Cisco IOS XR Netflow Configuration Guide for the Cisco CRS Router, Release 4.3.x
Configuring NetFlow
Downloads: This chapterpdf (PDF - 1.44MB) The complete bookPDF (PDF - 2.21MB) | Feedback

Configuring NetFlow

Contents

Configuring NetFlow

This module describes the configuration of NetFlow .

A NetFlow flow is a unidirectional sequence of packets that arrive on a single interface (or subinterface), and have the same values for key fields.

NetFlow is useful for the following:

  • Accounting/Billing—NetFlow data provides fine grained metering for highly flexible and detailed resource utilization accounting.
  • Network Planning and Analysis—NetFlow data provides key information for strategic network planning.
  • Network Monitoring—NetFlow data enables near real-time network monitoring capabilities.

Feature History for Configuring NetFlow

Release

Modification

Release 3.2

This feature was introduced.

Release 3.3.0

  • This feature was introduced.
  • Information was added about using the bgp attribute-download command to enable the NetFlow BGP data export function.
  • NetFlow support for subinterfaces was introduced.

Release 3.4.0

  • The following commands were moved to flow exporter map configuration mode:
    • destination
    • dscp
    • source
    • transport udp
  • NetFlow was updated so that a single flow monitor map supports up to 8 exporters.
  • NetFlow was updated so that users could specify the number of MPLS labels to use as keys.

Release 3.4.1

  • The record mpls field was introduced in the show command output.

Release 3.5.0

  • The record ipv6 command was introduced.
  • The record mpls command was introduced.
  • MPLS-aware NetFlow was supported.
  • Support for IPv6 aware NetFlow.

Release 4.0.1

The following features were added:

  • Destination-based NetFlow Accounting.
  • Reporting BGP attributes for VRF prefixes in Sampled Netflow.

This module includes the following sections:

Prerequisites for Configuring NetFlow

To perform these configuration tasks, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. If you need assistance with your task group assignment, contact your system administrator.

Restrictions for Configuring NetFlow

Consider the following restrictions when configuring NetFlow in Cisco IOS XR software:

  • A source interface must always be configured. If you do not configure a source interface, the exporter will remain in a disabled state.
  • Only export format Version 9 is supported.
  • A valid record map name must always be configured for every flow monitor map.
  • Only Sampled NetFlow is supported in Satellite Gigabit Ethernet network interface. Destination-based NetFlow Accounting (DBA) is not supported yet in this interface.

Tip


Do not use the management interface to export the NetFlow packets.


Information About Configuring NetFlow

To implement NetFlow, you must understand the following concepts:

NetFlow Overview

A flow is exported as part of a NetFlow export User Datagram Protocol (UDP) datagram under the following circumstances:

  • The flow has been inactive or active for too long.
  • The flow cache is getting full.
  • One of the counters (packets and or bytes) has wrapped.
  • The user forces the flow to export.

NetFlow export UDP datagrams are sent to an external flow collector device that provides NetFlow export data filtering and aggregation. The export of data consists of expired flows and control information.

The NetFlow infrastructure is based on the configuration and use of the following maps:

  • Monitor map
  • Sampler map
  • Exporter map

These maps are described in the sections that follow.

Monitor Map Overview

A monitor map contains name references to the flow record map and flow exporter map. Monitor maps are applied to an interface. You can configure the following monitor map attributes:

  • Number of entries in the flow cache
  • Type of cache (permanent or normal). Permanent caches do not have their entries removed from the cache unless they are explicitly cleared by the user
  • Active flow timeout
  • Inactive flow timeout
  • Update timeout
  • Default timeouts
  • Record type of packets sampled and collected

    Note


    The record name specifies the type of packets that NetFlow samples as they pass through the router. Currently, MPLS, IPv4, and IPv6 packet sampling is supported.



Note


The active flow and inactive flow timeouts are associated with a normal cache type. The update timeout is associated with the permanent cache type.


Sampler Map Overview

The sampler map specifies the rate at which packets (one out of n packets) are sampled. On high bandwidth interfaces, applying NetFlow processing to every single packet can result in significant CPU utilization. Sampler map configuration is typically geared towards such high speed interfaces.

If NetFlow is applied in both directions, then the flow record packets are policed at the rate of 35,000 packets per second per direction. If NetFlow is applied in one direction only, then the flow record packets are policed at the rate of 70,000 packets per second per direction.


Note


These values are for MSC-Rev. A line cards. MSC-Rev. B line cards have a higher policing rate of 62,500 packets per second per direction, with 125,000 packets per second applied in a single direction.


Exporter Map Overview

An exporter map contains user network specification and transport layer details for the NetFlow export packet. The flow exporter-map command allows you to configure collector and version attributes. You can configure the following collector information:

  • Export destination IP address
  • DSCP value for export packet
  • Source interface
  • UDP port number (This is where the collector is listening for NetFlow packets.)
  • Transport protocol for export packets

Note


In Cisco IOS XR Software, UDP is the only supported transport protocol for export packets.



Note


NetFlow export packets use the IP address that is assigned to the source interface. If the source interface does not have an IP address assigned to it, the exporter will be inactive.


You can also configure the following export version attributes:

  • Template timeout
  • Template data timeout
  • Template options timeout
  • Interface table timeout
  • Sampler table timeout

Note


A single flow monitor map can support up to eight exporters.


Options Template Overview

NetFlow version 9 is a template-based version. The templates provide an extensible design to the record format. This feature allows enhancements to NetFlow services without requiring concurrent changes to the basic flow-record format. An options template is a special type of template record that is used to communicate the format of data related to the NetFlow process. Rather than supplying information about IP flows, the options are used to supply metadata about the NetFlow process itself. The sampler options template and the interface options template are different forms of options templates.

The sampler options template consists of sampler tables. Similarly, the interface option templates consist of interface tables. By enabling the options for sampler table and interface table, it becomes easier for the collector to determine the information on data flow.

The sampler table consists of information on the active samplers. It is used by the collector to estimate the sampling rate for each data flow. The sampler table consists of the following information for each sampler:
Field Name Value
FlowSamplerID This ID is assigned to the sampler. It is used by the collector to retrieve information about the sampler for a data flow record.
FlowSamplerMode This field indicates the mode in which the sampling has been performed. The default value for this field is 1 for deterministic sampling and 2 for random sampling.
FlowSamplerRandomInterval This field indicates the rate at which the sampling is performed.
SamplerName This field indicates the name of the sampler.

The interface table consists of information on interfaces that are being monitored for data flow. By using this information, the collector determines the names of interfaces associated with the data flow. The interface table consists of the following information:

Field Name Value
ingressInterface This field indicates the SNMP index assigned to the interface. By matching this value to the Ingress interface and the Egress Interface in the data flow record, the collector is able to retrieve the name of the interface.
interfaceDescription This field indicates the name of the interface

NetFlow Configuration Submodes

In Cisco IOS XR Software, NetFlow map configuration takes place in map-specific submodes. Cisco IOS XR Software supports the following NetFlow map configuration submodes:


Note


The Cisco IOS XR Software allows you to issue most commands available under submodes as one single command string from global configuration mode. For example, you can issue the record ipv4 command from the flow monitor map configuration submode as follows:


RP/0/RP0/CPU0:router(config)# flow monitor-map fmm
RP/0/RP0/CPU0:router(config-fmm)# record ipv4

Alternatively, you can issue the same command from global configuration mode, as shown in the following example:

RP/0/RP0/CPU0:router(config)# flow monitor-map fmm record ipv4

Flow Exporter Map Configuration Submode

When you issue the flow exporter-map fem-name command in global configuration mode, the command-line interface (CLI) prompt changes to “config-fem,” indicating that you have entered the flow exporter map configuration submode.

In the following sample output, the question mark (?) online help function displays all the commands available under the flow exporter map configuration submode:

RP/0/RP0/CPU0:router(config)# flow exporter-map fem

RP/0/RP0/CPU0:router(config-fem)# ?

clear        Clear the uncommitted configuration
clear        Clear the configuration
commit       Commit the configuration changes to running
describe     Describe a command without taking real actions
destination  Export destination configuration
do           Run an exec command
dscp         Specify DSCP value for export packets
exit         Exit from this submode
no           Negate a command or set its defaults
pwd          Commands used to reach current submode
root         Exit to the global configuration mode
show         Show contents of configuration
source       Source interface
transport    Specify the transport protocol for export packets
version      Specify export version parameters

Note


If you enter the version command, you enter the flow exporter map version configuration submode.



Note


A single flow monitor map can support up to eight exporters.


Flow Exporter Map Version Configuration Submode

When you issue the version v9 command in the flow exporter map configuration submode, the CLI prompt changes to “config-fem-ver,” indicating that you have entered the flow exporter map version configuration submode.

In the following sample output, the question mark (?) online help function displays all the commands available under the flow exporter map version configuration submode:

RP/0/RP0/CPU0:router(config-fem)# version v9

RP/0/RP0/CPU0:router(config-fem-ver)# ?

commit    Commit the configuration changes to running
describe  Describe a command without taking real actions
do        Run an exec command
exit      Exit from this submode
no        Negate a command or set its defaults
options   Specify export of options template
show      Show contents of configuration
template  Specify template export parameters

Flow Monitor Map Configuration Submode

When you issue the flow monitor-map map_name command in global configuration mode, the CLI prompt changes to “config-fmm,” indicating that you have entered the flow monitor map configuration submode.

In the following sample output, the question mark (?) online help function displays all the commands available under the flow monitor map configuration submode:

RP/0/RP0/CPU0:router(config)# flow monitor-map fmm

RP/0/RP0/CPU0:router(config-fmm)# ?

cache     Specify flow cache attributes
commit    Commit the configuration changes to running
describe  Describe a command without taking real actions
do        Run an exec command
exit      Exit from this submode
exporter  Specify flow exporter map name
no        Negate a command or set its defaults
record    Specify a flow record map name
show      Show contents of configuration

Sampler Map Configuration Submode

When you issue the sampler-map map_name command in global configuration mode, the CLI prompt changes to “config-sm,” indicating that you have entered the sampler map configuration submode.

In the following sample output, the question mark (?) online help function displays all the commands available under the sampler map configuration submode:

RP/0/RP0/CPU0(config)# sampler-map fmm

RP/0/RP0/CPU0:router(config-sm)# ?
clear     Clear the uncommitted configuration
clear     Clear the configuration
commit    Commit the configuration changes to running
describe  Describe a command without taking real actions
do        Run an exec command
exit      Exit from this submode
no        Negate a command or set its defaults
pwd       Commands used to reach current submode
random    Use random mode for sampling packets
root      Exit to the global configuration mode
show      Show contents of configuration
RP/0/RP0/CPU0(config-sm)#RP/0/RP0/CP0:router(config-sm)#

Enabling the NetFlow BGP Data Export Function

Use the bgp attribute-download command to enable NetFlow BGP routing attribute collection. The routing attributes are then exported. When no routing attributes are collected, zeroes (0) are exported.

When BGP attribute download is enabled, BGP downloads the attribute information for prefixes (community, extended community, and as-path) to the Routing Information Base (RIB) and Forwarding Information Base (FIB). This enables FIB to associate the prefixes with attributes and send the NetFlow statistics along with the associated attributes.

MPLS Flow Monitor with IPv4 and IPv6 Support

Cisco IOS XR Software supports the NetFlow collection of MPLS packets. It also supports the NetFlow collection of MPLS packets carrying IPv4, IPv6, or both IPv4 and IPv6 payloads.

MPLS Cache Reorganization to Support Both IPv4 and IPv6

In Cisco IOS XR Software, at a time, you can have only one MPLS flow monitor running on an interface. If you apply an additional MPLS flow monitor to the interface, the new flow monitor overwrites the existing one.

At a time, you can apply only one flow monitor on an interface per direction. You can apply either the same flow monitor to an interface in both directions, or each direction can have its own flow monitor.

You can configure the MPLS flow monitor to collect IPv4 fields, IPv6 fields, or IPv4-IPv6 fields. IPv4-IPv6 configuration collects both IPv4 and IPv6 addresses using one MPLS flow monitor. IPv4 configuration collects only IPv4 addresses. IPv6 configuration collects only IPv6 addresses.

The MPLS flow monitor supports up to 1,000,000 cache entries. NetFlow entries include the following types of fields:

  • IPv4 fields
  • IPv6 fields
  • MPLS with IPv4 fields
  • MPLS with IPv6 fields

The maximum number of bytes per NetFlow cache entry is as follows:

  • IPv4–88 bytes per entry
  • MPLS–88 bytes per entry
  • IPv6–108 bytes per entry
  • MPLS with IPv4 fields–108 bytes per entry
  • MPLS with IPv6 fields–128 bytes per entry

Note


The different types of NetFlow entries are stored in separate caches. Consequently, the number of NetFlow entries on a line card can significantly impact the amount of available memory on the line card. Also, even though the sampling rate for IPv6 is the same as the sampling rate for IPv4, the CPU utilization for IPv6 is higher due to the longer keys used by the IPv6 fields.


MPLS Packets with IPv6 Flows

The collection of IPv6 flows in MPLS packets is an option. The CPU uses 128 bytes for each IPv6 field. IPv6 flows may contain the following types of information:

  • Source IP address
  • Destination IP address
  • Traffic class value
  • Layer 4 protocol number
  • Layer 4 source port number
  • Layer 4 destination port number
  • Flow ID
  • Header option mask

To collect the IPv6 fields in MPLS packets, you must activate the MPLS record type, ipv6-fields by running the record mpls ipv6-fields command. You can also specify the number of labels to be used for aggregation with this command.

Destination-based NetFlow Accounting

Destination-based NetFlow accounting (DBA) is a usage-based billing application that tracks and records traffic according to its destination and enables service providers to do destination-specific accounting and billing. The destination-based NetFlow accounting record includes the destination peer autonomous system (AS) number and the BGP next-hop IP address.

IPv4 DBA is already supported in CRS. In Release 4.3.1, the support for IPv6 DBA support is added.

In destination-based NetFlow accounting, the following fields are collected and exported:

  • Destination peer AS number
  • BGP next-hop IP address
  • Ingress interface
  • Egress interface
  • Forwarding status
  • EXP bits of the top label that is pushed in
  • Counter of packets in the flow (64 bits)
  • Counter of bytes in the flow (64 bits)
  • Timestamp for the first and last packet in the flow. This is the timestamp when the flow is reported from hardware to the NetFlow server. 

Destination-based NetFlow accounting supports the following features:

  • IPv4 and IPv6 addresses
  • Configuration on physical interfaces, bundle interfaces, and logical subinterfaces
  • IPv4 unicast and multicast traffic
  • IPv6 unicast and multicast traffic
  • Only ingress traffic
  • Only full mode NetFlow
  • NetFlow export format Version 9 over User Datagram Protocols (UDPs)
  • All line cards (LCs)
  • Normal cache type (active and inactive timeout aged flow records)
  • Permanent cache type (no aging for flow records)

Destination-based NetFlow accounting does not support the following features :

  • MPLS IPv4 and IPv6
  • Configuration for individual Modular QoS Command-Line Interface (MQC) classes
  • Simultaneous configuration of destination-based NetFlow accounting with IPv4 and IPv6 sampled NetFlow on the same interface, in the same direction.
  • Layer 2 switched MPLS traffic
  • Egress traffic
  • Sampled mode NetFlow
  • NetFlow export formats version 5, version 8, IP Flow Information Export (IPFIX), or Stream Control Transmission Protocol (SCTP).
  • Immediate cache type

Netflow over BVI

NetFlow monitoring on Bridge-Group Virtual Interface (BVI) enables traffic monitoring, capacity planning, accounting, security threat detection and billing.

Supported Features

The supported features are as follows:

  • Netflow monitor configuration
  • Typhoon based LCs
  • All NPs on all LCs should share per-LC CPU SPIO bandwidth of 200Kpps
  • Bundles and Pseudowires could be part of the BVI bridge domain
  • Egress NetFlow on a BVI interface with the limitation that it is applied on the ingress LC of the L3 packet
  • IPv4, IPv6 and DBA flow monitoring on BVI

How to Configure NetFlow on Cisco IOS XR Software

The steps that follow provide a general overview of NetFlow configuration:

SUMMARY STEPS

    1.    Create and configure an exporter map.

    2.    Create and configure a monitor map and a sampler map.

    3.    Apply the monitor map and sampler map to an interface.


DETAILED STEPS
    Step 1   Create and configure an exporter map.
    Step 2   Create and configure a monitor map and a sampler map.
    Note   

    The monitor map must reference the exporter map you created in Step 1. If you do not apply an exporter-map to the monitor-map, the flow records are not exported, and aging is done according to the cache parameters specified in the monitor-map.

    Step 3   Apply the monitor map and sampler map to an interface.

    These steps are described in detail in the following sections:


    Configuring an Exporter Map

    Configure an exporter map and apply it to the monitor map with the flow monitor-map map_name exporter map_name command. You can configure the exporter map prior to configuring the monitor map, or you can configure the monitor map first and then configure and apply an exporter map later on.


    Note


    Cisco IOS XR Software supports the configuration of a single collector only in the exporter map.


    The steps that follow describe how to create and configure an exporter map and enable exporting of the sampler table or the interface table.

    SUMMARY STEPS

      1.    configure

      2.    flow exporter-map map_name

      3.    destination hostname_or_IP_address

      4.    dscp dscp_value

      5.    source type interface-path-id

      6.    transport udp port

      7.    version v9

      8.    options {interface-table | sampler-table} [timeout seconds]

      9.    template [data | options] timeout seconds

      10.    Use one of these commands:

      • end
      • commit

      11.    exit

      12.    exit

      13.    show flow exporter-map map_name


    DETAILED STEPS
        Command or Action Purpose
      Step 1 configure


      Example:
      RP/0/RP0/CPU0:router# configure
       

      Enters global configuration mode.

       
      Step 2 flow exporter-map map_name


      Example:
      RP/0/RP0/CPU0:router(config)# flow exporter-map fem
      
       

      Creates an exporter map, configures the exporter map name, and enters flow exporter map configuration mode.

       
      Step 3 destination hostname_or_IP_address


      Example:
      RP/0/RP0/CPU0:router(config-fem)# destination nnn.nnn.nnn.nnn
      
       

      Configures the export destination for the flow exporter map. The destination can be a hostname or an IP address.

       
      Step 4 dscp dscp_value


      Example:
      RP/0/RP0/CPU0:router(config-fem)# dscp 55
      
       

      (Optional) Specifies the differentiated services codepoint (DSCP) value for export packets. Replace the dscp_value argument with a value in the range from 0 through 63.

       
      Step 5 source type interface-path-id


      Example:
      RP/0/RP0/CPU0:router(config-fem)# source gigabitEthernet 0/0/0/0
      
       

      Specifies a source interface, in the format type interface-path-id.

       
      Step 6 transport udp port


      Example:
      RP/0/RP0/CPU0:router(config-fem)# transport udp 9991
      
       

      (Optional) Specifies the destination port for UDP packets. Replace port with the destination UDP port value, in the range from 1024 through 65535.

       
      Step 7 version v9


      Example:
      RP/0/RP0/CPU0:router(config-fem-ver)# version v9
      
       

      (Optional) Enters flow exporter map version configuration submode.

       
      Step 8 options {interface-table | sampler-table} [timeout seconds]


      Example:
      RP/0/RP0/CPU0:router(config-fem-ver)# options sampler-table timeout 2000
      
       

      (Optional) Configures the export timeout value for the sampler table. Replace seconds with the export timeout value, in the range from 1 through 604800 seconds.

      Default is 1800 seconds.

       
      Step 9 template [data | options] timeout seconds


      Example:
      RP/0/RP0/CPU0:router(config-fem-ver)# template data timeout 10000
      
       

      (Optional) Configures the export period for data packets. Replace seconds with the export timeout value, in the range from 1 through 604800 seconds.

       
      Step 10 Use one of these commands:
      • end
      • commit


      Example:
      RP/0/RP0/CPU0:router(config)# end

      or

      RP/0/RP0/CPU0:router(config)# commit
       

      Saves configuration changes.

      • When you issue the end command, the system prompts you to commit changes:
        Uncommitted changes found, commit them
        before exiting(yes/no/cancel)? [cancel]:
        
        • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
        • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
        • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
      • Use the commit command to save the configuration changes to the running configuration file, and remain within the configuration session.
       
      Step 11 exit


      Example:
      RP/0/RP0/CPU0:router(config-fem-ver)# exit
      
       

      Exits flow exporter map version configuration submode.

       
      Step 12 exit


      Example:
      RP/0/RP0/CPU0:router(config)# exit
      
       

      Enters EXEC mode.

       
      Step 13 show flow exporter-map map_name


      Example:
      RP/0/RP0/CPU0:router# show flow exporter-map fem
      
       

      Displays exporter map data.

       

      Configuring a Sampler Map

      The steps that follow describe how to create and configure a sampler map.

      SUMMARY STEPS

        1.    configure

        2.    sampler-map map_name

        3.    random 1 out-of sampling_interval

        4.    Use one of these commands:

        • end
        • commit

        5.    exit

        6.    exit

        7.    show sampler-map map_name


      DETAILED STEPS
          Command or Action Purpose
        Step 1 configure


        Example:
        RP/0/RP0/CPU0:router configure
        
         

        Enters global configuration mode.

         
        Step 2 sampler-map map_name


        Example:
        RP/0/RP0/CPU0:router(config)# sampler-map sm
        RP/0/RP0/CPU0:router(config-sm)#
        
         

        Creates a sampler map and enters sampler map configuration mode.

        Keep the following in mind when configuring a sampler map:

        • NetFlow supports policing at a rate of 35,000 packets per second per direction for each individual line card.
         
        Step 3 random 1 out-of sampling_interval


        Example:
        RP/0/RP0/CPU0:router(config-sm)# random 1 out-of 65535
        
         

        Configures the sampling interval to use random mode for sampling packets. Replace the sampling_interval argument with a number, in the range from 1 through 65535 units.

         
        Step 4 Use one of these commands:
        • end
        • commit


        Example:
        RP/0/RP0/CPU0:router(config)# end

        or

        RP/0/RP0/CPU0:router(config)# commit
         

        Saves configuration changes.

        • When you issue the end command, the system prompts you to commit changes:
          Uncommitted changes found, commit them
          before exiting(yes/no/cancel)? [cancel]:
          
          • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
          • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
          • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
        • Use the commit command to save the configuration changes to the running configuration file, and remain within the configuration session.
         
        Step 5 exit


        Example:
        RP/0/RP0/CPU0:router(config-sm)# exit
        
         

        Exits sampler map configuration mode and enters global configuration mode.

         
        Step 6 exit


        Example:
        RP/0/RP0/CPU0:router(config)# exit
        
         

        Exits global configuration mode and enters EXEC mode.

         
        Step 7 show sampler-map map_name


        Example:
        RP/0/RP0/CPU0:router# show sampler-map fsm
        
         

        Displays sampler map data.

         

        Configuring a Monitor Map

        The steps that follow describe how to create and configure a monitor map.

        SUMMARY STEPS

          1.    configure

          2.    flow monitor-map map_name

          3.    Do one of the following:

          • record ipv4
          • record ipv4 [peer as]
          • record ipv6
          • record mpls [labels number]
          • record mpls [ipv4-fields] [labels number]
          • record mpls [ipv6-fields] [labels number]
          • record mpls [ipv4-ipv6-fields] [labels number]

          4.    cache entries number

          5.    cache permanent

          6.    cache timeout {active timeout_value | inactive timeout_value | update timeout_value}

          7.    exporter map_name

          8.    Use one of these commands:

          • end
          • commit

          9.    exit

          10.    exit

          11.    show flow monitor-map map_name


        DETAILED STEPS
            Command or Action Purpose
          Step 1 configure


          Example:
          RP/0/RP0/CPU0:router# configure
          
           

          Enters global configuration mode.

           
          Step 2 flow monitor-map map_name


          Example:
          RP/0/RP0/CPU0:router(config)# flow monitor-map fmm
          RP/0/RP0/CPU0:router(config-fmm)#
          
           

          Creates a monitor map and configures a monitor map name and enters flow monitor map configuration submode.

           
          Step 3 Do one of the following:
          • record ipv4
          • record ipv4 [peer as]
          • record ipv6
          • record mpls [labels number]
          • record mpls [ipv4-fields] [labels number]
          • record mpls [ipv6-fields] [labels number]
          • record mpls [ipv4-ipv6-fields] [labels number]


          Example:
          RP/0/RP0/CPU0:router(config-fmm)# record ipv4
          
           

          Configures the flow record map name for IPv4, IPv6, or MPLS.

          • Use the record ipv4 command to configure the flow record map name for IPv4. By default, you collect and export the originating autonomous system (AS) numbers.
          • Use the record ipv4 [peer as] command to record peer AS. Here, you collect and export the peer AS numbers.
          Note   

          Ensure that the bgp attribute-download command is configured. Else, no AS is collected when the record ipv4 [peer-as] command is configured.

          • Use the record ipv6 command to configure the flow record map name for IPv6.
          • Use the record mpls labels command with the number argument to specify the number of labels that you want to aggregate. By default, MPLS-aware NetFlow aggregates the top six labels of the MPLS label stack. The maximum value is 6.
          • Use the record mpls ipv4-fields command to collect IPv4 fields in the MPLS-aware NetFlow.
          • Use the record mpls ipv6-fields command to collect IPV6 fields in the MPLS-aware NetFlow.
          • Use the record mpls ipv4-ipv6-fields command to collect IPv4 and IPv6 fields in the MPLS-aware NetFlow.
           
          Step 4 cache entries number


          Example:
          RP/0/RP0/CPU0:router(config-fmm)# cache entries 10000
          
           

          (Optional) Configures the number of entries in the flow cache. Replace the number argument with the number of flow entries allowed in the flow cache, in the range from 4096 through 1000000.

          The default number of cache entries is 65535.

           
          Step 5 cache permanent


          Example:
          RP/0/RP0/CPU0:router(config-fmm)# flow monitor-map fmm cache permanent
          
           

          (Optional) Disables removal of entries from flow cache.

           
          Step 6 cache timeout {active timeout_value | inactive timeout_value | update timeout_value}


          Example:
          RP/0/RP0/CPU0:router(config-fmm)# cache timeout inactive 1000
          
           

          (Optional) Configures the active, inactive, or update flow cache timeout value.

          • The default timeout value for the inactive flow cache is 15 seconds.
          • The default timeout value for the active flow cache is 1800 seconds.
          • The default timeout value for the update flow cache is 1800 seconds.
          Note   

          The update timeout_value keyword argument is used for permanent caches only. It specifies the timeout value that is used to export entries from permanent caches. In this case, the entries are exported but remain the cache.

           
          Step 7 exporter map_name


          Example:
          RP/0/RP0/CPU0:router(config-fmm)# exporter fem
          
           

          Associates an exporter map with a monitor map.

          Note   

          A single flow monitor map can support up to eight exporters.

           
          Step 8 Use one of these commands:
          • end
          • commit


          Example:
          RP/0/RP0/CPU0:router(config)# end

          or

          RP/0/RP0/CPU0:router(config)# commit
           

          Saves configuration changes.

          • When you issue the end command, the system prompts you to commit changes:
            Uncommitted changes found, commit them
            before exiting(yes/no/cancel)? [cancel]:
            
            • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
            • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
            • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
          • Use the commit command to save the configuration changes to the running configuration file, and remain within the configuration session.
           
          Step 9 exit


          Example:
          RP/0/RP0/CPU0:router(config-fmm)# exit
          
           

          Exits flow monitor map configuration submode.

           
          Step 10 exit


          Example:
          RP/0/RP0/CPU0:router(config)# exit
          
           

          Exits global configuration mode.

           
          Step 11 show flow monitor-map map_name


          Example:
          RP/0/RP0/CPU0:router# show flow monitor-map fmm
          
           

          Displays flow monitor map data.

           

          Applying a Monitor Map and a Sampler Map to an Interface

          SUMMARY STEPS

            1.    configure

            2.    interface type number

            3.    flow [ipv4 | ipv6 | mpls] monitor monitor_map sampler sampler_map {egress | ingress}

            4.    Use one of these commands:

            • end
            • commit


          DETAILED STEPS
              Command or Action Purpose
            Step 1 configure


            Example:
            RP/0/RP0/CPU0:router# configure
             

            Enters global configuration mode.

             
            Step 2 interface type number


            Example:
            RP/0/RP0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0
            RP/0/RP0/CPU0:router(config-if)#
            
             

            Enters interface configuration mode.

             
            Step 3 flow [ipv4 | ipv6 | mpls] monitor monitor_map sampler sampler_map {egress | ingress}


            Example:
            RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor fmm sampler fsm egress
            
             

            Associates a monitor map and a sampler map with an interface.

            Enter ipv4 to enable IPV4 NetFlow on the specified interface. Enter ipv6 to enable IPV6 NetFlow on the specified interface. Enter mpls to enable MPLS-aware NetFlow on the specified interface.

             
            Step 4 Use one of these commands:
            • end
            • commit


            Example:
            RP/0/RP0/CPU0:router(config)# end

            or

            RP/0/RP0/CPU0:router(config)# commit
             

            Saves configuration changes.

            • When you issue the end command, the system prompts you to commit changes:
              Uncommitted changes found, commit them
              before exiting(yes/no/cancel)? [cancel]:
              
              • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
              • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
              • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
            • Use the commit command to save the configuration changes to the running configuration file, and remain within the configuration session.
             

            Clearing NetFlow Data

            The steps that follow describe how to clear flow exporter map and flow monitor map data.

            SUMMARY STEPS

              1.    clear flow exporter [exporter_name] {restart | statistics} location node-id

              2.    clear flow monitor [monitor_name] cache [force-export | statistics] location node-id}


            DETAILED STEPS
                Command or Action Purpose
              Step 1 clear flow exporter [exporter_name] {restart | statistics} location node-id


              Example:
              RP/0/RP0/CPU0:router# clear flow exporter statistics location 0/0/CPU0
              
               

              Clears the flow exporter data.

              Specify the statistics option to clear exporter statistics. Specify the restart option to export all of the templates that are currently configured on the specified node.

               
              Step 2 clear flow monitor [monitor_name] cache [force-export | statistics] location node-id}


              Example:
              RP/0/RP0/CPU0:router# clear flow monitor cache force-export location 0/0/CPU0
              
               

              Clears the flow monitor data.

              Specify the statistics option to clear cache statistics. Specify the force-export option to export the data from cache to server first and then clear the entries from cache.

               

              Configuring NetFlow Collection of MPLS Packets with IPv6 Fields

              The following steps show how to configure NetFlow collection of MPLS packets with IPv6 fields.

              SUMMARY STEPS

                1.    configure

                2.    flow exporter-map map_name

                3.    version v9

                4.    options {interface-table | sampler-table} [timeout seconds]

                5.    template [data | options] timeout seconds

                6.    exit

                7.    transport udp port

                8.    source type interface-path-id

                9.    destination hostname_or_IP_address

                10.    exit

                11.    flow monitor-map map_name

                12.    record mpls [ipv4-ipv6-fields] [labels number]

                13.    exporter map_name

                14.    cache entries number

                15.    cache timeout {active timeout_value | inactive timeout_value | update timeout_value}

                16.    cache permanent

                17.    exit

                18.    sampler-map map_name

                19.    random 1 out-of sampling_interval

                20.    exit

                21.    interface type number

                22.    flow [ipv4 | ipv6 | mpls] monitor monitor_map sampler sampler_map {egress | ingress}

                23.    Use one of these commands:

                • end
                • commit

                24.    exit

                25.    exit

                26.    show flow monitor-map map_name

                27.    show flow exporter-map map_name


              DETAILED STEPS
                  Command or Action Purpose
                Step 1 configure


                Example:
                RP/0/RP0/CPU0:router# configure
                 

                Enters global configuration mode.

                 
                Step 2 flow exporter-map map_name


                Example:
                RP/0/RP0/CPU0:router(config)# flow exporter-map exp1
                
                
                 

                Creates an exporter map, configures the exporter map name, and enters flow exporter map configuration mode.

                 
                Step 3 version v9


                Example:
                RP/0/RP0/CPU0:router(config-fem)# version v9
                
                
                RP0  

                (Optional) Enters flow exporter map version configuration submode.

                 
                Step 4 options {interface-table | sampler-table} [timeout seconds]


                Example:
                RP/0/RP0/CPU0:router(config-fem-ver)# options interface-table timeout 300
                
                 

                (Optional) Configures the export timeout value for the interface table or the sampler table. Replace seconds with the export timeout value, in the range from 1 through 604800 seconds. The default is 1800 seconds for both the interface table and the sample table.

                You must perform this step twice to configure the export timeout value for both an interface table and a sample table.

                 
                Step 5 template [data | options] timeout seconds


                Example:
                RP/0/RP0/CPU0:router(config-fem-ver)# template data timeout 300
                
                 

                (Optional) Configures the export period for data packets or options packets. Replace seconds with the export timeout value, in the range from 1 through 604800 seconds.

                You must perform this step twice to configure the export period for both data packets and options packets.

                 
                Step 6 exit


                Example:
                RP0/CPU0:router(config-fem-ver)# exit
                
                 

                Exits flow exporter map version configuration mode, and enters flow exporter map configuration mode.

                 
                Step 7 transport udp port


                Example:
                RP/0/RP0/CPU0:router(config-fem)# transport udp 12515
                
                 

                (Optional) Specifies the destination port for UDP packets. Replace port with the destination UDP port value, in the range from 1024 through 65535.

                 
                Step 8 source type interface-path-id


                Example:
                RP/0/RP0/CPU0:router(config-fem)# source Loopback0
                
                 

                Specifies a source interface, in the format type interface-path-id. For example:

                POS 0/1/0/1 or Loopback0
                
                 
                Step 9 destination hostname_or_IP_address


                Example:
                RP/0/RP0/CPU0:router(config-fem)# destination 170.1.1.11
                
                 

                Configures the export destination for the flow exporter map. The destination can be a hostname or an IP address.

                 
                Step 10 exit


                Example:
                RP/0/RP0/CPU0:router(config-fem)# exit
                
                 

                Exits flow exporter map configuration mode, and enters flow exporter map configuration mode.

                 
                Step 11 flow monitor-map map_name


                Example:
                RP/0/RP0/CPU0:router(config)# flow monitor-map MPLS-IPv6-fmm
                
                 

                Creates a monitor map and configures a monitor map name and enters flow monitor map configuration submode.

                 
                Step 12 record mpls [ipv4-ipv6-fields] [labels number]


                Example:
                RP/0/RP0/CPU0:router(config-fmm)# record mpls ipv6-fields labels 3
                
                 

                Configures the flow record map name for IPv4, IPv6, or MPLS. Use the ipv4-ipv6-fields keyword to collect IPv4 and IPv6 fields in an MPLS-aware NetFlow.

                 
                Step 13 exporter map_name


                Example:
                RP/0/RP0/CPU0:router(config-fmm)# exporter exp1
                
                 

                Associates an exporter map with a monitor map.

                Note   

                A single flow monitor map can support up to eight exporters.

                 
                Step 14 cache entries number


                Example:
                RP/0/RP0/CPU0:router(config-fmm)# cache entries 10000
                
                 

                (Optional) Configures the number of entries in the flow cache. Replace the number argument with the number of flow entries allowed in the flow cache, in the range from 4096 through 1000000.

                The default number of cache entries is 65535.

                 
                Step 15 cache timeout {active timeout_value | inactive timeout_value | update timeout_value}


                Example:
                RP/0/RP0/CPU0:router(config-fmm)# cache timeout inactive 1800
                
                 

                (Optional) Configures the active, inactive, or update flow cache timeout value.

                • The default timeout value for the inactive flow cache is 15 seconds.
                • The default timeout value for the active flow cache is 1800 seconds.
                • The default timeout value for the update flow cache is 1800 seconds.
                Note   

                The inactive and active keywords are not applicable to permanent caches.

                Note   

                The update keyword is used for permanent caches only. It specifies the timeout value that is used to export entries from permanent caches. In this case, the entries are exported but remain the cache.

                 
                Step 16 cache permanent


                Example:
                RP/0/RP0/CPU0:router(config-fmm)# flow monitor-map fmm cache permanent
                
                 

                (Optional) Disables the removal of entries from flow cache.

                 
                Step 17 exit


                Example:
                RP/0/RP0/CPU0:router(config-fmm)# exit
                
                 

                Exits flow monitor map configuration submode.

                 
                Step 18 sampler-map map_name


                Example:
                RP/0/RP0/CPU0:router(config)# sampler-map fsm
                RP/0/RP0/CPU0:router(config-sm)#
                
                
                 

                Creates a sampler map and enters sampler map configuration mode.

                Keep the following in mind when configuring a sampler map:

                • NetFlow supports policing at a rate of 35,000 packets per second per direction for each individual line card.
                 
                Step 19 random 1 out-of sampling_interval


                Example:
                RP/0/RP0/CPU0:router(config-sm)# random 1 out-of 65535
                
                 

                Configures the sampling interval to use random mode for sampling packets. Replace the sampling_interval argument with a number, in the range from 1 through 65535 units.

                 
                Step 20 exit


                Example:
                RP/0/RP0/CPU0:router(config-sm)#exit
                
                 

                Exits sampler map configuration mode and enters global configuration mode.

                 
                Step 21 interface type number


                Example:
                RP/0/RP0/CPU0:router(config)# interface POS 0/0/0/0
                RP/0/RP0/CPU0:router(config-if)#
                
                
                 

                Enters interface configuration mode.

                 
                Step 22 flow [ipv4 | ipv6 | mpls] monitor monitor_map sampler sampler_map {egress | ingress}


                Example:
                RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor MPLS-IPv6-fmm sampler fsm egress
                
                 

                Associates a monitor map and a sampler map with an interface.

                Enter ipv4 to enable IPV4 NetFlow on the specified interface. Enter ipv6 to enable IPV6 NetFlow on the specified interface. Enter mpls to enable MPLS-aware NetFlow on the specified interface.

                 
                Step 23 Use one of these commands:
                • end
                • commit


                Example:
                RP/0/RP0/CPU0:router(config)# end

                or

                RP/0/RP0/CPU0:router(config)# commit
                 

                Saves configuration changes.

                • When you issue the end command, the system prompts you to commit changes:
                  Uncommitted changes found, commit them
                  before exiting(yes/no/cancel)? [cancel]:
                  
                  • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
                  • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
                  • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
                • Use the commit command to save the configuration changes to the running configuration file, and remain within the configuration session.
                 
                Step 24 exit


                Example:
                RP/0/RP0/CPU0:router(config-if)# exit
                
                 

                Exits interface configuration submode for the Ethernet interface.

                 
                Step 25 exit


                Example:
                RP/0/RP0/CPU0:router(config)# exit
                
                 

                Exits global configuration mode.

                 
                Step 26 show flow monitor-map map_name


                Example:
                RP/0/RP0/CPU0:router# show flow monitor-map fmm
                
                 

                Displays flow monitor map data.

                 
                Step 27 show flow exporter-map map_name


                Example:
                RP/0/RP0/CPU0:router# show flow exporter-map fem
                
                 

                Displays exporter map data.

                 

                Configuring Destination-based NetFlow Accounting

                Perform these tasks to configure destination-based NetFlow accounting.

                SUMMARY STEPS

                  1.    configure

                  2.    flow monitor-map map_name

                  3.    record {ipv4 | ipv6 } [destination]

                  4.    exit

                  5.    interface type interface-path-id

                  6.    flow {ipv4 | ipv6 | }monitor map-name { ingress }

                  7.    Use one of these commands:

                  • end
                  • commit

                  8.    show flow monitor-map map_name


                DETAILED STEPS
                    Command or Action Purpose
                  Step 1 configure


                  Example:
                  RP/0/RP0/CPU0:router# configure
                   

                  Enters global configuration mode.

                   
                  Step 2 flow monitor-map map_name


                  Example:
                  RP/0/RP0/CPU0:router(config)# flow monitor-map map1
                  RP/0/RP0/CPU0:router(config-fmm)#
                  
                   

                  Creates a monitor map and configures a monitor map name and enters flow monitor map configuration submode.

                   
                  Step 3 record {ipv4 | ipv6 } [destination]


                  Example:
                  RP/0/RP0/CPU0:router(config-fmm)# record ipv4 destination
                  


                  Example:
                  RP/0/RP0/CPU0:router(config-fmm)# record ipv6 destination
                  
                   

                  Configures the flow record for an IPv4 or IPv6 destination-based NetFlow accounting record. The destination keyword specifies that the record is for IPv4 or IPv6 destination-based NetFlow accounting.

                   
                  Step 4 exit


                  Example:
                  RP/0/RP0/CPU0:router(config-fmm)# exit
                  
                   

                  Exits flow monitor map mode to global configuration mode.

                   
                  Step 5 interface type interface-path-id


                  Example:
                  RP/0/RP0/CPU0:router# interface POS 0/1/0/0 
                  
                   

                  Interface type and physical interface-path-id in the format type rack/slot/module/port.

                  type—POS, Ethernet, ATM, etc.

                  rack—Chassis number of the rack.

                  slot—Physical slot number of the line card or modular services card.

                  module—Module number. A physical layer interface module (PLIM) is always 0.

                  port—Physical port number of the interface.

                   
                  Step 6 flow {ipv4 | ipv6 | }monitor map-name { ingress }


                  Example:
                  RP/0/RP0/CPU0:router# flow ipv4 monitor monitor1 ingress
                  


                  Example:
                  RP/0/RP0/CPU0:router# flow ipv6 monitor monitor1 ingress
                  
                   

                  Configures an IPv4 or IPv6 flow monitor for the ingress direction and assigns the name of the monitor.

                   
                  Step 7 Use one of these commands:
                  • end
                  • commit


                  Example:
                  RP/0/RP0/CPU0:router(config)# end

                  or

                  RP/0/RP0/CPU0:router(config)# commit
                   

                  Saves configuration changes.

                  • When you issue the end command, the system prompts you to commit changes:
                    Uncommitted changes found, commit them
                    before exiting(yes/no/cancel)? [cancel]:
                    
                    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
                    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
                    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
                  • Use the commit command to save the configuration changes to the running configuration file, and remain within the configuration session.
                   
                  Step 8 show flow monitor-map map_name


                  Example:
                  RP/0/RP0/CPU0:router# show flow monitor-map map1
                  
                   

                  Verifies monitor map data.

                   

                  Configuring Netflow over BVI

                  Perform this task to configure Neflow over BVI.


                  Note


                  For information on configuring the exporter, monitor, and sampler, see Configuring an Exporter Map, Configuring a Monitor Map, and Configuring a Sampler Map.


                  SUMMARY STEPS

                    1.    configure

                    2.    l2vpn

                    3.    bridge group bg1

                    4.    bridge-domain bd1

                    5.    interface TenGigE0/0/0/0

                    6.    exit

                    7.    interface Bundle-Ether100

                    8.    exit

                    9.    routed interface BVI1

                    10.    interface BVI1

                    11.    ipv4 address 11.11.11.11 255.255.255.0

                    12.    flow ipv4 monitor FMM sampler SAMP ingress

                    13.    flow ipv4 monitor FMM sampler SAMP egress

                    14.    flow ipv6 monitor FMM-v6 sampler SAMP ingress

                    15.    flow ipv6 monitor FMM-v6 sampler SAMP egress

                    16.    Use one of these commands:

                    • end
                    • commit


                  DETAILED STEPS
                      Command or Action Purpose
                    Step 1 configure


                    Example:
                    RP/0/RP0/CPU0:router# configure
                     

                    Enters global configuration mode.

                     
                    Step 2 l2vpn


                    Example:
                    RP/0/RP0/CPU0:router(config)# l2vpn 
                    
                     

                    Enters L2VPN configuration mode.

                     
                    Step 3 bridge group bg1


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn)# bridge group bg1 
                    
                     

                    Configures bridge group.

                     
                    Step 4 bridge-domain bd1


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain bd1 
                    
                     

                    Configures bridge domain.

                     
                    Step 5 interface TenGigE0/0/0/0


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface TenGigE0/0/0/0
                    
                     

                    Assigns TenGigabitEthernet/IEEE 802.3 interface to the configured bridge domain.

                     
                    Step 6 exit


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# exit
                    
                     

                    Exits the interface sub-mode.

                     
                    Step 7 interface Bundle-Ether100


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface Bundle-Ether100 
                    
                     

                    Assigns aggregated ethernet interface to the configured bridge domain.

                     
                    Step 8 exit


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# exit
                    
                     

                    Exits the interface sub-mode.

                     
                    Step 9 routed interface BVI1


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# routed interface BVI1 
                    
                     

                    Assigns Bridge-Group Virtual Interface to the configured bridge domain.

                     
                    Step 10 interface BVI1


                    Example:
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface BVI1 
                    
                     

                    Enters interface configuration mode.

                     
                    Step 11 ipv4 address 11.11.11.11 255.255.255.0


                    Example:
                    RP/0/RP0/CPU0:router(config-if)# ipv4 address 11.11.11.11 255.255.255.0 
                    
                     

                    Configures the IPv4 address of the interface.

                     
                    Step 12 flow ipv4 monitor FMM sampler SAMP ingress


                    Example:
                    RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor FMM sampler SAMP ingress
                    
                     

                    Configures IPv4 flow monitor, specifies a sampler for packets, and applies flow monitor on incoming packets.

                     
                    Step 13 flow ipv4 monitor FMM sampler SAMP egress


                    Example:
                    RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor FMM sampler SAMP egress
                    
                     

                    Configures IPv4 flow monitor, specifies a sampler for packets, and applies flow monitor on outgoing packets.

                     
                    Step 14 flow ipv6 monitor FMM-v6 sampler SAMP ingress


                    Example:
                    RP/0/RP0/CPU0:router(config-if)# flow ipv6 monitor FMM-v6 sampler SAMP ingress
                    
                     

                    Configures IPv6 flow monitor, specifies a sampler for packets, and applies flow monitor on incoming packets.

                     
                    Step 15 flow ipv6 monitor FMM-v6 sampler SAMP egress


                    Example:
                    RP/0/RP0/CPU0:router(config-if)# flow ipv6 monitor FMM-v6 sampler SAMP egress
                    
                     

                    Configures IPv6 flow monitor, specifies a sampler for packets, and applies flow monitor on outgoing packets.

                     
                    Step 16 Use one of these commands:
                    • end
                    • commit


                    Example:
                    RP/0/RP0/CPU0:router(config)# end

                    or

                    RP/0/RP0/CPU0:router(config)# commit
                     

                    Saves configuration changes.

                    • When you issue the end command, the system prompts you to commit changes:
                      Uncommitted changes found, commit them
                      before exiting(yes/no/cancel)? [cancel]:
                      
                      • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
                      • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
                      • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
                    • Use the commit command to save the configuration changes to the running configuration file, and remain within the configuration session.
                     

                    Configuration Examples for NetFlow

                    The following examples show NetFlow configurations:

                    Sampler Map: Example

                    The following example shows how to create a new sampler map called “fsm1,” which samples 1 out of 65535 packets:

                    RP/0/RP0/CPU0:router# sampler-map fsm1 
                    RP/0/RP0/CPU0:router(config-sm)# random 1 out-of 65535
                    RP/0/RP0/CPU0:router(config)# exit
                    
                    

                    Exporter Map: Example

                    The following example shows how to create a new flow exporter map called “fem1,” which uses the version 9 (V9) export format for NetFlow export packets. The data template flow-set is inserted into the V9 export packets once every 10 minutes, and the options interface table flow-set is inserted into the V9 export packet. The export packets are sent to the flow collector destination 10.1.1.1, where the source address is identical to the interface IP address of Loopback 0. The UDP destination port is 1024, and the DSCP value is 10:

                    RP/0/RP0/CPU0:router(config)# flow exporter-map fem1 
                    RP/0/RP0/CPU0:router(config-fem)# destination 10.1.1.1
                    RP/0/RP0/CPU0:router(config-fem)# source Loopback 0
                    RP/0/RP0/CPU0:router(config-fem)# transport udp 1024
                    RP/0/RP0/CPU0:router(config-fem)# dscp 10
                    RP/0/RP0/CPU0:router(config-fem)# exit
                    RP/0/RP0/CPU0:router(config-fem)# version v9
                    RP/0/RP0/CPU0:router(config-fem-ver)# template data timeout 600
                    RP/0/RP0/CPU0:router(config-fem-ver)# options interface-table
                    RP/0/RP0/CPU0:router(config-fem-ver)# exit
                    

                    The following example shows how to create a new flow exporter map called “fem1,” which uses the version 9 (V9) export format for the NetFlow export packets. The data template flow-set is inserted into the V9 export packets once every 10 minutes, and the options sampler table flow-set is inserted into the V9 export packet. The export packets are sent to the flow collector destination 10.1.1.1, where the source address is identical to the interface IP address of Loopback 0. The UDP destination port is 1024, and the DSCP value is 10:

                    RP/0/RP0/CPU0:router(config)# flow exporter-map fem1 
                    RP/0/RP0/CPU0:router(config-fem)# destination 10.1.1.1
                    RP/0/RP0/CPU0:router(config-fem)# source Loopback 0
                    RP/0/RP0/CPU0:router(config-fem)# transport udp 1024
                    RP/0/RP0/CPU0:router(config-fem)# dscp 10
                    RP/0/RP0/CPU0:router(config-fem)# exit
                    RP/0/RP0/CPU0:router(config-fem)# version v9
                    RP/0/RP0/CPU0:router(config-fem-ver)# template data timeout 600
                    RP/0/RP0/CPU0:router(config-fem-ver)# options sampler-table
                    RP/0/RP0/CPU0:router(config-fem-ver)# exit
                    

                    Flow Monitor Map: Examples

                    The following example shows how to create a new flow monitor map with name “fmm1”. This flow monitor map references the flow exporter map “fem1,” and sets the flow cache attributes to 10000 cache entries. The active entries from the cache are aged every 30 seconds, while the inactive entries from the cache are aged every 15 seconds. The record map for this monitor map is IPv4:

                    RP/0/RP0/CPU0:router(config)# flow monitor-map fmm1
                    RP/0/RP0/CPU0:router(config-fmm)# record ipv4
                    RP/0/RP0/CPU0:router(config-fmm)# exporter fem1
                    RP/0/RP0/CPU0:router(config-fmm)# cache entries 10000
                    RP/0/RP0/CPU0:router(config-fmm)# cache timeout active 30
                    RP/0/RP0/CPU0:router(config-fmm)# cache timeout inactive 15
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    
                    

                    The following example shows how to apply the flow monitor “fmm1”and the sampler “fsm1” to the TenGigE 0/0/0/0 interface in the ingress direction:

                    RP/0/RP0/CPU0:router(config)# interface TenGigE 0/0/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor fmm1 sampler fsm1 ingress 
                    RP/0/RP0/CPU0:router(config-if)# exit
                    
                    

                    The following example shows how to configure the NetFlow monitor to collect MPLS packets with IPv6 fields:

                    RP/0/RP0/CPU0:router# config
                    RP/0/RP0/CPU0:router(config)# flow exporter-map exp1
                    RP/0/RP0/CPU0:router(config-fem)# version v9
                    RP/0/RP0/CPU0:router(config-fem-ver)# options interface-table timeout 300
                    RP/0/RP0/CPU0:router(config-fem-ver)# options sampler-table timeout 300
                    RP/0/RP0/CPU0:router(config-fem-ver)# template data timeout 300
                    RP/0/RP0/CPU0:router(config-fem-ver)# template options timeout 300
                    RP/0/RP0/CPU0:router(config-fem-ver)# exit 
                    RP/0/RP0/CPU0:router(config-fem)# transport udp 12515
                    RP/0/RP0/CPU0:router(config-fem)# source Loopback0
                    RP/0/RP0/CPU0:router(config-fem)# destination 170.1.1.11
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    RP/0/RP0/CPU0:router(config)# flow monitor-map MPLS-IPv6-fmm
                    RP/0/RP0/CPU0:router(config-fmm)# record mpls ipv6-fields labels 3
                    RP/0/RP0/CPU0:router(config-fmm)# exporter exp1
                    RP/0/RP0/CPU0:router(config-fmm)# cache entries 10000
                    RP/0/RP0/CPU0:router(config-fmm)# cache permanent
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    
                    RP/0/RP0/CPU0:router(config)# sampler-map FSM
                    RP/0/RP0/CPU0:router(config-sm)# random 1 out-of 65535
                    RP/0/RP0/CPU0:router(config-sm)# exit
                    RP/0/RP0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow mpls monitor MPLS-IPv6-fmm sampler FSM ingress
                    
                    

                    MPLS Flow Monitor with IPv4 and IPv6 Support: Examples

                    The following configuration collects MPLS traffic, but no payload information is collected.

                    RP/0/RP0/CPU0:router(config)# flow monitor-map MPLS-fmm
                    RP/0/RP0/CPU0:router(config-fmm)# record mpls labels 3
                    RP/0/RP0/CPU0:router(config-fmm)# cache permanent
                    RP/0/RP0/CPU0:router(config)# exit
                    RP/0/RP0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0
                    
                    RP/0/RP0/CPU0:router(config-if)# flow mpls monitor MPLS-fmm sampler fsm ingress
                    
                    

                    The following configuration collects MPLS traffic with IPv4 payloads. It also collects MPLS traffic without IPv4 payloads, but it populates the IPv4 fields with zeros (0).

                    RP/0/RP0/CPU0:router(config)# flow monitor-map MPLS-IPv4-fmm
                    RP/0/RP0/CPU0:router(config-fmm)# record mpls IPv4-fields labels 3
                    RP/0/RP0/CPU0:router(config-fmm)# cache permanent
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    RP/0/RP0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow mpls monitor MPLS-IPv4-fmm sampler fsm ingress
                    
                    

                    The following configuration collects MPLS traffic with IPv6 payloads. It also collects MPLS traffic without IPv6 payloads, but it populates the IPv6 fields with zeros (0).

                    RP/0/RP0/CPU0:router(config)# flow monitor-map MPLS-IPv6-fmm
                    RP/0/RP0/CPU0:router(config-fmm)# record mpls IPv6-fields labels 3
                    RP/0/RP0/CPU0:router(config-fmm)# cache permanent
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    RP/0/RP0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow mpls monitor MPLS-IPv6-fmm sampler fsm ingress
                    
                    

                    The following configuration collects MPLS traffic with both IPv6 and IPv4 fields. It also collects MPLS traffic without IPv4 or IPv6 payloads, but it populates the IPv6 and IPv4 fields with zeros (0).

                    RP/0/RP0/CPU0:router(config)# flow monitor-map MPLS-IPv4-IPv6-fmm
                    RP/0/RP0/CPU0:router(config-fmm)# record mpls IPv4-IPv6-fields labels 3
                    RP/0/RP0/CPU0:router(config-fmm)# cache permanent
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    RP/0/RP0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow mpls monitor MPLS-IPv4-IPv6-fmm sampler fsm ingress
                    
                    

                    The following example configuration sets IPv6 field collection on a Packet-over-SONET (POS) interface:

                    RP/0/RP0/CPU0:router(config)# flow monitor-map MPLS-IPv6-fmm
                    RP/0/RP0/CPU0:router(config-fmm)# record mpls ipv6-fields labels <n>
                    RP/0/RP0/CPU0:router(config-fmm)# exporter <exporter-name>
                    RP/0/RP0/CPU0:router(config-fmm)# cache entries <number>
                    RP/0/RP0/CPU0:router(config-fmm)# cache timeout {active | inactive | update} <timeout>
                    RP/0/RP0/CPU0:router(config-fmm)# cache permanent
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    RP/0/RP0/CPU0:router(config)# interface pos 0/1/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow MPLS monitor <MPLS-IPv6-fields> sampler <name> <direction>
                    
                    

                    Note


                    Flow records are exported using the Version 9 format.


                    Destination-based NetFlow Accounting: Example

                    This example shows how to configure an IPv4 flow record for destination-based NetFlow accounting:

                    RP/0/RP0/CPU0:router# configure
                    RP/0/RP0/CPU0:router(config)# flow exporter-map fem
                    RP/0/RP0/CPU0:router(config-fem)#  source Loopback0
                    RP/0/RP0/CPU0:router(config-fem)#  destination 80.80.80.5
                    RP/0/RP0/CPU0:router(config-fem)#  transport udp 1025
                    RP/0/RP0/CPU0:router(config-fem)# exit
                    RP/0/RP0/CPU0:router(config)# flow monitor-map map1
                    RP/0/RP0/CPU0:router(config-fmm)# record ipv4 destination
                    RP/0/RP0/CPU0:router(config-fmm)# exporter fem
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    RP/0/RP0/CPU0:router(config)# interface pos 0/1/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor map1 ingress
                    RP/0/RP0/CPU0:router(config-if)# end
                    RP/0/RP0/CPU0:router#  show flow monitor-map map1
                    
                    

                    This example shows how to configure an IPv6 flow record for destination-based NetFlow accounting:

                    RP/0/RP0/CPU0:router# configure
                    RP/0/RP0/CPU0:router(config)# flow monitor-map map2
                    RP/0/RP0/CPU0:router(config-fmm)# record ipv6 destination
                    RP/0/RP0/CPU0:router(config-fmm)# exit
                    RP/0/RP0/CPU0:router(config)#  interface gigabitEthernet 0/1/0/0
                    RP/0/RP0/CPU0:router(config-if)# flow ipv6 monitor map2 ingress
                    RP/0/RP0/CPU0:router(config-if)# end
                    RP/0/RP0/CPU0:router#  show flow monitor-map map2
                    
                    

                    This example displays the output for the show flow monitor-map command:

                    RP/0/RP0/CPU0:router#  show flow monitor-map map2
                    Tue Jan 22 00:15:53.424 PST
                    
                    Flow Monitor Map : map2
                    -------------------------------------------------
                    Id:                                1
                    RecordMapName:    ipv6-destination
                    CacheAgingMode:    Normal
                    CacheMaxEntries:    65535
                    CacheActiveTout:     1800 seconds
                    CacheInactiveTout:  15 seconds
                    CacheUpdateTout:    N/A
                    
                    

                    Netflow over BVI: Example

                    This example shows how to configure netflow over BVI:

                    RP/0/RP0/CPU0:router# configure
                    RP/0/RP0/CPU0:router(config)# l2vpn
                    RP/0/RP0/CPU0:router(config-l2vpn)# bridge group bg1
                    RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain bd1
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface Bundle-Ether100
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)# exit
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface TenGigE0/0/0/0
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)# exit
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# routed interface BVI 1
                    RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface BVI 1
                    RP/0/RP0/CPU0:router(config-if)# ipv4 address 11.11.11.11 255.255.255.0
                    RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor FMM sampler SAMP ingress
                    RP/0/RP0/CPU0:router(config-if)# flow ipv4 monitor FMM sampler SAMP egress
                    RP/0/RP0/CPU0:router(config-if)# flow ipv6 monitor FMM-v6 sampler SAMP ingress
                    RP/0/RP0/CPU0:router(config-if)# flow ipv6 monitor FMM-v6 sampler SAMP egress
                    RP/0/RP0/CPU0:router(config-if)# interface TenGigE0/0/0/0
                    RP/0/RP0/CPU0:router(config-if)# l2transport
                    RP/0/RP0/CPU0:router(config-if)# interface Bundle-Ether100
                    RP/0/RP0/CPU0:router(config-if)# l2transport
                    RP/0/RP0/CPU0:router(config-if)# end
                    

                    Additional References

                    The following sections provide references related to interface configuration.

                    Related Documents

                    Related Topic

                    Document Title

                    Cisco IOS XR master command reference

                    Cisco IOS XR Master Commands List

                    Cisco IOS XR interface configuration commands

                    Cisco IOS XR Interface and Hardware Component Command Reference for the Cisco CRS Router

                    Initial system bootup and configuration information for a router using the Cisco IOS XR software.

                    Cisco IOS XR Getting Started Guide for the Cisco CRS Router

                    Information about user groups and task IDs

                    Cisco IOS XR Interface and Hardware Component Command Reference for the Cisco CRS Router

                    Information about configuring interfaces and other components from a remote Craft Works Interface (CWI) client management application.

                    Cisco Craft Works Interface User Guide

                    Standards

                    Standards

                    Title

                    No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

                    MIBs

                    MIBs

                    MIBs Link

                    To locate and download MIBs using Cisco IOS XR software, use the Cisco MIB Locator found at the following URL and choose a platform under the Cisco Access Products menu: http:/​/​cisco.com/​public/​sw-center/​netmgmt/​cmtk/​mibs.shtml

                    RFCs

                    RFCs

                    Title

                    3954

                    NetFlow services export protocol Version 9.

                    Technical Assistance

                    Description

                    Link

                    The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

                    http:/​/​www.cisco.com/​techsupport