetFlow BGP Next Hop Support for Accounting and Analysis

12.2(31)SB2

NetFlow MIB

The NetFlow MIB feature provides MIB objects to allow you to monitor flow cache information, the current NetFlow configuration, and statistics.

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

12.2(27)SBC

NetFlow Minimum Prefix Mask for Router-Based Aggregation

The NetFlow Minimum Prefix Mask for Router-Based Aggregation feature allows you to set a minimum mask size for prefix aggregation, destination-prefix aggregation, and source-prefix aggregation schemes.

Configuring NetFlow Aggregation Caches

12.2(27)SBC

NetFlow Multicast Support

The NetFlow Multicast Support feature lets you capture multicast-specific data (both packets and bytes) for multicast flows. For example, you can capture the packet-replication factor for a specific flow as well as for each outgoing stream. This feature provides complete end-to-end usage information about network traffic for a complete multicast traffic billing solution.

Configuring NetFlow Multicast Accounting

12.2(27)SBC

NetFlow Multiple Export Destinations

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data.

Configuring NetFlow and NetFlow Data Export

12.2(27)SBC

NetFlow Subinterface Support

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis.

Configuring NetFlow and NetFlow Data Export

12.2(27)SBB

NetFlow ToS-Based Router Aggregation

The NetFlow ToS-Based Router Aggregation feature enables you to limit router-based type of service (ToS) aggregation of NetFlow export data. The aggregation of export data provides a summarized NetFlow export data that can be exported to a collection device. The result is lower bandwidth requirements for NetFlow export data and reduced platform requirements for NetFlow data collection devices.

Configuring NetFlow Aggregation Caches

12.2(27)SBC

NetFlow v9 Export Format

NetFlow Version 9 is a flexible and extensible format that provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, Multiprotocol Label Switching (MPLS), and Border Gateway Protocol (BGP) next hop. The distinguishing feature of the NetFlow Version 9 format is that it is template based.

Configuring NetFlow and NetFlow Data Export

12.2(28)SB

MPLS-aware NetFlow

Multiprotocol Label Switching (MPLS)-aware NetFlow is an extension of the NetFlow accounting feature that provides highly granular traffic statistics for Cisco routers. MPLS-aware NetFlow collects statistics on a per-flow basis just as NetFlow does. MPLS-aware NetFlow uses the NetFlow Version 9 export format.

Configuring MPLS-aware NetFlow

12.2(27)SBC

Random Sampled NetFlow

Random Sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Packets are sampled as they arrive (before any NetFlow cache entries are made for those packets). Statistical traffic sampling substantially reduces consumption of router resources (especially CPU resources) while providing valuable NetFlow data. The main uses of Random Sampled NetFlow are traffic engineering, capacity planning, and applications where full NetFlow is not needed for an accurate view of network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

Cisco IOS Software Release 12.2SR

12.2(33)SRA

Egress NetFlow Accounting

The Egress NetFlow Accounting feature allows NetFlow statistics to be gathered on egress traffic (traffic that is exiting the router). Previous versions of NetFlow allowed statistics to be gathered only on ingress traffic (traffic that is entering the router).

Configuring NetFlow and NetFlow Data Export

12.2(33)SRA

MPLS Egress NetFlow Accounting

The MPLS Egress NetFlow Accounting feature allows you to capture IP flow information for packets undergoing MPLS label disposition; that is, packets that arrive on a router as MPLS packets and are transmitted as IP packets.

Configuring MPLS Egress NetFlow Accounting and Analysis

12.2(33)SRB

NDE for VRF Interfaces

The NetFlow data export (NDE) for VRF Interfaces feature enables the creation and export of hardware NetFlow cache entries for traffic entering a router on the last multiprotocol label switching (MPLS) hop of an IPv4 MPLS virtual private network (VPN).

NDE for VRF Interfaces

12.2(33)SRA

NetFlow BGP Next Hop Support

The NetFlow Border Gateway Protocol (BGP) Next Hop Support feature lets you measure network traffic on a per BGP next hop basis. Without the NetFlow BGP Next Hop Support feature, NetFlow exports only IP next hop information (which provides data on only the next router); this feature adds BGP next hop information to the data export.

Configuring NetFlow BGP Next Hop Support for Accounting and Analysis

12.2(33)SRA

NetFlow Input Filters

The NetFlow Input Filters feature provides NetFlow data for a specific subset of traffic by letting you create filters to select flows for NetFlow processing. For example, you can select flows from a specific group of hosts. This feature also lets you select various sampling rates for selected flows. The NetFlow Input Filters feature is used, for example, for class-based traffic analysis and monitoring on-network or off-network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

12.2(33)SRD

NetFlow MIB

The NetFlow MIB feature provides MIB objects to allow you to monitor flow cache information, the current NetFlow configuration, and statistics.

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

12.2(33)SRA

NetFlow Minimum Prefix Mask for Router-Based Aggregation

The NetFlow Minimum Prefix Mask for Router-Based Aggregation feature allows you to set a minimum mask size for prefix aggregation, destination-prefix aggregation, and source-prefix aggregation schemes.

Configuring NetFlow Aggregation Caches

12.2(33)SRA

NetFlow Multicast Support

The NetFlow Multicast Support feature lets you capture multicast-specific data (both packets and bytes) for multicast flows. For example, you can capture the packet-replication factor for a specific flow as well as for each outgoing stream. This feature provides complete end-to-end usage information about network traffic for a complete multicast traffic billing solution.

Configuring NetFlow Multicast Accounting

12.2(33)SRA

NetFlow Multiple Export Destinations

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data.

Configuring NetFlow and NetFlow Data Export

12.2(33)SRA

NetFlow Subinterface Support

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis.

Configuring NetFlow and NetFlow Data Export

12.2(33)SRA

NetFlow ToS-Based Router Aggregation

The NetFlow ToS-Based Router Aggregation feature enables you to limit router-based type of service (ToS) aggregation of NetFlow export data. The aggregation of export data provides a summarized NetFlow export data that can be exported to a collection device. The result is lower bandwidth requirements for NetFlow export data and reduced platform requirements for NetFlow data collection devices.

Configuring NetFlow Aggregation Caches

12.2(33)SRA

NetFlow v9 Export Format

NetFlow Version 9 is a flexible and extensible format that provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, Multiprotocol Label Switching (MPLS), and Border Gateway Protocol (BGP) next hop. The distinguishing feature of the NetFlow Version 9 format is that it is template based.

Configuring NetFlow and NetFlow Data Export

12.2(33)SRB

NetFlow v9 For IPv6

The NetFlow v9 For IPv6 feature adds version 9 export support for IPv6.

NetFlow v9 For IPv6

12.2(33)SRA

Random Sampled NetFlow

Random Sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Packets are sampled as they arrive (before any NetFlow cache entries are made for those packets). Statistical traffic sampling substantially reduces consumption of router resources (especially CPU resources) while providing valuable NetFlow data. The main uses of Random Sampled NetFlow are traffic engineering, capacity planning, and applications where full NetFlow is not needed for an accurate view of network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

Cisco IOS Software Release 12.2SX

12.2(18)SXF

Egress NetFlow Accounting

The Egress NetFlow Accounting feature allows NetFlow statistics to be gathered on egress traffic (traffic that is exiting the router). Previous versions of NetFlow allowed statistics to be gathered only on ingress traffic (traffic that is entering the router).

Configuring NetFlow and NetFlow Data Export

12.2(18)SXE

MPLS Egress NetFlow Accounting

The MPLS Egress NetFlow Accounting feature allows you to capture IP flow information for packets undergoing MPLS label disposition; that is, packets that arrive on a router as MPLS packets and are transmitted as IP packets.

Configuring MPLS Egress NetFlow Accounting and Analysis

12.2(33)SXI

NetFlow Accounting for Unicast and Multicast on GRE tunnel interface

GRE is a tunneling protocol developed by Cisco that can encapsulate a wide variety of protocol packet types inside IP tunnels, creating a virtual point-to-point link to Cisco routers at remote points over an IP internetwork. This feature provides netflow accounting for IP v4 unicast and multicast flows over GRE tunnels. It provides accounting for packets entering as well as exiting a tunnel interface.

Configuring Netflow Accounting for Unicast and Multicast on GRE Tunnel Interfaces

12.2(18)SXF

NetFlow BGP Next Hop Support

The NetFlow Border Gateway Protocol (BGP) Next Hop Support feature lets you measure network traffic on a per BGP next hop basis. Without the NetFlow BGP Next Hop Support feature, NetFlow exports only IP next hop information (which provides data on only the next router); this feature adds BGP next hop information to the data export.

Configuring NetFlow BGP Next Hop Support for Accounting and Analysis

12.2SX1

NetFlow Input Filters

The NetFlow Input Filters feature provides NetFlow data for a specific subset of traffic by letting you create filters to select flows for NetFlow processing. For example, you can select flows from a specific group of hosts. This feature also lets you select various sampling rates for selected flows. The NetFlow Input Filters feature is used, for example, for class-based traffic analysis and monitoring on-network or off-network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

12.2SX1

NetFlow MIB and Top Talkers

The NetFlow MIB and Top Talkers feature uses NetFlow functionality to obtain information regarding heaviest traffic patterns and most-used applications in the network.

Configuring NetFlow Top Talkers using Cisco IOS CLI Commands or SNMP Commands

12.2(18)SXF

NetFlow Minimum Prefix Mask for Router-Based Aggregation

The NetFlow Minimum Prefix Mask for Router-Based Aggregation feature allows you to set a minimum mask size for prefix aggregation, destination-prefix aggregation, and source-prefix aggregation schemes.

Configuring NetFlow Aggregation Caches

12.2(18)SXF

NetFlow Multicast Support

The NetFlow Multicast Support feature lets you capture multicast-specific data (both packets and bytes) for multicast flows. For example, you can capture the packet-replication factor for a specific flow as well as for each outgoing stream. This feature provides complete end-to-end usage information about network traffic for a complete multicast traffic billing solution.

Configuring NetFlow Multicast Accounting

12.2(18)SXE

NetFlow Multiple Export Destinations

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data.

Configuring NetFlow and NetFlow Data Export

12.2(33)SXH

NetFlow Subinterface Support

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis.

Configuring NetFlow and NetFlow Data Export

12.2(18)SXF

NetFlow ToS-Based Router Aggregation

The NetFlow ToS-Based Router Aggregation feature enables you to limit router-based type of service (ToS) aggregation of NetFlow export data. The aggregation of export data provides a summarized NetFlow export data that can be exported to a collection device. The result is lower bandwidth requirements for NetFlow export data and reduced platform requirements for NetFlow data collection devices.

Configuring NetFlow Aggregation Caches

12.2(18)SXF

NetFlow v9 Export Format

NetFlow Version 9 is a flexible and extensible format that provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, Multiprotocol Label Switching (MPLS), and Border Gateway Protocol (BGP) next hop. The distinguishing feature of the NetFlow Version 9 format is that it is template based.

Configuring NetFlow and NetFlow Data Export

12.2(33)SXH

NetFlow v9 For IPv6

The NetFlow v9 For IPv6 feature adds version 9 export support for IPv6.

NetFlow v9 For IPv6

12.2(18)SXF

Random Sampled NetFlow

Random Sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Packets are sampled as they arrive (before any NetFlow cache entries are made for those packets). Statistical traffic sampling substantially reduces consumption of router resources (especially CPU resources) while providing valuable NetFlow data. The main uses of Random Sampled NetFlow are traffic engineering, capacity planning, and applications where full NetFlow is not needed for an accurate view of network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

Cisco IOS Software Releases 12.2T, 12.3, 12.3T, 12.4, 12.4T and 15.0M

12.3(11)T

Egress NetFlow Accounting

The Egress NetFlow Accounting feature allows NetFlow statistics to be gathered on egress traffic (traffic that is exiting the router). Previous versions of NetFlow allowed statistics to be gathered only on ingress traffic (traffic that is entering the router).

Configuring NetFlow and NetFlow Data Export

12.3(8)T

MPLS-aware NetFlow

Multiprotocol Label Switching (MPLS)-aware NetFlow is an extension of the NetFlow accounting feature that provides highly granular traffic statistics for Cisco routers. MPLS-aware NetFlow collects statistics on a per-flow basis just as NetFlow does. MPLS-aware NetFlow uses the NetFlow Version 9 export format.

Configuring MPLS-aware NetFlow

12.3(11)T

MPLS Egress NetFlow Accounting

The MPLS Egress NetFlow Accounting feature allows you to capture IP flow information for packets undergoing MPLS label disposition; that is, packets that arrive on a router as MPLS packets and are transmitted as IP packets.

Configuring MPLS Egress NetFlow Accounting and Analysis

12.3(1)

NetFlow BGP Next Hop Support

The NetFlow Border Gateway Protocol (BGP) Next Hop Support feature lets you measure network traffic on a per BGP next hop basis. Without the NetFlow BGP Next Hop Support feature, NetFlow exports only IP next hop information (which provides data on only the next router); this feature adds BGP next hop information to the data export.

Configuring NetFlow BGP Next Hop Support for Accounting and Analysis

12.4(4)T

NetFlow Dynamic Top Talkers CLI

The NetFlow Dynamic Top Talkers CLI feature gives you an overview of the highest volume traffic in your network by aggregating flows on a common field. For example, you can aggregate all of the flows for a destination network by aggregating them on the destination prefix.

Detecting and Analyzing Network Threats With NetFlow

12.3(4)T

NetFlow Input Filters

The NetFlow Input Filters feature provides NetFlow data for a specific subset of traffic by letting you create filters to select flows for NetFlow processing. For example, you can select flows from a specific group of hosts. This feature also lets you select various sampling rates for selected flows. The NetFlow Input Filters feature is used, for example, for class-based traffic analysis and monitoring on-network or off-network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

12.3(14)T

NetFlow Layer 2 and Security Monitoring Exports

The NetFlow Layer 2 and Security Monitoring Exports feature adds the ability for NetFlow to capture the values from several fields in Layer 3 IP traffic and Layer 2 LAN traffic to obtain information that can be used to classify and identify network traffic. This information can be used to help identify network attacks and their origin.

NetFlow Layer 2 and Security Monitoring Exports

12.3(7)T

NetFlow MIB

The NetFlow MIB feature provides MIB objects to allow you to monitor flow cache information, the current NetFlow configuration, and statistics.

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

12.3(11)T

NetFlow MIB and Top Talkers

The NetFlow MIB and Top Talkers feature uses NetFlow functionality to obtain information regarding heaviest traffic patterns and most-used applications in the network.

Configuring NetFlow Top Talkers using Cisco IOS CLI Commands or SNMP Commands

12.1(2)T

NetFlow Minimum Prefix Mask for Router-Based Aggregation

The NetFlow Minimum Prefix Mask for Router-Based Aggregation feature allows you to set a minimum mask size for prefix aggregation, destination-prefix aggregation, and source-prefix aggregation schemes.

Configuring NetFlow Aggregation Caches

12.3(1)

NetFlow Multicast Support

The NetFlow Multicast Support feature lets you capture multicast-specific data (both packets and bytes) for multicast flows. For example, you can capture the packet-replication factor for a specific flow as well as for each outgoing stream. This feature provides complete end-to-end usage information about network traffic for a complete multicast traffic billing solution.

Configuring NetFlow Multicast Accounting

12.2(2)T

NetFlow Multiple Export Destinations

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data.

Configuring NetFlow and NetFlow Data Export

12.4(4)T

NetFlow Reliable Export with SCTP

The NetFlow Reliable Export With SCTP feature provides a more robust and flexible method for exporting NetFlow data to collectors than UDP, which was the only transport option prior to the introduction of this feature.

NetFlow Reliable Export with SCTP

12.2(15)T

NetFlow Subinterface Support

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis.

Configuring NetFlow and NetFlow Data Export

12.2(4)T

NetFlow ToS-Based Router Aggregation

The NetFlow ToS-Based Router Aggregation feature enables you to limit router-based type of service (ToS) aggregation of NetFlow export data. The aggregation of export data provides a summarized NetFlow export data that can be exported to a collection device. The result is lower bandwidth requirements for NetFlow export data and reduced platform requirements for NetFlow data collection devices.

Configuring NetFlow Aggregation Caches

12.3(1)

NetFlow v9 Export Format

NetFlow Version 9 is a flexible and extensible format that provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, Multiprotocol Label Switching (MPLS), and Border Gateway Protocol (BGP) next hop. The distinguishing feature of the NetFlow Version 9 format is that it is template based.

Configuring NetFlow and NetFlow Data Export

12.3(2)T

Random Sampled NetFlow

Random Sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Packets are sampled as they arrive (before any NetFlow cache entries are made for those packets). Statistical traffic sampling substantially reduces consumption of router resources (especially CPU resources) while providing valuable NetFlow data. The main uses of Random Sampled NetFlow are traffic engineering, capacity planning, and applications where full NetFlow is not needed for an accurate view of network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

12.4(2)T

Support for capturing the value from the fragment offset field of IP headers added to NetFlow Layer 2 and Security Monitoring Exports2

The NetFlow Layer 2 and Security Monitoring Exports feature enables the capture of values from fields in Layer 3 and Layer 2 of IP traffic for accounting and security analysis.

Detecting and Analyzing Network Threats With NetFlow

Cisco IOS XE Software Release

2.1

Egress NetFlow Accounting

The Egress NetFlow Accounting feature allows NetFlow statistics to be gathered on egress traffic (traffic that is exiting the router). Previous versions of NetFlow allowed statistics to be gathered only on ingress traffic (traffic that is entering the router).

Configuring NetFlow and NetFlow Data Export

2.1

NetFlow Aggregation

The NetFlow ToS-Based Router Aggregation feature enables you to limit router-based type of service (ToS) aggregation of NetFlow export data. The aggregation of export data provides a summarized NetFlow export data that can be exported to a collection device. The result is lower bandwidth requirements for NetFlow export data and reduced platform requirements for NetFlow data collection devices.

Configuring NetFlow Aggregation Caches

2.1

NetFlow Minimum Prefix Mask for Router-Based Aggregation

The NetFlow Minimum Prefix Mask for Router-Based Aggregation feature allows you to set a minimum mask size for prefix aggregation, destination-prefix aggregation, and source-prefix aggregation schemes.

Configuring NetFlow Aggregation Caches

2.1

NetFlow Multiple Export Destinations

The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data.

Configuring NetFlow and NetFlow Data Export

2.1

NetFlow Subinterface Support

The NetFlow Subinterface Support feature provides the ability to enable NetFlow on a per-subinterface basis.

Configuring NetFlow and NetFlow Data Export

2.1

NetFlow v9 Export Format

NetFlow Version 9 is a flexible and extensible format that provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, Multiprotocol Label Switching (MPLS), and Border Gateway Protocol (BGP) next hop. The distinguishing feature of the NetFlow Version 9 format is that it is template based.

Configuring NetFlow and NetFlow Data Export

2.1

Random Sampled NetFlow

Random Sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Packets are sampled as they arrive (before any NetFlow cache entries are made for those packets). Statistical traffic sampling substantially reduces consumption of router resources (especially CPU resources) while providing valuable NetFlow data. The main uses of Random Sampled NetFlow are traffic engineering, capacity planning, and applications where full NetFlow is not needed for an accurate view of network traffic.

Using NetFlow Filtering or Sampling to Select the Network Traffic to Track

Cisco IOS Software Release 12.2ZY

12.2(18)ZYA2

Application-aware NetFlow

Application-aware NetFlow enables the capture of application information collected by PISA NBAR and exports using NetFlow Version 9.

NetFlow Layer 2 and Security Monitoring Exports

Cisco IOS Software Release 12.2SY

12.2(50)SY

 

NetFlow is not supported in 12.2SY. The existing NetFlow commands are automatically converted to Flexible NetFlow commands. For more information, see the Cisco IOS Flexible NetFlow Configuration Guide, 12.2SY.

 

1 This feature is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

2 This is a minor enhancement. Minor enhancements are not typically listed in Feature Navigator.