Configuring Netflow for Traffic Visibility
NetFlow records provide an aggregate view of the network traffic. When enabled on the branch router or switch, the NetFlow data source becomes available on the Cisco NAM VB. Netflow provides statistics for applications, hosts, and conversions. You can set up custom data sources for some specific interfaces. Netflow can be used to identify business critical applications hosted in the Data Center that are used in the branch.
This chapter contains:
•Configuring NetFlow on Cisco IOS Routers
•Configuring Netflow Data Source on the NAM VB
•Configuring NetFlow Reports on the NAM VB
Configuring NetFlow on Cisco IOS Routers
Configure NetFlow traffic on the Branch edge router. You must enable Netflow on both the WAN and LAN interface to provide visibility into traffic flows entering and leaving the branch.
ip route-cache flow
ip flow-export version 5
ip flow-export destination <NAM-Ip-Address> 3000
Note The UDP port number must be set to 3000.
Also make sure the SNMP Read Only community string is configured on the device.
snmp-server community <RO-string> RO
Configuring Netflow Data Source on the NAM VB
Use the NAM Traffic Analyzer GUI to enable additional NetFlow monitoring devices.
Step 1 Log in to the NAM GUI and choose Setup > Data Sources.
Step 2 In the Content menu, click NetFlow -- Listening Mode.
The NetFlow Listening Mode window displays as shown in Figure 3-1.
Figure 3-1 NetFlow Listening Mode Window
Step 3 Click Start.
This enables the Cisco NAM VB to listen to any NetFlow packets being sent to it.
Step 4 As you see the IP addresses begin to list, select and add the device or devices, and provide the SNMP read community string.
Step 5 Test for connectivity and SNMP community string from Setup > Data Sources > NetFlow -- Devices, then click Test.
Step 6 Add the NetFlow data sources by selecting Setup > Data Sources > NetFlow -- Custom Data Sources.then choose a NetFlow device, provide a name, and click Next.
Step 7 Custom Data Sources. Select a NetFlow device, provide a name and click Next.
Step 8 Add the interfaces to monitor in this data source as shown in Figure 3-2.
Step 9 Click Next and review the settings, then click Finish.
Figure 3-2 NetFlow Data Sources - Select Interfaces
Step 10 Click Setup > Monitor > Core Monitoring.
Step 11 Choose the desired data sources with a prefix NDE as NetFlow data sources, and enable collections by clicking Apply.
Figure 3-3 Core Monitoring Functions
Configuring NetFlow Reports on the NAM VB
To gain visibility into the top applications and those individuals creating a significant amount of IP phone traffic, you can create Top Applications and Top Hosts reports. Reports like these enable you to view trending of top applications and most active hosts for a particular branch over a period of time.
Step 1 Log in to the NAM VB GUI, and click Reports > Basic Reports.
The Basic Historical Reports window displays and lists any currently configured basic reports.
Step 2 Click Create to create a new basic report.
Step 3 Choose Applications from the list of report types, then click Next.
Step 4 Click to choose Top Applications as shown in Figure 3-4, then choose the NetFlow Data Source and click Finish.
Figure 3-4 Setup Report Parameters
Step 5 Click Create again to create another new basic report.
Step 6 Choose Hosts from the list of report types, then click Next.
Step 7 Click to choose Top N Hosts as shown in Figure 3-5, then choose the NetFlow Data Source and click Finish.
Figure 3-5 Setup Host Report Parameters