Contents

Cisco Performance Monitor
action (policy-react and policy-inline-react)
alarm severity (policy-react and policy-inline-react)
alarm type (policy-react and policy-inline-react)
cache entries
cache timeout
cache type
class-map
clear fm performance-monitor counters
clock-rate (policy RTP)
collect application description
collect application http
collect application media
collect application name
collect application nntp
collect application pop3
collect application rtsp
collect application sip
collect application smtp
collect application vendor
collect application version
collect connection
collect connection client
collect connection delay application
collect connection delay network
collect connection delay response
collect connection performance application-delay
collect connection performance initiator
collect connection performance network-delay
collect connection performance new-transaction
collect connection performance responder
collect connection performance total-delay
collect connection performance total-transaction-time
collect connection server
collect connection transaction
collect counter
collect datalink destination-vlan-id
collect datalink mac
collect datalink source-vlan-id
collect datalink vlan
collect flow
collect interface
collect ipv4
collect ipv4 destination
collect ipv4 fragmentation
collect ipv4 initiator
collect ipv4 responder
collect ipv4 section
collect ipv4 source
collect ipv4 total-length
collect ipv4 ttl
collect ipv6
collect ipv6 destination
collect ipv6 extension map
collect ipv6 fragmentation
collect ipv6 hop-limit
collect ipv6 initiator
collect ipv6 length
collect ipv6 responder
collect ipv6 section
collect ipv6 source
collect metadata
collect monitor event
collect policy performance-monitor
collect routing
collect routing is-multicast
collect routing multicast replication-factor
collect services waas
collect timestamp absolute
collect timestamp interval
collect timestamp sys-uptime
collect transport
collect transport event packet-loss counter
collect transport icmp ipv4
collect transport icmp ipv6
collect transport initiator port
collect transport packets
collect transport responder port
collect transport rtp jitter
collect transport tcp
collect transport udp
debug fm performance-monitor
debug performance monitor
description (Performance Monitor)
destination
dscp (Flexible NetFlow)
export-protocol
exporter
flow monitor type performance-monitor
flow record type performance-monitor
flows
history (monitor parameters)
interval duration
match access-group
match any
match application name
match application vendor
match application version
match connection client
match connection server
match cos
match connection transaction-id
match datalink destination-vlan-id
match datalink mac
match datalink source-vlan-id
match datalink vlan
match destination-address mac
match discard-class
match dscp
match flow
match fr-de
match fr-dlci
match input-interface
match interface (Flexible NetFlow)
match ip dscp
match ip precedence
match ip rtp
match ipv4
match ipv4 destination
match ipv4 fragmentation
match ipv4 initiator
match ipv4 responder
match ipv4 section
match ipv4 source
match ipv4 total-length
match ipv4 ttl
match ipv6
match ipv6 destination
match ipv6 extension map
match ipv6 fragmentation
match ipv6 hop-limit
match ipv6 initiator
match ipv6 length
match ipv6 responder
match ipv6 section
match ipv6 source
match metadata
match mpls experimental topmost
match not
match packet length (class-map)
match policy performance-monitor
match precedence
match protocol
match qos-group
match routing
match routing is-multicast
match routing multicast replication-factor
match source-address mac
match services waas
match transport
match transport destination-port
match transport icmp ipv4
match transport icmp ipv6
match transport initiator
match transport responder
match transport rtp ssrc
match transport source-port
match transport tcp
match transport udp
match vlan
max-dropout (policy RTP)
max-reorder (policy RTP)
min-sequential (policy RTP)
monitor metric ip-cbr
monitor metric rtp
monitor parameters
option (Flexible NetFlow)
output-features
platform performance-monitor rate-limit
policy-map type performance-monitor
rate layer3
react (policy)
record (Performance Monitor)
rename (policy)
service-policy type performance-monitor
show flow record type
show performance monitor aggregated
show performance monitor cache
show performance monitor clock rate
show performance monitor clients
show performance monitor history
show performance monitor status
show platform hardware acl entry interface
show platform software ccm
show platform software feature-manager performance-monitor
show platform software feature-manager tcam
show policy-map type performance-monitor
source (Flexible NetFlow)
ssrc maximum
template data timeout
theshold value (policy-react and policy-inline-react)
timeout (monitor parameters)
transport (Flexible NetFlow)
ttl (Flexible NetFlow)

Cisco Performance Monitor

action (policy-react and policy-inline-react)

To configure which applications which will receive an alarm or notification, use the actioncommand in policy react configuration mode and policy inline react configuration mode. To disable the sending alarms or notifications, use the no form of this command.

action {syslog | snmp | eem}

no action {syslog | snmp | eem}

Syntax Description

syslog	Sends an alarm or notification to the syslog.
snmp	Sends an alarm or notification to the SNMP MIB variables.
eem	Sends an alarm or notification to Cisco Embedded Event Manager.

Command Default

Information is saved to syslog.

Command Modes

Policy react configuration (config-pmap-c-react)
Policy inline react configuration (config-spolicy-inline-react)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

You can configure multiple action commands to allow more than one recipients to receive an alarm or notification.

Examples

The following example shows how to specify that SNMP MIB variables will receive an alarm or notification, while configuring a policy-map:

Router(config)# policy-map type performance-monitor policy-4
Router(config-pmap)# class PM-CLASS-4
Router(config-pmap-c)# react 2000 rtp-jitter-average
Router(config-pmap-c-react)# action snmp

The following example shows how to specify that SNMP MIB variables will receive an alarm or notification, while associating a service-policy with an interface:

Router(config)# interface ethernet 0/0
Router(config-if)# service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)# react 2000 rtp-jitter-average
Router(config-spolicy-inline-react)# action snmp

Related Commands

Command	Description
policy-map type performance-monitor	Creates a policy for Performance Monitor.
service-policy type performance-monitor	Associates a policy with an interface.

alarm severity (policy-react and policy-inline-react)

To configure the severity of alarms sent for a Performance Monitor policy, use the alarm severitycommand in policy react configuration mode and policy inline react configuration mode. To return to the default and send all alarms, use the no form of this command.

alarm severity {alert | critical | emergency | error | info}

no alarm severity {alert | critical | emergency | error | info}

Syntax Description

alert	Sends only alerts.
critical	Sends only critical alarms.
emergency	Sends only emergency alarms.
error	Sends only errors.
info	Sends only informational messages.

Command Default

All alarm severities are sent.

Command Modes

Policy react configuration (config-pmap-c-react)
Policy inline react configuration (config-spolicy-inline-react)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

The definition of the alarms types are listed below in order of severity:

Emergency--System unusable
Alert--Immediate action needed
Critical--Critical condition
Error--Error condition

Examples

The following example shows how to specify that only emergency alarms will be sent, while configuring a policy-map:

Router(config)# policy-map type performance-monitor policy-4
Router(config-pmap)# class PM-CLASS-4
Router(config-pmap-c)# react 2000 rtp-jitter-average
Router(config-pmap-c-react)# alarm severity emergency

The following example shows how to specify that only emergency alarms will be sent, while associating a service-policy with an interface:

Router(config)# interface ethernet 0/0
Router(config-if)# service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)# react 2000 rtp-jitter-average
Router(config-spolicy-inline-react)# alarm severity emergency

Related Commands

Command	Description
policy-map type performance-monitor	Creates a policy for Performance Monitor.
service-policy type performance-monitor	Associates a policy with an interface.

alarm type (policy-react and policy-inline-react)

To configure the types of alarms sent for a Performance Monitor policy, use the alarm typecommand in policy react configuration mode and policy inline react configuration mode. To return to the default and send all alarms, use the no form of this command.

alarm type {discrete | grouped {count number | percent number}}

no alarm type {discrete | grouped {count number | percent number}}

Syntax Description

discrete	Sends only individual alarms.
grouped	Sends only grouped alarms.
count number	Send alarms only when the count of the monitored event is above the specified number
percent number	Send alarms only when percentage of the monitored event is above the specified number.

Command Default

Alarm type is set to discrete.

Command Modes

Policy react configuration (config-pmap-c-react)
Policy inline react configuration (config-spolicy-inline-react)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

The monitored event is specified by the react command. You can group alarms by whether they exceed a specified percentage or count.

Examples

The following example shows how to specify that only percentage type alarms will be sent, while configuring a policy-map:

Router(config)# policy-map type performance-monitor policy-4
Router(config-pmap)# class PM-CLASS-4
Router(config-pmap-c)# react 2000 rtp-jitter-average
Router(config-pmap-c-react)# alarm type percent 80

The following example shows how to specify that only percentage type alarms will be sent, while associating a service-policy with an interface:

Router(config)# interface ethernet 0/0
Router(config-if)# service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)# react 2000 rtp-jitter-average
Router(config-spolicy-inline-react)# alarm type percent 80

Related Commands

Command	Description
policy-map type performance-monitor	Creates a policy for Performance Monitor.
service-policy type performance-monitor	Associates a policy with an interface.

cache entries

To configure the number cache entries for a Performance Monitor flow monitor, use the cache entriescommand in flow monitor configuration mode. To remove the configuration, use the no form of this command.

cache entries number

no cache entries number

Syntax Description

number

Specifies the number of entries.

Command Default

No cache entries are configured.

Command Modes

Flow monitor configuration (config-flow-monitor)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Examples

The following example shows how to set the number cache entries to 200, while configuring a flow monitor for Performance Monitor:

Router(config)# flow monitor type performance-monitor monitor-4
Router(config-flow-monitor)# cache entries 200
Router(config-flow-monitor)# record r2
Router(config-flow-monitor)# exporter e2

Related Commands

Command	Description
flow monitor type performance-monitor	Creates a flow monitor for Performance Monitor.

cache timeout

To configure the cache timeout for a Performance Monitor flow monitor, use the cache timeoutcommand in flow monitor configuration mode. To remove the configuration, use the no form of this command.

cache timeout {{active | inactive | synchronized}timeout | event transaction end}

no cache timeout {{active | inactive | synchronized}timeout | event transaction end}

Syntax Description

active	Specifies an active timeout.
inactive	Specifies an inactive timeout.
synchronized	Specifies a synchronized timeout.
timeout	Specifies that the duration of the second.
event transaction end	Specifies that the timeout occurs when the transaction ends.

Command Default

No timeout is configured.

Command Modes

Flow monitor configuration (config-flow-monitor)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Examples

The following example shows how to set an active cache timeout of 20 seconds, while configuring a flow monitor for Performance Monitor:

Router(config)# flow monitor type performance-monitor monitor-4
Router(config-flow-monitor)# cache timeout active 20
Router(config-flow-monitor)# record r2
Router(config-flow-monitor)# exporter e2

Related Commands

Command	Description
flow monitor type performance-monitor	Creates a flow monitor for Performance Monitor.

cache type

To configure the cache type for a Performance Monitor flow monitor, use the cache typecommand in flow monitor configuration mode. To remove the configuration, use the no form of this command.

cache type {permanent | normal | immediate}

no cache type {permanent | normal | immediate}

Syntax Description

permanent	Specifies a permanent cache.
normal	Specifies a normal cache.
synchronized	Specifies a synchronized cache.

Command Default

No cache type is configured.

Command Modes

Flow monitor configuration (config-flow-monitor)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Examples

The following example shows how to configure a normal cache, while configuring a flow monitor for Performance Monitor:

Router(config)# flow monitor type performance-monitor monitor-4
Router(config-flow-monitor)# cache type normal
Router(config-flow-monitor)# record r2
Router(config-flow-monitor)# exporter e2

Related Commands

Command	Description
flow monitor type performance-monitor	Creates a flow monitor for Performance Monitor.

class-map

To create a class map to be used for matching packets to a specified class and to enter QoS class-map configuration mode, use the class-map command in global configuration mode. To remove an existing class map from a device, use the no form of this command.

Cisco 2600, 3660, 3845, 6500, 7200, 7401, and 7500 Series Routers

class-map [type {stack | access-control | port-filter | queue-threshold | logging log-class}] [match-all | match-any] class-map-name

no class-map [type {stack | access-control | port-filter | queue-threshold | logging log-class}] [match-all | match-any] class-map-name

Cisco 7600 Series Routers

class-map class-map-name [match-all | match-any]

no class-map class-map-name [match-all | match-any]

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

class-map class-map-name

no class-map class-map-name

Syntax Description

type

(Optional) Specifies the class-map type.

stack

(Optional) Enables the flexible packet matching (FPM) functionality to determine the protocol stack to examine.

When you use the load protocol command to load protocol header description files (PHDFs) on the device, a stack of protocol headers can be defined so that the filter can determine which headers are present and in what order.

access-control

(Optional) Determines the pattern to look for in the configured protocol stack.

Note

You must specify a stack class map (by using the type stack keywords) before specifying an access-control class map (by using the type access-control keywords).

port-filter

(Optional) Creates a port-filter class map that enables the TCP or UDP port policing of control plane packets. When this keyword is enabled, the command filters the traffic that is destined to specific ports on the control-plane host subinterface.

queue-threshold

(Optional) Enables queue thresholding, which limits the total number of packets for a specified protocol allowed in the control plane IP input queue. The queue-thresholding applies only to the control-plane host subinterface.

logging log-class

(Optional) Enables the logging of packet traffic on the control plane. The value for the log-class argument is the name of the log class.

match-all

(Optional) Determines how packets are evaluated when multiple match criteria exist. Matches statements under this class map based on the logical AND function. A packet must match all statements to be accepted. If you do not specify the match-all or match-any keyword, the default keyword used is match-all.

match-any

(Optional) Determines how packets are evaluated when multiple match criteria exist. Matches statements under this class map based on the logical OR function. A packet must match any of the match statements to be accepted. If you do not specify the match-any or match-all keyword, the default keyword is used match-all.

class-map-name

Name of the class for the class map. The class name is used for both the class map and to configure a policy for the class in the policy map.

Note

You can enter the value for the class-map-name argument within quotation marks. The software does not accept spaces in a class map name entered without quotation marks.

Command Default

A class map is not configured.

Command Modes

Global configuration (config)

Command History

Release	Modification
12.0(5)T	This command was introduced.
12.0(5)XE	This command was integrated into Cisco IOS Release 12.0(5)XE.
12.0(7)S	This command was integrated into Cisco IOS Release 12.0(7)S.
12.1(1)E	This command was integrated into Cisco IOS Release 12.1(1)E.
12.2(14)SX	This command was integrated into Cisco IOS Release 12.2(14)SX and implemented on Cisco 7600 series routers.
12.2(17d)SXB	This command was integrated into Cisco IOS Release 12.2(17d)SXB and implemented on Cisco 7600 series routers.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.4(4)T	This command was modified. The stack and access-control keywords were added to support FPM. The port-filter and queue-threshold keywords were added to support control-plane protection.
12.4(6)T	This command was modified. The logging log-class keyword and argument pair was added to support control-plane packet logging.
12.2(18)ZY	This command was modified. The stack and access-control keywords were integrated into Cisco IOS Release 12.2(18)ZY on Catalyst 6500 series switches equipped with the programmable intelligent services accelerator (PISA).
Cisco IOS XE Release 2.1	This command was integrated into Cisco IOS XE Release 2.1 and implemented on Cisco ASR 1000 Series Aggregation Services Routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor with the class-map-name argument as the only syntax element available.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor with the class-map-name argument.
12.2(33)SCF	This command was integrated into Cisco IOS Release 12.2(33)SCF.
15.2(3)T	This command was modified. The software does not accept spaces in a class map name entered without quotation marks.
15.1(2)SNG	This command was integrated into Cisco ASR 901 Series Aggregation Services Routers.

Usage Guidelines

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

Only the class-map-name argument is available.

Cisco 2600, 3660, 3845, 6500, 7200, 7401, 7500, and ASR 1000 Series Routers

Use the class-map command to specify the class that you will create or modify to meet the class-map match criteria. This command enters QoS class-map configuration mode in which you can enter one or more match commands to configure the match criteria for this class. Packets that arrive at either the input interface or the output interface (determined by how the service-policy command is configured) are checked against the match criteria that are configured for a class map to determine if packets belong to that class.

When configuring a class map, you can use one or more match commands to specify the match criteria. For example, you can use the match access-group command, the match protocol command, or the match input-interface command. The match commands vary according to the Cisco software release. For more information about match criteria and match commands, see the "Modular Quality of Service Command-Line Interface (CLI) (MQC)" chapter of the Cisco IOS Quality of Service Solutions Configuration Guide.

Cisco 7600 Series Routers

Apply the class-map command and commands available in QoS class-map configuration mode on a per-interface basis to define packet classification, marking, aggregating, and flow policing as part of a globally named service policy.

You can attach a service policy to an EtherChannel. Do not attach a service policy to a port that is a member of an EtherChannel.

When a device is in QoS class-map configuration mode, the following configuration commands are available:

description--Specifies the description for a class-map configuration.
exit--Exits from QoS class-map configuration mode.
match--Configures classification criteria.
no--Removes a match statement from a class map.

The following commands appear in the CLI help but are not supported on LAN interfaces or WAN interfaces on Optical Service Modules (OSMs):

destination-address mac mac-address
input-interface {interface-type interface-number | null number | vlan vlan-id}
protocol link-type
source-address mac mac-address

OSMs are not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 32.

Policy Feature Card (PFC) QoS does not support the following commands:

destination-address mac mac-address
input-interface {interface-type interface-number | null number | vlan vlan-id}
protocol link-type
qos-group group-value
source-address mac mac-address

If you enter these commands, PFC QoS does not detect unsupported keywords until you attach a policy map to an interface. When you try to attach the policy map to an interface, an error message is generated. For additional information, see the Cisco 7600 Series Router Cisco IOS Software Configuration Guide and Cisco IOS command references.

After configuring the class-map name and the device you can enter the match access-group and match ip dscp commands in QoS class-map configuration mode. The syntax for these commands is as follows:

match [access-group {acl-index | acl-name} | ip dscp | precedence} value]

See the table below for a description of match command keywords.

Table 1

match command Syntax Description

Optional command	Description
access-group acl-index \| acl-name	(Optional) Specifies the access list index or access list names. Valid access list index values are from 1 to 2699.
access-group acl-name	(Optional) Specifies the named access list.
ip dscp value1 value2 ... value8	(Optional) Specifies IP differentiated services code point (DSCP) values to match. Valid values are from 0 to 63. You can enter up to eight DSCP values separated by spaces.
ip precedence value1 value2 ... value8	(Optional) Specifies the IP precedence values to match. Valid values are from 0 to 7. You can enter up to eight precedence values separated by spaces.

Examples

The following example shows how to specify class101 as the name of a class and define a class map for this class. The class named class101 specifies policy for the traffic that matches ACL 101.

Device(config)# class-map class101
Device(config-cmap)# match access-group 101
Device(config-cmap)# end

The following example shows how to define FPM traffic classes for slammer and UDP packets. The match criteria defined within class maps are for slammer and UDP packets with an IP length that does not exceed 404 (0x194) bytes, UDP port 1434 (0x59A), and pattern 0x4011010 at 224 bytes from the start of the IP header.

Device(config)# load protocol disk2:ip.phdf
Device(config)# load protocol disk2:udp.phdf
Device(config)# class-map type stack match-all ip-udp
Device(config-cmap)# description "match UDP over IP packets"
Device(config-cmap)# match field ip protocol eq 0x11 next udp
Device(config-cmap)#exit
Device(config)# class-map type access-control match-all slammer
Device(config-cmap)# description "match on slammer packets"
Device(config-cmap)# match field udp dest-port eq 0x59A
Device(config-cmap)# match field ip length eq 0x194
Device(config-cmap)# match start 13-start offset 224 size 4 eq 0x 4011010
Device(config-cmap)# end

The following example shows how to configure a port-filter policy to drop all traffic that is destined to closed or "nonlistened" ports except Simple Network Management Protocol (SNMP):

Device(config)# class-map type port-filter pf-class
Device(config-cmap)# match not port udp 123
Device(config-cmap)# match closed-ports
Device(config-cmap)# exit
Device(config)# policy-map type port-filter pf-policy
Device(config-pmap)# class pf-class
Device(config-pmap-c)# drop
Device(config-pmap-c)# end

The following example shows how to configure a class map named ipp5 and enter a match statement for IP precedence 5:

Device(config)# class-map ipp5
Device(config-cmap)# match ip precedence 5

Setting Up a Class Map Inside an 802.1p Domain

The following example shows how to set up a class map and match traffic classes for the 802.1p domain with packet class of service (CoS) values:

Device> enable
Device# configure terminal
Device(config)# class-map cos1
Device(config-cmap)# match cos 0
Device(config-pmap-c)# end

Setting Up a Class Map Inside an MPLS Domain

The following example shows how to set up a class map and match traffic classes for the Multiprotocol Label Switching (MPLS) domain with packet experimental (EXP) values:

Device> enable
Device# configure terminal
Device(config)# class-map exp7
Device(config-cmap)# match mpls experimental topmost 2
Device(config-pmap-c)# end

Related Commands

Command	Description
description	Specifies the description for a class map or policy map configuration.
drop	Configures the traffic class to discard packets belonging to a specific class map.
class (policy-map)	Specifies the name of the class whose policy you want to create or change, and the default class before you configure its policy.
load protocol	Loads a PHDF onto a router.
match (class-map)	Configures the match criteria for a class map on the basis of port filter or protocol queue policies.
match access-group	Configures the match criteria for a class map on the basis of the specified ACL.
match input-interface	Configures a class map to use the specified input interface as a match criterion.
match ip dscp	Identifies one or more DSCP, AF, and CS value as a match criterion.
match mpls experimental	Configures a class map to use the specified EXP field value as a match criterion.
match protocol	Configures the match criteria for a class map on the basis of the specified protocol.
policy-map	Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.
protocol	Configures a timer and authentication method for a control interface.
qos-group	Associates a QoS group value for a class map.
service-policy	Attaches a policy map to an input interface or VC or to an output interface or VC to be used as the service policy for that interface or VC.
show class-map	Displays class map information.
show policy-map interface	Displays statistics and configurations of input and output policies that are attached to an interface.
source-address	Configures the source-address control on a port.

clear fm performance-monitor counters

To clear counters for the Performance Monitor component of Feature Monitor, use the clear fm performance-monitor counterscommand in privileged EXEC mode.

clear fm performance-monitor counters

Syntax Description

This command has no arguments or keywords.

Command Default

Counters for the Performance Monitor are not cleared.

Command Modes

Privileged EXEC (#)

Command History

Release	Modification
15.0(1)SY	This command was introduced on the Catalyst 6500 platform.

Usage Guidelines

This command is available only on the Catalyst 6500 platform.

Examples

The following example shows the how to clear counters for the Performance Monitor component of Feature Monitor:

Router# clear fm performance-monitor counters

Related Commands

Command	Description
show platform hardware acl entry interface	Displays information about inbound and outbound access control list (ACL) ternary content addressable memory (TCAM) interface entries.
show platform software ccm	Displays information about ternary content addressable memory (TCAM) Cisco CallManager (CCM) entries.
show platform software feature-manager performance-monitor	Displays information about the Performance Monitor component of Feature Manager.
show platform software feature-manager tcam	Displays information about dynamic ternary content addressable memory (TCAM) entries for the Performance Monitor component of Feature Manager.

clock-rate (policy RTP)

To configure the rate for the RTP packet time-stamp clock, use the clock-ratecommand in policy RTP configuration mode. To remove the configuration, use the no form of this command.

clock-rate {type-number | type-name} rate

no clock-rate

Syntax Description

type-number	An integer between 0 and 34. This value is compared with the payload type field in the RTP header. Values between 0 and 23 are reserved for audio streams, and values between 24 and 34 are reserved for video streams.
type-name	The name of the payload type field in the RTP header.
rate	Clock rate in Hz. The range is from 9600 to 124000.

Command Default

Clock rate is 90000.

Command Modes

policy RTP configuration (config-pmap-c-mrtp)
policy inline RTP configuration (config-spolicy-inline-mrtp)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

For more information about how the clock rate for RTP packet time-stamp clock is used to calculate the packet arrival latency, see RFC 3550, RTP, A Transport Protocol for Real-Time Applications . The clock rate has to be synchronized with the routers along the path of the flow. Because the clock rate can vary depending on the payload codec type, a keyword is provided to set the expected clock rate.

The available values for type-name and type-numberare celb (25), cn (13), dvi4 (5) (8000 Hz as described in RFC 3551, RTP Profile for Audio and Video Conferences with Minimal Control ), dvi4-2 (6) (8000 Hz as described in RFC 3551), dvi4-3 (16) (DVI4 Dipol 11025 Hz), dvi4-4 (17) DVI4 Dipol 22050 Hz), g722 (9), g723 (4), g728 (15), g729 (18), gsm (3), h261 (31), h263 (34), jpeg (26), l16 (11) (L16 channel 1), l16-2 (10) (L16 channel 2), lpc (7), mp2t (33), mpa (14), mpv (32), nv (28), pcma (8), pcmu (0), qcelp (12).

Examples

The following example shows how to set the rate for the RTP packet time-stamp clock,while configuring a policy-map:

Router(config)# policy-map type performance-monitor policy-4
Router(config-pmap)# class PM-CLASS-4
Router(config-pmap-c)# monitor metric rtp
Router(config-pmap-c-mrtp)# clock-rate 8 9600

The following example shows how to set the rate for the RTP packet time-stamp clock, while associating a service-policy with an interface:

Router(config)# interface ethernet 0/0
Router(config-if)# service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)# monitor metric rtp
Router(config-spolicy-inline-mrtp)# clock-rate 8 9600

Related Commands

Command	Description
policy-map type performance-monitor	Creates a policy for Performance Monitor.
service-policy type performance-monitor	Associates a policy with an interface.

collect application description

To configure one or more of the application description field as a nonkey field for a flow record, use the collect application description command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application description

no collect description

Syntax Description

This command has no arguments or keywords.

Command Default

The application description field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
15.2(3)T	This command was introduced.
Cisco IOS XE Release 3.6S.	This command was integrated into Cisco IOS XE Release 3.6S.

Usage Guidelines

The collect commands are used to configure nonkey fields for the flow monitor record and to enable capturing the values in the fields for the flow created with the record. The values in nonkey fields are added to flows to provide additional information about the traffic in the flows. A change in the value of a nonkey field does not create a new flow. In most cases the values for nonkey fields are taken from only the first packet in the flow.

Examples

The following example configures the application description as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application description

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect application http

To configure one of the HTTP application fields as a nonkey field for a flow record, use the collect application http host command in flow record configuration mode. To disable the use the HTTP application fields as a key field for a flow record, use the no form of this command.

collect application http {host | uri statistics}

no collect application http {host | uri statistics}

Syntax Description

This command has no arguments or keywords.

Command Default

The HTTP application fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
15.2(4)S	This command was introduced.
Cisco IOS XE Release 3.7S	This command was integrated into Cisco IOS XE Release 3.7S.
15.2(4)M2	This command was integrated into Cisco IOS Release 15.2(4)M2 for MACE.
15.3(1)T	This command was integrated into Cisco IOS Release 15.3(1)T for MACE.

Usage Guidelines

This command can be used with Flexible NetFlow, MACE (Measurement, Aggregation, and Correlation Engine), and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Performance Monitor, you must first enter the flow record type performance-monitor command before you can use this command.

Because the mode prompt is the same for all three products, here we refer to the command mode for these products as flow record configuration mode. However, for Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode; and for Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode.

Examples

The following example configures the HTTP application host as a nonkey field for Flexible Netflow:

Router(config)# flow record RECORD-1
Router(config-flow-record)# collect application http host

Cisco Performance Monitor in Cisco IOS Release 15.2(4)S and Cisco IOS XE Release 3.7S

The following example configures the HTTP application host as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application http host

The following example configures the HTTP application URI statistics as a nonkey field for Performance Monitor:

Router(config)# flow record type mace RECORD-1
Router(config-flow-record)# collect application http uri statistics

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.
flow record type mace	Creates a flow record, and enters MACE flow record configuration mode.

collect application media

To configure one of the application media fields as a nonkey field for a flow record, use the collect application media command in flow record configuration mode. To disable the use of one of the application media field as a nonkey field for a flow record, use the no form of this command.

collect application media {bytes {rate | counter [long] } | packets {rate [variation] | counter [long] } | events}

no collect application media {bytes | packets | events}

Syntax Description

bytes rate	Configures the field that counts the rate of bytes collected, in Bps, for all flows, as a nonkey field.
bytes counter	Configures the field that counts the total number of bytes collected, as a nonkey field.
long	Configures the field for the long count (byte or packet) as a nonkey field.
packets rate	Configures the field that counts the total number of application media packets collected, per second, for all flows, as a nonkey field.
variation	Configures the field for the variation in the rate application media packets collected, for all flows, as a nonkey field.
packets counter	Configures the filed that counts the total number of application media packets collected, for all flows, as a nonkey field.
events	Configures the field that indicates whether one of the media application thresholds configured for the flow was crossed at least once in the monitoring interval, field as a nonkey field.

Command Default

The application media field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

Examples

The following example configures application media packet field as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect application media packets

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect application name

To configure the use of the application name as a nonkey field for a flow record, use the collect application name command in flow record configuration mode. To disable the use of the application name as a nonkey field for a flow record, use the no form of this command.

collect application name

no collect application name

Syntax Description

This command has no arguments or keywords.

Command Default

The application name is not configured as a non-key field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
15.0(1)M	This command was introduced.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.
15.2(3)T	This command was integrated into Cisco IOS Release 15.2(3)T for Cisco Performance Monitor.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Performance Monitor, you must first enter the flow record type performance-monitor command before you can use this command.

Because the mode prompt is the same for both products, here we refer to the command mode for both products as flow record configuration mode. However, for Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode; and for Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode.

A flow record requires at least one key field before it can be used in a flow monitor. The key fields differentiate flows, with each flow having a unique set of values for the key fields. The key fields are defined using the match command.

Examples

The following example configures the application name as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect application name

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the application name as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application name

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.
match application name	Configures the use of application name as a key field for a Flexible NetFlow flow record.

collect application nntp

To configure the NNTP application group name field as a nonkey field for a flow record, use the collect application nntp group-name command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application nntp group-name

no collect application nntp group-name

Syntax Description

This command has no arguments or keywords.

Command Default

The application version field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
15.2(4)S	This command was introduced.
Cisco IOS XE Release 3.7S	This command was integrated into Cisco IOS XE Release 3.7S.

Usage Guidelines

The Flexible NetFlow collect commands are used to configure nonkey fields for the flow monitor record and to enable capturing the values in the fields for the flow created with the record. The values in nonkey fields are added to flows to provide additional information about the traffic in the flows. A change in the value of a nonkey field does not create a new flow. In most cases the values for nonkey fields are taken from only the first packet in the flow.

Examples

The following example configures the NNTP application group name as a nonkey field for Flexible Netflow:

Router(config)# flow record RECORD-1
Router(config-flow-record)# collect application nntp group-name

Cisco Performance Monitor in Cisco IOS Release 15.2(4)S and Cisco IOS XE Release 3.7S

The following example configures the NNTP application group name as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application nntp group-name

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect application pop3

To configure the POP3 application server field as a nonkey field for a flow record, use the collect application pop3 server command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application pop3 server

no collect application pop3 server

Syntax Description

This command has no arguments or keywords.

Command Default

The application version field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.7S	This command was introduced.

Usage Guidelines

The fields collected by this command can only extracted using the IPFIX export protocol.

Examples

The following example configures the POP3 application server as a nonkey field for Flexible Netflow:

Router(config)# flow record RECORD-1
Router(config-flow-record)# collect application pop3 server

Cisco Performance Monitor in Cisco IOS Release 15.2(4)S and Cisco IOS XE Release 3.7S

The following example configures the POP3 application server as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application pop3 server

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect application rtsp

To configure the RTSP application hostname field as a nonkey field for a flow record, use the collect application rtsp host-name command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application rtsp host-name

no collect application rtsp host-name

Syntax Description

This command has no arguments or keywords.

Command Default

The application version field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.7S	This command was introduced.

Usage Guidelines

The fields collected by this command can only extracted using the IPFIX export protocol.

Examples

The following example configures the RTSP application hostname as a nonkey field for Flexible Netflow:

Router(config)# flow record RECORD-1
Router(config-flow-record)# collect application rtsp host-name

Cisco Performance Monitor in Cisco IOS Release 15.2(4)S and Cisco IOS XE Release 3.7S

The following example configures the RTSP application hostname as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application rtsp host-name

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect application sip

To configure the SIP application destination or source field as a nonkey field for a flow record, use the collect application sip command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application sip {destination | source}

no collect application sip {destination | source}

Syntax Description

This command has no arguments or keywords.

Command Default

The application version field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.7S	This command was introduced.

Usage Guidelines

The fields collected by this command can only extracted using the IPFIX export protocol.

Examples

The following example configures the SIP application source as a nonkey field for Flexible Netflow:

Router(config)# flow record RECORD-1
Router(config-flow-record)# collect application sip source

Cisco Performance Monitor in Cisco IOS Release 15.2(4)S and Cisco IOS XE Release 3.7S

The following example configures the application SMTP hostname as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application sip source

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect application smtp

To configure the SMTP application server or sender field as a nonkey field for a flow record, use the collect application smtp command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application smtp {sender | server}

no collect application smtp {sender | server}

Syntax Description

This command has no arguments or keywords.

Command Default

The application version field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.7S	This command was introduced.

Usage Guidelines

The fields collected by this command can only extracted using the IPFIX export protocol.

Examples

The following example configures the SMTP application server as a nonkey field for Flexible Netflow:

Router(config)# flow record RECORD-1
Router(config-flow-record)# collect application smtp server

Cisco Performance Monitor in Cisco IOS Release 15.2(4)S and Cisco IOS XE Release 3.7S

The following example configures the SMTP application server as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application smtp server

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect application vendor

To configure one or more of the application vendor field as a nonkey field for a flow record, use the collect application vendor command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application vendor

no collect application vendor

Syntax Description

This command has no arguments or keywords.

Command Default

The application vendor field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
15.2(3)T	This command was introduced.
Cisco IOS XE Release 3.6S.	This command was integrated into Cisco IOS XE Release 3.6S.

Usage Guidelines

Examples

The following example configures the application vendor as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application vendor

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect application version

To configure one or more of the application version field as a nonkey field for a flow record, use the collect application version command in flow record configuration mode. To disable the use the application fields as a key field for a flow record, use the no form of this command.

collect application version

no collect application version

Syntax Description

This command has no arguments or keywords.

Command Default

The application version field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
15.2(3)T	This command was introduced.
Cisco IOS XE Release 3.6S.	This command was integrated into Cisco IOS XE Release 3.6S.

Usage Guidelines

Examples

The following example configures the application version as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect application version

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect connection

To configure various connection information fields as a nonkey field for a flow record, use the collect connection command in flow record configuration mode. To disable the use of the connection information fields as a nonkey field for a flow record, use the no form of this command.

collect connection {initiator | new-translations | sum-duration}

no collect connection {initiator | new-translations | sum-duration}

Syntax Description

initiator	Configures information about the direction of the flow as a nonkey field.
new-translations	Configures the number of TCP or UDP connections which were opened during an observation period as a nonkey field.
sum-duration	Configures the total time in seconds for all of the TCP or UDP connections which were in use during an observation period as a nonkey field.

Command Default

Connection information fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE 3.4S	This command was introduced.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

The initiator keyword provides the following information about the direction of the flow.

0x00=undefined
0x01=initiator - the flow source is initiator of the connection.
0x02=reverseInitiator - the flow destination is the initiator of the connection.

For the new-translations and sum-duration keywords, the observation period can be specified by the start and end timestamps for the flow.

Examples

The following example configures information about the direction of the flow as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect connections initiator

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures information about the direction of the flow as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect connections initiator

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect connection client

To configure one of the connection client fields as a nonkey field for a flow record, use the collect connection client command in flow record configuration mode. To disable the use of one of the connection client fields as a nonkey field for a flow record, use the no form of this command.

collect connection client {counter{{bytes long | packets long | packets retransmitted}} | {{ipv4 | ipv6}}address | transport port}

no collect connection client {counter{{bytes long | packets long | packets retransmitted}} | {{ipv4 | ipv6}}address | transport port}

Syntax Description

counter	Configures one of client connection counter fields, as a nonkey field.
bytes long	Configures the client connection bytes long counter field, as a nonkey field.
packets long	Configures the client connection packets long counter field, as a nonkey field.
packets retransmitted	Configures the client connection packets retransmitted field, as a nonkey field.
ipv4 address	Configures the client connection ipv4 address field, as a nonkey field.
ipv6 address	Configures the client connection ipv6 address field, as a nonkey field.
transport port	Configures the client connection transport port field, as a nonkey field.

Command Default

The connection client fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field for the connection client IPv6 address, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection client ipv6 address

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection delay application

To configure one of the connection application delay fields as a nonkey field for a flow record, use the collect connection delay application command in flow record configuration mode. To disable the use of one of the connection application delay field as a nonkey field for a flow record, use the no form of this command.

collect connection delay application {{sum | min | max}}

no collect connection delay application

Syntax Description

application	Configures the field for the application delay, as a nonkey field.
max	Configures the field for the maximum amount of network delay, as a nonkey field.
min	Configures the field for the minimum amount of network delay, as a nonkey field.
sum	Configures the field for the total amount of network delay, as a nonkey field.

Command Default

The connection application delay fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of application delay, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection delay application sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection delay network

To configure one of the connection network delay fields as a nonkey field for a flow record, use the collect connection delay network command in flow record configuration mode. To disable the use of one of the connection network delay field as a nonkey field for a flow record, use the no form of this command.

collect connection delay network {{client-to-server | to-client | to-server}} {{sum | min | max}}

no collect connection delay network{{client-to-server | to-client | to-server}}

Syntax Description

client-to-server	Configures the field for the client-to-server network delay, as a nonkey field.
to-client	Configures the field for the to-client network delay, from the responder, as a nonkey field.
to-server	Configures the field for the to-server network delay, as a nonkey field.
max	Configures the field for the maximum amount of network delay, as a nonkey field.
min	Configures the field for the minimum amount of network delay, as a nonkey field.
sum	Configures the field for the total amount of network delay, as a nonkey field.

Command Default

The connection network delay fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of client-to-server network delay, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection delay network client-to-server sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection delay response

To configure one of the connection response delay fields as a nonkey field for a flow record, use the collect connection delay response command in flow record configuration mode. To disable the use of one of the connection response delay fields as a nonkey field for a flow record, use the no form of this command.

collect connection delay response {{client-to-server{{sum | min | max}} | to-server{{sum | min | max}} | to-server histogram{{bucket1 | bucket2 | bucket3 | bucket4 | bucket5 | bucket6 | bucket7 | late}}}}

no collect connection delay response{{client-to-server | to-server | to-server histogram}}

Syntax Description

client-to-server	Configures the field for the client-to-server response delay, as a nonkey field.
to-server	Configures the field for the to-server response delay, from the responder, as a nonkey field.
histogram	Configures the field for the to-server response delay histogram, as a nonkey field.
max	Configures the field for the maximum amount of response delay, as a nonkey field.
min	Configures the field for the minimum amount of response delay, as a nonkey field.
sum	Configures the field for the total amount of response delay, as a nonkey field.
late	Configures the field for the late to-server response delay histogram, as a nonkey field.

Command Default

The connection response delay fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of client-to-server response delay, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection delay response client-to-server sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection performance application-delay

To configure one of the connection performance application-delay fields as a nonkey field for a flow record, use the collect connection performance application-delay command in flow record configuration mode. To disable the use of one of the application-delay fields as a nonkey field for a flow record, use the no form of this command.

collect connection performance application-delay {{max | min | sum}}

no collect connection performance application-delay

Syntax Description

max	Configures the field for the maximum amount of network delay, as a nonkey field.
min	Configures the field for the minimum amount of network delay, as a nonkey field.
sum	Configures the field for the total amount of network delay, as a nonkey field.

Command Default

The connection performance application-delay field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of application-delay, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection performance responder application-delay sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection performance initiator

To configure one of the connection performance initiator fields as a nonkey field for a flow record, use the collect connection performance initiator command in flow record configuration mode. To disable the use of one of the application media field as a nonkey field for a flow record, use the no form of this command.

collect connection performance initiator {bytes long | count late-responses | network-delay {{max | min | sum}} | packets long}

no collect connection performance initiator{bytes | count | network-delay | packets}

Syntax Description

bytes long	Configures the field for the total number of layer 4 payload bytes in a flow from the initiator, as a nonkey field.
count late-responses	Configures the field that counts the total number of late responses collected from the initiator, as a nonkey field.
network-delay max	Configures the field for the maximum amount of network delay from a initiator, as a nonkey field.
network-delay min	Configures the field for the minimum amount of network delay from a initiator, as a nonkey field.
network-delay sum	Configures the field for the total amount of network delay from a initiator, as a nonkey field.
packets long	Configures the field for the long packet count in a flow from the initiator, as a nonkey field.

Command Default

The connection performance initiator field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total number of late responses collected from the initiator, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection performance initiator count late-responses

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection performance network-delay

To configure one of the connection performance network-delay fields as a nonkey field for a flow record, use the collect connection performance network-delay command in flow record configuration mode. To disable the use of one of the performance network-delay fields as a nonkey field for a flow record, use the no form of this command.

collect connection performance network-delay {{max | min | sum}}

no collect connection performance network-delay

Syntax Description

max	Configures the field for the maximum amount of network delay, as a nonkey field.
min	Configures the field for the minimum amount of network delay, as a nonkey field.
sum	Configures the field for the total amount of network delay, as a nonkey field.

Command Default

The connection performance network-delay field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of network-delay, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection performance responder network-delay sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection performance new-transaction

To configure one of the connection performance new-transaction fields as a nonkey field for a flow record, use the collect connection performance new-transaction command in flow record configuration mode. To disable the use of one of the performance new-transaction fields as a nonkey field for a flow record, use the no form of this command.

collect connection performance new-transaction

no collect connection performance new-transaction

Syntax Description

This command has no arguments or keywords.

Command Default

The connection performance new-transaction field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of new-transaction, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection performance responder new-transaction

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection performance responder

To configure one of the connection performance responder fields as a nonkey field for a flow record, use the collect connection performance responder command in flow record configuration mode. To disable the use of one of the application media field as a nonkey field for a flow record, use the no form of this command.

collect connection performance responder {bytes long | count {histogram{{bucket1 | bucket2 | bucket3 | bucket4 | bucket5 | bucket6 | bucket7}} | late-responses | responses} | network-delay {{max | min | sum}} | packets long | response-time {{sum | min | max}}}

no collect connection performance responder{bytes | count | network-delay | packets | response-time}

Syntax Description

bytes long	Configures the field for the total number of layer 4 payload bytes in a flow from the responder, as a nonkey field.
count histogram bucket #	Configures the field that counts the total number of histograms collected , in the specified bucket number, from the responder, as a nonkey field.
count late-responses	Configures the field that counts the total number of late responses collected from the responder, as a nonkey field.
count responses	Configures the field that counts the total number of responses collected from the responder, as a nonkey field.
network-delay max	Configures the field for the maximum amount of network delay from a responder, as a nonkey field.
network-delay min	Configures the field for the minimum amount of network delay from a responder, as a nonkey field.
network-delay sum	Configures the field for the total amount of network delay from a responder, as a nonkey field.
packets long	Configures the field for the long packet count in a flow from the responder, as a nonkey field.
response-time max	Configures the field for the maximum amount of response time from a responder, field as a nonkey field.
response-time min	Configures the field for the minimum amount of response time from a responder, field as a nonkey field.
response-time sum	Configures the field for the total amount of response time from a responder, field as a nonkey field.

Command Default

The connection performance responder field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total number of late responses collected from the responder, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection performance responder count late-responses

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection performance total-delay

To configure one of the connection performance total-delay fields as a nonkey field for a flow record, use the collect connection performance total-delay command in flow record configuration mode. To disable the use of one of the performance total-delay fields as a nonkey field for a flow record, use the no form of this command.

collect connection performance total-delay {{max | min | sum}}

no collect connection performance total-delay

Syntax Description

max	Configures the field for the maximum amount of network delay, as a nonkey field.
min	Configures the field for the minimum amount of network delay, as a nonkey field.
sum	Configures the field for the total amount of network delay, as a nonkey field.

Command Default

The connection performance total-delay field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of total-delay, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection performance responder total-delay sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection performance total-transaction-time

To configure one of the connection performance total-transaction-time fields as a nonkey field for a flow record, use the collect connection performance total-transaction-time command in flow record configuration mode. To disable the use of one of the performance total-transaction-time fields as a nonkey field for a flow record, use the no form of this command.

collect connection performance total-transaction-time {{max | min | sum}}

no collect connection performance total-transaction-time

Syntax Description

max	Configures the field for the maximum amount of network delay, as a nonkey field.
min	Configures the field for the minimum amount of network delay, as a nonkey field.
sum	Configures the field for the total amount of network delay, as a nonkey field.

Command Default

The connection performance total-transaction-time field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field that counts the total amount of total-transaction-time, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection performance responder total-transaction-time sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection server

To configure one of the connection server fields as a nonkey field for a flow record, use the collect connection server command in flow record configuration mode. To disable the use of one of the connection server fields as a nonkey field for a flow record, use the no form of this command.

collect connection server {counter{{bytes long | packets long | packets retransmitted}} | {{ipv4 | ipv6}}address | transport port}

no collect connection server {counter{{bytes long | packets long | packets retransmitted}} | {{ipv4 | ipv6}}address | transport port}

Syntax Description

counter	Configures one of server connection counter fields, as a nonkey field.
bytes long	Configures the server connection bytes long counter field, as a nonkey field.
packets long	Configures the server connection packets long counter field, as a nonkey field.
packets retransmitted	Configures the server connection packets retransmitted field, as a nonkey field.
ipv4 address	Configures the server connection ipv4 address field, as a nonkey field.
ipv6 address	Configures the server connection ipv6 address field, as a nonkey field.
transport port	Configures the server connection transport port field, as a nonkey field.

Command Default

The connection server fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field for the connection server IPv6 address, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection server ipv6 address

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect connection transaction

To configure one of the connection transaction fields as a nonkey field for a flow record, use the collect connection delay application command in flow record configuration mode. To disable the use of one of the connection transaction fields as a nonkey field for a flow record, use the no form of this command.

collect connection transaction{counter complete | duration{{sum | min | max}}}

no collect connection transaction{{counter complete | duration{{sum | min | max}}}}

Syntax Description

counter complete	Configures the field for the connection complete-transaction counter, as a nonkey field.
duration	Configures the field for the transaction duration, as a nonkey field.
max	Configures the field for the maximum amount of transaction duration, as a nonkey field.
min	Configures the field for the minimum amount of transaction duration, as a nonkey field.
sum	Configures the field for the total amount of transaction duration, as a nonkey field.

Command Default

The connection transaction duration fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field for the total transaction duration, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect connection transaction duration sum

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect counter

To configure the number of bytes or packets in a flow as a nonkey field for a Flexible NetFlow flow record, use the collect counter command in Flexible NetFlow flow record configuration mode. To disable the use of the number of bytes or packets in a flow (counters) as a nonkey field for a Flexible NetFlow flow record, use the no form of this command.

collect counter {bytes [long | replicated [long] | squared long] | packets [long | replicated [long] ]}

no collect counter {bytes [long | replicated [long] | squared long] | packets [long | replicated [long] ]}

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

collect counter {bytes [long | rate] | packets [dropped [long] | long]}

no collect counter {bytes [long | rate] | packets [dropped [long] | long]}

Syntax Description

bytes	Configures the number of bytes seen in a flow as a nonkey field and enables collecting the total number of bytes from the flow.
long	(Optional) Enables collecting the total number of bytes or packets from the flow using a 64-bit counter rather than a 32-bit counter.
replicated	Total number of replicated (multicast) IPv4 packets.
squared long	(Optional) Enables collecting the total of the square of the number of bytes from the flow.
packets	Configures the number of packets seen in a flow as a nonkey field and enables collecting the total number of packets from the flow.
rate	Configures the byte rate counter as a nonkey field.
dropped	Configures the dropped packet counter as a nonkey field.

Command Default

The number of bytes or packets in a flow is not configured as a nonkey field.

Command Modes

Flexible NetFlow flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.4(22)T	The replicated keyword was added.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor without the replicated and squared longkeywords and with the addition of the rate and droppedkeywords.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor without the replicated and squared longkeywords and with the addition of the rate and droppedkeywords.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

The Flexible NetFlow and Performance Monitor collect commands are used to configure nonkey fields for the flow monitor record and to enable capturing the values in the fields for the flow created with the record. The values in nonkey fields are added to flows to provide additional information about the traffic in the flows. A change in the value of a nonkey field does not create a new flow. In most cases the values for nonkey fields are taken from only the first packet in the flow.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The rate and droppedkeywords were added and the replicated and squared longkeywords are not available. You must first enter the flow record type performance-monitor command.

collect counter bytes

This command configures a 32-bit counter for the number of bytes seen in a flow.

collect counter packets

This command configures a 32-bit counter that is incremented for each packet seen in the flow. For extremely long flows it is possible for this counter to restart at 0 (wrap) when it reaches the limit of approximately 4 billion packets. On detection of a situation that would cause this counter to restart at 0, a flow monitor with a normal cache type exports the flow and starts a new flow.

collect counter packets long

This command configures a 64-bit counter that will be incremented for each packet seen in the flow. It is unlikely that a 64-bit counter will ever restart at 0.

collect counter bytes squared long

This counter can be used in conjunction with the byte and packet counters in order to calculate the variance of the packet sizes. Its value is derived from squaring each of the packet sizes in the flow and adding the results. This value can be used as part of a standard variance function.

The variance and standard deviation of the packet sizes for the flow can be calculated with the following formulas:

cbs: value from the counter bytes squared field

pkts: value from the counter packets field

bytes: value from the counter bytes field

Variance = (cbs/pkts) - (bytes/pkts)2

Standard deviation = square root of Variance

Example 1:

Packet sizes of the flow: 100, 100, 100, 100

Counter packets: 4

Counter bytes: 400, mean packet size = 100

Counter bytes squared: 40,000

Variance = (40,000/4) - (400/4)2 = 0

Standard Deviation = 0

Size = 100 +/- 0

Example 2:

Packet sizes of the flow: 50, 150, 50, 150

Counter packets: 4

Counter bytes: 400, mean packet size = 100

Counter bytes squared: 50,000

Variance = (50,000/4) - (400/4)2 = 2500

Standard deviation = 50

Size = 100 +/- 50

Examples

The following example configures the total number of bytes in the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect counter bytes

The following example configures the total number of bytes in the flows as a nonkey field using a 64-bit counter:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect counter bytes long

The following example configures the sum of the number of bytes of each packet in the flow squared as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect counter bytes squared long

The following example configures the total number of packets from the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect counter packets

The following example configures the total number of packets from the flows as a nonkey field using a 64-bit counter:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect counter packets long

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configuresthe total number of packets from the flows as a nonkey field using a 64-bit counter:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect counter packets long

Related Commands

Command	Description
flow record	Creates a flow record for Flexible NetFlow.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect datalink destination-vlan-id

To configure the use of destination VLAN ID as a nonkey field for a flow record, use the collectdatalinkdestination-vlan-id command in flow record configuration mode. To disable the use of destination VLAN ID as a nonkey field for a flow record, use the no form of this command.

collect datalink destination-vlan-id

no collect datalink destination-vlan-id

Syntax Description

This command has no arguments or keywords.

Command Default

Destination VLAN ID addresses are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

You must first enter the flow record type performance-monitorcommand before you can use this command. This command cannot be used with Flexible NetFlow.

The collectcommands are used to configure nonkey fields for the flow monitor record and to enable capturing the values in the fields for the flow created with the record. The values in nonkey fields are added to flows to provide additional information about the traffic in the flows. A change in the value of a nonkey field does not create a new flow. In most cases the values for nonkey fields are taken from only the first packet in the flow.

Examples

The following example configures the use of the destination VLAN ID as a nonkey field for a Performance Monitor flow record:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect datalink destination-vlan-id output

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect datalink mac

To configure the use of MAC addresses as a nonkey field for a Flexible NetFlow flow record, use the collectdatalinkmac command in Flexible NetFlow flow record configuration mode. To disable the use of Layer 2 MAC addresses as a non-key field for a Flexible NetFlow flow record, use the no form of this command.

collect datalink mac {destination | source} address {input | output}

no collect datalink mac {destination | source} address {input | output}

Syntax Description

destination address	Configures the use of the destination MAC address as a non-key field.
source address	Configures the use of the source MAC address as a non-key field.
input	Packets received by the router.
output	Packets transmitted by the router.

Command Default

MAC addresses are not configured as a nonkey field.

Command Modes

Flexible NetFlow flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(22)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into 15.2(2)T without the destination keyword for Cisco Performance Monitor.

Usage Guidelines

The input and output keywords of the collectdatalinkmac command are used to specify the observation point that is used by the collectdatalinkmac command to capture the MAC addressees from network traffic. For example, when you configure a flow record with the collectdatalinkmacdestinationaddressinputcommand to monitor the simulated denial of service (DoS) attack in the figure below and apply the flow monitor to which the flow record is assigned in either input (ingress) mode on interface Ethernet 0/0.1 on R3 or output (egress) mode on interface Ethernet 1/0.1 on R3, the observation point is always Ethernet 0/0.1 on R3. The destination MAC address that is collected is aaaa.bbbb.cc04.

Figure 5

Simulated DoS Attack (b)

When the destination output mac address is configured, the value is the destination mac address of the output packet, even if the monitor the flow record is applied to is input only.

When the destination input mac address is configured, the value is the destination mac address of the input packet, even if the monitor the flow record is applied to is output only.

When the source output mac address is configured, the value is the source mac address of the output packet, even if the monitor the flow record is applied to is input only.

When the source input mac address is configured, the value is the source mac address of the input packet, even if the monitor the flow record is applied to is output only.

Examples

The following example configures the use of the destination MAC address of packets that are received by the router as a nonkey field for a Flexible NetFlow flow record:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect datalink mac destination address input

The following example configures the use of the source MAC addresses of packets that are transmitted by the router as a nonkey field for a Flexible NetFlow flow record:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect datalink mac source address output

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T

The following example configures the use of the source MAC addresses of packets that are transmitted by the router as a nonkey field for a Performance Monitor flow record: :

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect datalink mac source address output

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect datalink source-vlan-id

To configure the use of source VLAN ID as a nonkey field for a flow record, use the collectdatalinksource-vlan-id command in flow record configuration mode. To disable the use of source VLAN ID as a nonkey field for a flow record, use the no form of this command.

collect datalink source-vlan-id

no collect datalink source-vlan-id

Syntax Description

This command has no arguments or keywords.

Command Default

Source VLAN ID addresses are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

You must first enter the flow record type performance-monitorcommand before you can use this command. This command cannot be used with Flexible NetFlow.

The collectcommands are used to configure nonkey fields for the flow monitor record and to enable capturing the values in the fields for the flow created with the record. The values in nonkey fields are added to flows to provide additional information about the traffic in the flows. A change in the value of a nonkey field does not create a new flow. In most cases the values for nonkey fields are taken from only the first packet in the flow.

Examples

The following example configures the use of the source VLAN ID as a nonkey field for a Performance Monitor flow record: :

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect datalink source-vlan-id output

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect datalink vlan

To configure the use of VLAN as a nonkey field for a flow record, use the collectdatalinkvlan command in flow record configuration mode. To disable the use of VLAN as a nonkey field for a flow record, use the no form of this command.

collect datalink vlan {input | output}

no collect datalink vlan {input | output}

Syntax Description

input	Packets received by the router.
output	Packets transmitted by the router.

Command Default

VLAN addresses are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(22)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into 15.2(2)T without the destination keyword for Cisco Performance Monitor.

Usage Guidelines

You must first enter the flow record type performance-monitorcommand before you can use this command. This command cannot be used with Flexible NetFlow.

The input and output keywords are used to specify the observation point that is used by the collectdatalinkvlan command to capture the VLAN from network traffic.

Examples

The following example configures the use of the VLAN as a nonkey field for a Performance Monitor flow record: :

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect datalink vlan output

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect flow

To configure the flow direction, the flow sampler ID number, or reason why the flow ended as a nonkey field for a flow record, use the collect flow command in flow record configuration mode. To disable the use of the flow direction and the flow sampler ID number as a nonkey field for a flow record, use the no form of this command.

collect flow {direction | sampler | class | qos-class}

no collect flow {direction | sampler | class | qos-class}

Cisco IOS Release 15.1(4)M1

collect flow direction

no collect flow direction

Syntax Description

direction	Configures the flow direction as a nonkey field and enables the collection of the direction in which the flow was monitored.
sampler	Configures the flow sampler ID as a nonkey field and enables the collection of the ID of the sampler that is assigned to the flow monitor.
class	Configures the flow class as a nonkey field and enables the collection of the ID of the sampler that is assigned to the flow monitor.
qos-class	Configures the flow QoS class as a nonkey field and enables the collection of the ID of the sampler that is assigned to the flow monitor.

Command Default

The flow direction and the flow sampler ID number are not configured as nonkey fields.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(4)M1	This command was integrated into Cisco IOS Release 15.1(4)M1 with only the direction keyword.
Cisco IOS XE Release 3.8S	This command was modified. The qos-class and class keywords were added in Cisco IOS XE Release 3.8S.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

collect flow direction

This field indicates the direction of the flow. This is of most use when a single flow monitor is configured for input and output flows. It can be used to find and eliminate flows that are being monitored twice, once on input and once on output. This field may also be used to match up pairs of flows in the exported data when the two flows are flowing in opposite directions.

collect flow sampler

This field contains the ID of the flow sampler used to monitor the flow. This is useful when more than one flow sampler is being used with different sampling rates. The flow exporter option sampler-table command exports options records with mappings of the flow sampler ID to sampling rate so the collector can calculate the scaled counters for each flow.

Examples

The following example configures the ID of the flow sampler that is assigned to the flow as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect flow sampler

Cisco Performance Monitor in Cisco IOS Release 15.1(4)M1

The following example configures the direction in which the flow was monitored as a nonkey field:

Router(config)# flow record type performance-monitor FLOW-RECORD-1
Router(config-flow-record)# collect flow direction

Related Commands

Command	Description
flow exporter	Creates a flow exporter
flow record	Creates a flow record for Flexible NetFlow.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect interface

To configure the input and output interface as a nonkey field for a flow record, use the collect interface command in flow record configuration mode. To disable the use of the input and output interface as a nonkey field for a flow record, use the no form of this command.

collect interface {input | output}

no collect interface {input | output}

Syntax Description

input	Configures the input interface as a nonkey field and enables collecting the input interface from the flows.
output	Configures the output interface as a nonkey field and enables collecting the output interface from the flows.

Command Default

The input and output interface is not configured as a nonkey field.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

You must first enter the flow record type performance-monitor command.

Examples

The following example configures the input interface as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect interface input

The following example configures the output interface as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect interface output

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the input interface as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect interface input

Related Commands

Command	Description
flow record	Creates a flow record for Flexible NetFlow.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect ipv4

To configure one or more of the IPv4 fields as a nonkey field for a flow record, use the collect ipv4 command in flow record configuration mode. To disable the use of one or more of the IPv4 fields as a nonkey field for a flow record, use the no form of this command.

collect ipv4 {dscp | header-length | id | option map | precedence | protocol | tos | version}

no collect ipv4 {dscp | header-length | id | option map | precedence | protocol | tos | version}

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

collect ipv4 dscp

no collect ipv4 dscp

Syntax Description

dscp	Configures the differentiated services code point (DCSP) field as a nonkey field and enables collecting the value in the IPv4 DSCP type of service (ToS) fields from the flows.
header-length	Configures the IPv4 header length flag as a nonkey field and enables collecting the value in the IPv4 header length (in 32-bit words) field from the flows.
id	Configures the IPv4 ID flag as a nonkey field and enables collecting the value in the IPv4 ID field from the flows.
option map	Configures the IPv4 options flag as a nonkey field and enables collecting the value in the bitmap representing which IPv4 options have been seen in the options field from the flows.
precedence	Configures the IPv4 precedence flag as a nonkey field and enables collecting the value in the IPv4 precedence (part of ToS) field from the flows.
protocol	Configures the IPv4 payload protocol field as a nonkey field and enables collecting the IPv4 value of the payload protocol field for the payload in the flows
tos	Configures the ToS field as a nonkey field and enables collecting the value in the IPv4 ToS field from the flows.
version	Configures the version field as a nonkey field and enables collecting the value in the IPv4 version field from the flows.

Command Default

The IPv4 fields are not configured as a nonkey field.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor with only the dscp keyword.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor with only the dscp keyword.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

Note

Some of the keywords of the collect ipv4 command are documented as separate commands. All of the keywords for the collect ipv4 command that are documented separately start with collect ipv4. For example, for information about configuring the IPv4 time-to-live (TTL) field as a nonkey field and collecting its value for a flow record, refer to the collect ipv4 ttl command.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

Only the the dscp keyword is available. You must first enter the flow record type performance-monitor command.

Examples

The following example configures the DSCP field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 dscp

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the DSCP field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 dscp

Related Commands

Command	Description
flow record	Creates a flow record for Flexible NetFlow.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect ipv4 destination

To configure the IPv4 destination address as a nonkey field for a flow record, use the collect ipv4 destination command in flow record configuration mode. To disable the use of an IPv4 destination address field as a nonkey field for a flow record, use the no form of this command.

collect ipv4 destination {address | {mask | prefix} [minimum-mask mask]}

no collect ipv4 destination {address | {mask | prefix} [minimum-mask mask]}

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

collect ipv4 destination mask [minimum-mask mask]

no collect ipv4 destination mask [minimum-mask mask]

Syntax Description

address	Configures the IPv4 destination address as a nonkey field and enables collecting the value of the IPv4 destination address from the flows.
mask	Configures the IPv4 destination address mask as a nonkey field and enables collecting the value of the IPv4 destination address mask from the flows.
prefix	Configures the prefix for the IPv4 destination address as a nonkey field and enables collecting the value of the IPv4 destination address prefix from the flows.
minimum-mask mask	(Optional) Specifies the size, in bits, of the minimum mask. Range: 1 to 32.

Command Default

The IPv4 destination address is not configured as a nonkey field.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor with only the maskand minimum-maskkeywords.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor with only the maskand minimum-maskkeywords.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

Only the maskand minimum-maskkeywords are available. You must first enter the flow record type performance-monitor command.

Examples

The following example configures the IPv4 destination address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 destination prefix minimum-mask 16

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the IPv4 destination address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 destination prefix minimum-mask 16

Related Commands

Command	Description
flow record	Creates a flow record for Flexible NetFlow.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect ipv4 fragmentation

To configure the IPv4 fragmentation flags and the IPv4 fragmentation offset as a nonkey field for a flow record, use the collect ipv4 fragmentation command in flow record configuration mode. To disable the use of the IPv4 fragmentation flags and the IPv4 fragmentation offset as a nonkey field for a flow record, use the no form of this command.

collect ipv4 fragmentation {flags | offset}

no collect ipv4 fragmentation {flags | offset}

Syntax Description

flags	Configures the IPv4 fragmentation flags as a nonkey field and enables collecting the value in the IPv4 fragmentation flag fields from the flows.
offset	Configures the IPv4 fragmentation offset value as a nonkey field and enables collecting the value in the IPv4 fragmentation offset field from the flows.

Command Default

The IPv4 fragmentation flags and the IPv4 fragmentation offset are not configured as nonkey fields.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.

Usage Guidelines

collect ipv4 fragmentation flags

This field collects the "don't fragment" and "more fragments" flags.

Bit 0: reserved, must be zero.

Bit 1: (DF) 0 = May Fragment, 1 = Don't Fragment

Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments

Bits 3-7: (DC) Don't Care, value is irrelevant

        0   1   2   3   4   5   6   7
      +---+---+---+---+---+---+---+---+
      |   | D | M | D | D | D | D | D |
      | 0 | F | F | C | C | C | C | C |
      +---+---+---+---+---+---+---+---+

For more information on IPv4 fragmentation flags, see RFC 791 Internet Protocol at the following URL: http://www.ietf.org/rfc/rfc791.txt .

Examples

The following example configures the IPv4 fragmentation flags as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 fragmentation flags

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the IPv4 fragmentation flags as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 fragmentation flags

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv4 initiator

To configure one or more of the IPv4 initiator address field as a nonkey field for a flow record, use the collect ipv4 initiator command in flow record configuration mode. To disable the use of one or more of the IPv4 initiator address field as a nonkey field for a flow record, use the no form of this command.

collect ipv4 initiator address

no collect ipv4 initiator address

Syntax Description

This command has no arguments or keywords.

Command Default

The IPv4 initiator address field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

You must first enter the flow record type performance-monitorcommand before you can use this command. This command cannot be used with Flexible NetFlow.

Examples

The following example configures the IPv4 initiator address field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 initiator address

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv4 responder

To configure one or more of the IPv4 responder address field as a nonkey field for a flow record, use the collect ipv4 responder command in flow record configuration mode. To disable the use of one or more of the IPv4 responder address field as a nonkey field for a flow record, use the no form of this command.

collect ipv4 responder address

no collect ipv4 responder address

Syntax Description

This command has no arguments or keywords.

Command Default

The IPv4 responder address field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

You must first enter the flow record type performance-monitorcommand before you can use this command. This command cannot be used with Flexible NetFlow.

Examples

The following example configures the IPv4 initiator address field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 responder address

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv4 section

To configure a section of an IPv4 packet as a nonkey field for a flow record, use the collect ipv4 section command in flow record configuration mode. To disable the use of a section of an IPv4 packet as a nonkey field for a flow record, use the no form of this command.

collect ipv4 section {header size header-size | payload size payload-size}

no collect ipv4 section {header size header-size | payload size payload-size}

Syntax Description

header size header-size	Configures the number of bytes of raw data starting at the IPv4 header to use as a nonkey field, and enables collecting the value in the raw data from the flows. Range: 1 to 1200.
payload size payload-size	Configures the number of bytes of raw data starting at the IPv4 payload to use as a nonkey field, and enables collecting the value in the raw data from the flows. Range: 1 to 1200.

Command Default

A section of an IPv4 packet is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.

Usage Guidelines

It is recommended that you configure both header size and payload size so that you know how much data is going to be captured.

collect ipv4 section header

This command causes the first IPv4 header to be copied into the flow record for this flow. Only the configured size in bytes will be copied and part of the payload will also be captured if the configured size is larger than the size of the header.

Note

This command can result in large records which use a lot of router memory and export bandwidth.

collect ipv4 section payload

This command results in a copy of the first IPv4 payload being put into the flow record for this flow. Only the configured size in bytes will be copied and may end in a series of 0's if the configured size is greater than the size of the payload.

Note

This command can result in large records which use a lot of router memory and export bandwidth.

Examples

The following example configures the first eight bytes from the IP header of the packets in the flows as a non-key field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 section header size 8

The following example configures the first 16 bytes from the payload of the packets in the flows as a non-key field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 section payload size 16

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the first 16 bytes from the payload of the packets in the flows as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 section payload size 16

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv4 source

To configure the IPv4 source address as a nonkey field for a flow record, use the collect ipv4 source command in flow record configuration mode. To disable the use of the IPv4 source address field as a nonkey field for a flow record, use the no form of this command.

collect ipv4 source {address | {mask | prefix} [minimum-mask mask]}

no collect ipv4 source {address | {mask | prefix} [minimum-mask mask]}

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

collect ipv4 source mask [minimum-mask mask]

no collect ipv4 source mask [minimum-mask mask]

Syntax Description

address	Configures the IPv4 source address as a nonkey field and enables collecting the value of the IPv4 source address from the flows.
mask	Configures the IPv4 source address mask as a nonkey field and enables collecting the value of the IPv4 source address mask from the flows.
prefix	Configures the prefix for the IPv4 source address as a nonkey field and enables collecting the value of the IPv4 source address prefix from the flows.
minimum-mask mask	(Optional) Specifies the size, in bits, of the minimum mask. Range: 1 to 32.

Command Default

The IPv4 source address is not configured as a nonkey field.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor with only the maskand minimum-maskkeywords.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor with only the maskand minimum-maskkeywords.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

Only the maskand minimum-maskkeywords are available. You must first enter the flow record type performance-monitor command.

collect ipv4 source prefix minimum-mask

The source address prefix is the network part of an IPv4 source address. The optional minimum mask allows more information to be gathered about large networks.

collect ipv4 source mask minimum-mask

The source address mask is the number of bits that make up the network part of the source address. The optional minimum mask allows a minimum value to be configured. This command is useful when there is a minimum mask configured for the source prefix field and the mask is to be used with the prefix. In this case, the values configured for the minimum mask should be the same for the prefix and mask fields.

Alternatively, if the collector is aware of the minimum mask configuration of the prefix field, the mask field can be configured without a minimum mask so that the true mask and prefix can be calculated.

Examples

The following example configures the IPv4 source address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 source prefix minimum-mask 16

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the IPv4 source address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 source prefix minimum-mask 16

Related Commands

Command	Description
flow record	Creates a flow record for Flexible NetFlow.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect ipv4 total-length

To configure the IPv4 total-length field as a nonkey field for a flow record, use the collect ipv4 total-length command in flow record configuration mode. To disable the use of the IPv4 total-length field as a nonkey field for a flow record, use the no form of this command.

collect ipv4 total-length [maximum | minimum]

no collect ipv4 total-length [maximum | minimum]

Syntax Description

maximum	(Optional) Configures the maximum value of the total length field as a nonkey field and enables collecting the maximum value of the total length field from the flows.
minimum	(Optional) Configures the minimum value of the total length field as a nonkey field and enables collecting the minimum value of the total length field from the flows.

Command Default

The IPv4 total-length field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.

Usage Guidelines

collect ipv4 total-length [minimum | maximum]

This command is used to collect the lowest and highest IPv4 total length values seen in the lifetime of the flow. Configuring this command results in more processing than is needed to simply collect the first total length value seen using the collect ipv4 total-length command.

Examples

The following example configures total-length value as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 total-length

The following example configures minimum total-length value seen in the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 total-length minimum

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the minimum total-length value seen in the flows as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 total-length minimum

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv4 ttl

To configure the IPv4 time-to-live (TTL) field as a nonkey field for a flow record, use the collect ipv4 ttl command in flow record configuration mode. To disable the use of the IPv4 TTL field as a nonkey field for a flow record, use the no form of this command.

collect ipv4 ttl [maximum | minimum]

no collect ipv4 ttl [maximum | minimum]

Syntax Description

maximum	(Optional) Configures the maximum value of the TTL field as a nonkey field and enables collecting the maximum value of the TTL field from the flows.
minimum	(Optional) Configures the minimum value of the TTL field as a nonkey field and enables collecting the minimum value of the TTL field from the flows.

Command Default

The IPv4 time-to-live (TTL) field is not configured as a nonkey field.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

You must first enter the flow record type performance-monitor command.

collect ipv4 ttl [minimum | maximum]

This command is used to collect the lowest and highest IPv4 TTL values seen in the lifetime of the flow. Configuring this command results in more processing than is needed to simply collect the first TTL value seen using the collect ipv4 ttl command.

Examples

The following example configures the largest value for IPv4 TTL seen in the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 ttl maximum

The following example configures the smallest value for IPv4 TTL seen in the flows as a nonkey field

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv4 ttl minimum

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the smallest value for IPv4 TTL seen in the flows as a nonkey field

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv4 ttl minimum

Related Commands

Command	Description
flow record	Creates a flow record for Flexible NetFlow.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect ipv6

To configure one or more of the IPv6 fields as a nonkey field for a flow record, use the collect ipv6 command in flow record configuration mode. To disable the use of one or more of the IPv6 fields as a nonkey field for a flow record, use the no form of this command.

collect ipv6 {dscp | flow-label | next-header | payload-length | precedence | protocol | traffic-class | version}

no collect ipv6 {dscp | flow-label | next-header | payload-length | precedence | protocol | traffic-class | version}

Syntax Description

dscp	Configures the differentiated services code point (DCSP) field as a nonkey field and enables collecting the value in the IPv6 DSCP type of service (ToS) fields from the flows.
flow-label	Configures the IPv6 flow label as a nonkey field and enables collecting the value in the IPv6 flow label from the flows.
next-header	Configures the next-header field as a nonkey field and enables collecting the value of the next-header field in the IPv6 header from the flows.
payload-length	Configures the length of the IPv6 payload as a nonkey field and enables collecting the number of bytes used for the payload in the flows.
precedence	Configures the IPv6 precedence flag as a nonkey field and enables collecting the value in the IPv6 precedence (part of ToS) field from the flows.
protocol	Configures the IPv6 payload protocol field as a nonkey field and enables collecting the IPv6 value of the payload protocol field for the payload in the flows.
traffic-class	Configures the IPv6 traffic-class field as a nonkey field and enables collecting the value in the IPv6 protocol field from the flows.
version	Configures the IPv6 version field as a nonkey field and enables collecting the value in the IPv6 version field from the flows.

Command Default

The IPv6 fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Note

Some of the keywords for the collect ipv6 command are documented as separate commands. All of the keywords for the collect ipv6 command that are documented separately start with collect ipv6. For example, for information about configuring the IPv6 hop limit field as a nonkey field and collecting its value for a flow record, refer to the collect ipv6 hop-limit command.

Examples

The following example configures the IPv6 DSCP field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 dscp

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the IPv6 DSCP field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 dscp

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 destination

To configure the IPv6 destination address as a nonkey field for a flow record, use the collect ipv6 destination command in flow record configuration mode. To disable the use of an IPv6 destination address field as a nonkey field for a flow record, use the no form of this command.

collect ipv6 destination {address | {mask | prefix} [minimum-mask mask]}

no collect ipv6 destination {address | {mask | prefix} [minimum-mask mask]}

Command Syntax on Cisco Catalyst 6500 Switches running Cisco IOS Release 12.2(50)SY

collect ipv6 destination {mask | prefix}

no collect ipv6 destination {mask | prefix}

Syntax Description

address	Configures the IPv6 destination address as a nonkey field and enables collecting the value of the IPv6 destination address from the flows.
mask	Configures the IPv6 destination address mask as a nonkey field and enables collecting the value of the IPv6 destination address mask from the flows.
prefix	Configures the prefix for the IPv6 destination address as a nonkey field and enables collecting the value of the IPv6 destination address prefix from the flows.
minimum-mask mask	(Optional) Specifies the size, in bits, of the minimum mask. Range: 1 to 128.

Command Default

TheIPv6 destination address is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
12.2(50)SY	This command was modified. The addressand minimum-mask keywords were not supported in Cisco IOS Release 12.2(50)SY.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures the IPv6 destination address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 destination prefix minimum-mask 16

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the IPv6 destination address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 destination prefix minimum-mask 16

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 extension map

To configure the bitmap of the IPv6 extension header map as a nonkey field for a flow record, use the collect ipv6 extension map command in flow record configuration mode. To disable the use of the IPv6 bitmap of IPv6 extension header map as a nonkey field for a flow record, use the no form of this command.

collect ipv6 extension map

no collect ipv6 extension map

Syntax Description

This command has no arguments or keywords.

Command Default

The use of the bitmap of the IPv6 extension header map is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Bitmap of the IPv6 Extension Header Map

The bitmap of IPv6 extension header map is made up of 32 bits.

    0     1     2     3     4     5     6     7
+-----+-----+-----+-----+-----+-----+-----+-----+
| Res | FRA1| RH  | FRA0| UNK | Res | HOP | DST |
+-----+-----+-----+-----+-----+-----+-----+-----+
    8     9    10    11    12    13    14    15
+-----+-----+-----+-----+-----+-----+-----+-----+
| PAY | AH  | ESP |         Reserved            |
+-----+-----+-----+-----+-----+-----+-----+-----+
   16    17    18    19    20    21    22    23
+-----+-----+-----+-----+-----+-----+-----+-----+
|                  Reserved                     |
+-----+-----+-----+-----+-----+-----+-----+-----+
   24    25    26    27    28    29    30    31
+-----+-----+-----+-----+-----+-----+-----+-----+
|                  Reserved                     |
+-----+-----+-----+-----+-----+-----+-----+-----+
0  Res  Reserved
1  FRA1 Fragmentation header - not first fragment
2  RH   Routing header
3  FRA0 Fragment header - first fragment
4  UNK  Unknown Layer 4 header
        (compressed, encrypted, not supported)
5  Res  Reserved
6  HOP  Hop-by-hop option header
7  DST  Destination option header
8  PAY Payload compression header
9  AH  Authentication Header
10 ESP Encrypted security payload
11 to 31 Reserved

For more information on IPv6 headers, refer to RFC 2460 Internet Protocol, Version 6 (IPv6) at the following URL: http://www.ietf.org/rfc/rfc2460.txt .

Examples

The following example configures the bitmap of IPv6 extension header map as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 extension map

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the bitmap of IPv6 extension header map as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 extension map

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 fragmentation

To configure one or more of the IPv6 fragmentation fields as a nonkey field for a flow record, use the collect ipv6 fragmentation command in flow record configuration mode. To disable the use one or more of the IPv6 fragmentation fields as a nonkey field for a flow record, use the no form of this command.

collect ipv6 fragmentation {flags | id | offset}

no collect ipv6 fragmentation {flags | id | offset}

Syntax Description

flags	Configures the IPv6 fragmentation flags as a non-key field and enables collecting the value in the IPv6 fragmentation flag fields from the flows.
id	Configures the IPv6 fragmentation ID as a non-key field and enables collecting the value in the IPv6 fragmentation id fields from the flows
offset	Configures the IPv6 fragmentation offset as a non-key field and enables collecting the value in the IPv6 fragmentation offset field from the flows.

Command Default

The use of one or more of the IPv6 fragmentation fields is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures the IPv6 fragmentation flags field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 fragmentation flags

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the IPv6 fragmentation flags field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 fragmentation flags

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 hop-limit

To configure the IPv6 hop limit as a nonkey field for a flow record, use the collect ipv6 hop-limit command in flow record configuration mode. To disable the use of the IPv6 hop limit field as a nonkey field for a flow record, use the no form of this command.

collect ipv6 hop-limit [maximum] [minimum]

no collect ipv6 hop-limit [maximum] [minimum]

Syntax Description

maximum	(Optional) Configures the IPv6 maximum hop limit as a nonkey field and enables collecting the value of the IPv6 maximum hop limit from the flows.
minimum	(Optional) Configures the IPv6 minimum hop limit as a nonkey field and enables collecting the value of the IPv6 minimum hop limit from the flows.

Command Default

The IPv6 hop limit is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

collect ipv6 hop-limit [minimum | maximum]

This command is used to collect the lowest and highest IPv6 hop limit values seen in the lifetime of the flow. Configuring this command results in more processing than is needed to simply collect the first hop limit value seen using the collect ipv6 hop-limit command.

Examples

The following example configures the IPv6 maximum hop limit from the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 hop-limit maximum

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the IPv6 maximum hop limit from the flows as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 hop-limit maximum

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 initiator

To configure one or more of the IPv6 initiator address field as a nonkey field for a flow record, use the collect ipv6 initiator command in flow record configuration mode. To disable the use of one or more of the IPv6 initiator address field as a nonkey field for a flow record, use the no form of this command.

collect ipv6 initiator address

no collect ipv6 initiator address

Syntax Description

This command has no arguments or keywords.

Command Default

The IPv6 fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the IPv6 initiator address field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 initiator address

The following example configures the IPv6 initiator address field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 initiator address

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 length

To configure one or more of the IPv6 length fields as a nonkey field for a flow record, use the collect ipv6 lengthcommand in flow record configuration mode. To disable the use of one or more of the IPv6 length fields as a nonkey field for a flow record, use the no form of this command.

collect ipv6 length {header | payload | total [maximum] [minimum] }

no collect ipv6 length {header | payload | total [maximum] [minimum] }

Syntax Description

header	Configures the length in bytes of the IPv6 header, not including any extension headers, as a nonkey field and collects the value of it for a flow record.
payload	Configures the length in bytes of the IPv6 payload, including any extension headers, as a nonkey field and collects the value of it for a flow record.
total	Configures the total length in bytes of the IPv6 header and payload as a nonkey field and collects the value of it for a flow record.
maximum	(Optional) Configures the maximum total length in bytes of the IPv6 header and payload as a nonkey field and collects the value of it for a flow record.
minimum	(Optional) Configures the minimum total length in bytes of the IPv6 header and payload as a nonkey field and collects the value of it for a flow record.

Command Default

The IPv6 length fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

collect ipv6 length [minimum | maximum]

This command is used to collect the lowest and highest IPv6 length values seen in the lifetime of the flow. Configuring this command results in more processing than is needed to simply collect the length value seen using the collect ipv6 length command.

Examples

The following example configures the length of the IPv6 header, not including any extension headers, in bytes as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 length header

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the length of the IPv6 header, not including any extension headers, in bytes as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 length header

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 responder

To configure one or more of the IPv6 responder address field as a nonkey field for a flow record, use the collect ipv6 responder command in flow record configuration mode. To disable the use of one or more of the IPv6 responder address field as a nonkey field for a flow record, use the no form of this command.

collect ipv6 responder address

no collect ipv6 responder address

Syntax Description

This command has no arguments or keywords.

Command Default

The IPv6 fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the IPv6 responder address field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 responder address

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 section

To configure a section of an IPv6 packet as a nonkey field for a flow record, use the collect ipv6 section command in flow record configuration mode. To disable the use of a section of an IPv6 packet as a nonkey field for a flow record, use the no form of this command.

collect ipv6 section {header size header-size | payload size payload-size}

no collect ipv6 section {header size header-size | payload size payload-size}

Syntax Description

header size header-size	Configures the number of bytes of raw data, starting at the IPv6 header, to use as a nonkey field, and enables collecting the value in the raw data from the flows. Range: 1 to 1200.
payload size payload-size	Configures the number of bytes of raw data, starting at the IPv6 payload, to use as a nonkey field, and enables collecting the value in the raw data from the flows. Range: 1 to 1200.

Command Default

A section of an IPv6 packet is not configured as a non-key field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

It is recommended that you configure both header size and payload size so that you know how much data is going to be captured.

Note

The IPv6 payload data is captured only if the first packet in the flow is an IPv6 packet. If the first packet in the flow is not an IPv6 packet, information from other packets in the flow such as packet and byte counters, is still captured.

collect ipv6 section header

This command causes a copy of the first IPv6 header to be put into the flow record for this flow. Only the configured size in bytes will be copied, and part of the payload will also be captured if the configured size is larger than the size of the header.

Note

Configuring this command can result in large records that use a lot of router memory and export bandwidth.

collect ipv6 section payload

This command causes a copy of the first IPv6 payload to be put into the flow record for this flow. Only the configured size in bytes will be copied, and it may end in a series of zeros if the configured size is smaller than the size of the payload.

Note

Configuring this command can result in large records that use a lot of router memory and export bandwidth.

Examples

The following example configures the first eight bytes from the IPv6 header of the packets in the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 section header size 8

The following example configures the first 16 bytes from the payload of the IPv6 packets in the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 section payload size 16

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the first 16 bytes from the payload of the IPv6 packets in the flows as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 section payload size 16

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect ipv6 source

To configure the IPv6 source address as a nonkey field for a flow record, use the collect ipv6 source command in flow record configuration mode. To disable the use of the IPv6 source address field as a nonkey field for a flow record, use the no form of this command.

collect ipv6 source {address | {mask | prefix} [minimum-mask mask]}

no collect ipv6 source {address | {mask | prefix} [minimum-mask mask]}

Cisco Catalyst 6500 Switches in Cisco IOS Release 12.2(50)SY

collect ipv6 source {mask | prefix}

no collect ipv6 source {mask | prefix}

Syntax Description

address	Configures the IPv6 source address as a nonkey field and enables collecting the value of the IPv6 source address from the flows.
mask	Configures the IPv6 source address mask as a nonkey field and enables collecting the value of the IPv6 source address mask from the flows.
prefix	Configures the prefix for the IPv6 source address as a nonkey field and enables collecting the value of the IPv6 source address prefix from the flows.
minimum-mask mask	(Optional) Specifies the size, in bits, of the minimum mask. Range: 1 to 128.

Command Default

The IPv6 source address is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
12.2(50)SY	This command was modified. The addressand minimum-mask keywords were not supported in Cisco IOS Release 12.2(50)SY.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

collect IPv6 source prefix minimum mask

The source address prefix field is the network part of the source address. The optional minimum mask allows more information to be gathered about large networks.

collect IPv6 source mask minimum mask

Examples

The following example configures the IPv6 source address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect ipv6 source prefix minimum-mask 16

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the IPv6 source address prefix from the flows that have a prefix of 16 bits as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect ipv6 source prefix minimum-mask 16

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect metadata

To configure one or more of the metadata fields as a nonkey field for a flow record, use the collect metadata command in flow record configuration mode. To disable the use the metadata fields as a key field for a flow record, use the no form of this command.

collect metadata {global-session-id | multi-party-session-id}

no collect metadata {global-session-id | multi-party-session-id}

Syntax Description

global-session-id	Configured the name used by the media monitoring system to maintain tracking of a flow end to end as a nonkey filed and enables collecting the value in the global session ID field from the flows.
multi-party-session-id	Configured the name used by the media monitoring system to track related flows of a media session end to end as a nonkey field and enables collecting the value in the multiparty session field from the flows.

Command Default

The metadata fields are not configured as nonkey fields.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
15.2(2)S	This command was introduced.
15.2(3)T	This command was integrated into Cisco IOS Release 15.2(3)T.

Usage Guidelines

Examples

The following example configures the global session ID of an end-to-end flow as a nonkey field for Flexible Netflow:

Router(config)# flow record RECORD-1
Router(config-flow-record)# collect metadata global-session-id

Cisco Performance Monitor in Cisco IOS Release 15.2(2)S and 15.2(3)T

The following example configures the global session ID of an end-to-end flow as a nonkey field for Performance Monitor:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect metadata global-session-id

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect monitor event

To configure the monitor event field as a nonkey field for a flow record, use the collect monitor event command in flow record configuration mode. To disable the use of a monitor event field as a nonkey field for a flow record, use the no form of this command.

collect monitor event

no collect monitor event

Syntax Description

This command has no arguments or keywords.

Command Default

The monitor event field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

Monitor events are recorded using two bits. Bit 1 is not used. Bit 2 indicates that no media application packets were seen, in other words, a Media Stop Event occured.

Examples

The following example configures the monitor event field as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect monitor event

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect policy performance-monitor

To configure the classification hierarchy of the performance monitor policy as a nonkey field for a flow record, use the collect policy performance-monitorcommand in flow record configuration mode. To disable the use of this nonkey field for a flow record, use the no form of this command.

collect policy performance-monitor classification hierarchy

no collect policy performance-monitor classification hierarchy

Syntax Description

This command has no arguments or keywords.

Command Default

Classification hierarchy of the performance monitor policy is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release XE 3.8S	This command was introduced.

Usage Guidelines

You must first enter the flow record type performance-monitorcommand before you can use this command. This command cannot be used with Flexible NetFlow.

Because the mode prompt is the same for Flexible NetFlow and Performance Monitor, the command mode for both products is referred to as flow record configuration mode. However, for Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode; and for Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode.

Examples

The following example configures the use of the classification hierarchy of the performance monitor policy as a nonkey field for a Flexible NetFlow flow record:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect policy performance-monitor classification hierarchy

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect routing

To configure one or more of the routing attributes as a nonkey field for a flow record, use the collect routing command in flow record configuration mode. To disable the use of one or more of the routing attributes as a nonkey field for a flow record, use the no form of this command.

collect routing {{destination | source} {as [ [4octet] ] [{peer [4-octet]}] | trafficindex} | forwardingstatus | nexthop address {ipv4 | ipv6} [ [bgp] ] | vrf input | vrf output}

no collect routing {{destination | source} {as [ [4octet] ] [{peer [4-octet]}] | trafficindex} | forwardingstatus | nexthop address {ipv4 | ipv6} [ [bgp] ] | vrf input | vrf output}

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

collect routing forwarding-status [reason]

no collect routing forwarding-status [reason]

Syntax Description

destination	Configures one or more of the destination routing attributes fields as a nonkey field and enables collecting the values from the flows.
source	Configures one or more of the source routing attributes fields as a nonkey field and enables collecting the values from the flows.
as	Configures the autonomous system field as a nonkey field and enables collecting the value in the autonomous system field from the flows.
4-octet	(Optional) Configures the 32-bit autonomous system number as a nonkey field.
peer	(Optional) Configures the autonomous system number of the peer network as a nonkey field and enables collecting the value of the autonomous system number of the peer network from the flows.
traffic-index	Configures the Border Gateway Protocol (BGP) source or destination traffic index as a nonkey field and enables collecting the value of the BGP destination traffic index from the flows.
forwarding-status	Configures the forwarding status as a nonkey field and enables collecting the value of the forwarding status of the packet from the flows.
next-hop address	Configures the next-hop address value as a nonkey field and enables collecting information regarding the next hop from the flows. The type of address (IPv4 or IPv6) is determined by the next keyword entered.
ipv4	Specifies that the next-hop address value is an IPv4 address.
ipv6	Specifies that the next-hop address value is an IPv6 address.
bgp	(Optional) Configures the IP address of the next hop BGP network as a nonkey field and enables collecting the value of the IP address of the BGP next hop network from the flows.
vrf input	Configures the Virtual Routing and Forwarding (VRF) ID for incoming packets as a nonkey field.
reason	Configures the reason for the forwarding status as a nonkey field.
vrf output	Configures the Virtual Routing and Forwarding (VRF) ID for outgoing packets as a nonkey field.

Command Default

The routing attributes are not configured as a nonkey field.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.4(20)T	This command was modified. The ipv6 keyword was added.
15.0(1)M	This command was modified. The vrf inputkeywords were added.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
Cisco IOS XE Release 3.2S	This command was modified. The 4-octet keyword was added.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor with only the forwarding-statuskeyword and the addition of the reason keyword.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor with only the forwarding-statuskeyword and the addition of the reason keyword.
Cisco IOS XE Release 3.8S	This command was modified. The vrf output keyword was added for Performance Monitor.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command, however the mode prompt is the same for both products. For Flexible NetFlow, the mode is also known as Flexible NetFlow flow record configuration mode. For Performance Monitor, the mode is also known as Performance Monitor flow record configuration mode. Here we refer to them both as flow record configuration mode.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The reason keywordwas added and only the forwarding-statu s keyword is available. You must first enter the flow record type performance-monitor command.

collect routing source as [peer]

This command collects the 16-bit autonomous system number based on a lookup of the router's routing table using the source IP address. The optional peer keyword provides the expected next network, as opposed to the originating network.

collect routing source as 4-octet [peer 4-octet]

This command collects the 32-bit autonomous system number based on a lookup of the router's routing table using the source IP address. The optional peer keyword provides the expected next network, as opposed to the originating network.

collect routing destination as [peer]

This command collects the 16-bit autonomous system number based on a lookup of the router's routing table using the destination IP address. The optional peer keyword provides the expected next network as opposed to the destination network.

collect routing destination as 4-octet [peer 4-octet]

This command collects the 32-bit autonomous system number based on a lookup of the router's routing table using the destination IP address. The peer keyword will provide the expected next network as opposed to the destination network.

collect routing destination traffic-index

This command collects the traffic-index field based on the destination autonomous system for this flow. The traffic-index field is a value propagated through BGP.

This command is not supported for IPv6.

collect routing source traffic-index

This command collects the traffic-index field based on the source autonomous system for this flow. The traffic-index field is a value propagated through BGP.

This command is not supported for IPv6.

collect routing forwarding-status

This command collects a field to indicate if the packets were successfully forwarded. The field is in two parts and may be up to 4 bytes in length. For the releases specified in the Command History table, only the status field is used:

    +-+-+-+-+-+-+-+-+
    | S | Reason    |
    | t | codes     |
    | a | or        |
    | t | flags     |
    | u |           |
    | s |           |
    +-+-+-+-+-+-+-+-+
     0 1 2 3 4 5 6 7
  Status:
  00b=Unknown, 01b = Forwarded, 10b = Dropped, 11b = Consumed

collect routing vrf input

This command collects the VRF ID from incoming packets on a router. In the case where VRFs are associated with an interface via methods such as VRF Selection Using Policy Based Routing/Source IP Address, a VRF ID of 0 will be recorded. If a packet arrives on an interface that does not belong to a VRF, a VRF ID of 0 is recorded.

Examples

The following example configures the 16-bit autonomous system number based on a lookup of the router's routing table using the source IP address as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect routing source as

The following example configures the 16-bit autonomous system number based on a lookup of the router's routing table using the destination IP address as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect routing destination as

The following example configures the value in the traffic-index field based on the source autonomous system for a flow as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect routing source traffic-index

The following example configures the forwarding status as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect routing forwarding-status

The following example configures the VRF ID for incoming packets as a nonkey field for a Flexible NetFlow flow record:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect routing vrf input

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example configures the forwarding status as a nonkey field for a Performance Monitor flow record:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect routing forwarding-status reason

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect routing is-multicast

To configure the use of the is-multicast field (indicating that the IPv4 traffic is multicast traffic) as a nonkey field, use the collect routing is-multicastcommand in flow record configuration mode. To disable the use of the is-multicast field as a nonkey field for a flow record, use the no form of this command.

collect routing is-multicast

no collect routing is-multicast

Syntax Description

This command has no arguments or keywords

Command Default

The is-multicast field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(22)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures the is-multicast field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect routing is-multicast

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the is-multicast field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect routing is-multicast

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect routing multicast replication-factor

To configure the multicast replication factor value for IPv4 traffic as a nonkey field for a flow record, use the collect routing multicast replication-factorcommand in flow record configuration mode. To disable the use of the multicast replication factor value as a nonkey field for a flow record, use the no form of this command.

collect routing multicast replication-factor

no collect routing multicast replication-factor

Syntax Description

This command has no arguments or keywords.

Command Default

The multicast replication factor value is not configured as a nonkey field.

Command Modes

Fow record configuration (config-flow-record)

Command History

Release	Modification
12.4(22)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

When the replication-factor field is used in a flow record, it will only have a non-zero value in the cache for ingress multicast traffic that is forwarded by the router. If the flow record is used with a flow monitor in output (egress) mode or to monitor unicast traffic or both, the cache data for the replication factor field is set to 0.

Examples

The following example configures the multicast replication factor value as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect routing multicast replication-factor

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the multicast replication factor value as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect routing multicast replication-factor

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect services waas

To configure one of the WAAS services fields as a nonkey field for a flow record, use the collect services wascommand in flow record configuration mode. To disable the use of this nonkey field for a flow record, use the no form of this command.

collect services waas {segment | passthrough-reason}

no collect services waas {segment | passthrough-reason}

Syntax Description

segment	Configures the field for the WAAS services segment, as a nonkey field.
passthrough-reason	Configures the field for the WAAS services passthrough reason, as a nonkey field.

Command Default

WAAS services fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release XE 3.8S	This command was introduced.

Usage Guidelines

You must first enter the flow record type performance-monitorcommand before you can use this command. This command cannot be used with Flexible NetFlow.

Examples

The following example configures the use of the WAAS services passthrough-reason as a nonkey field for a performance monitor flow record:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect services waas passthrough-reason

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect timestamp absolute

To configure one of the absolute timestamp fields as a nonkey field for a flow record, use the collect timestamp absolute command in flow record configuration mode. To disable the use of one of the absolute timestamp fields as a nonkey field for a flow record, use the no form of this command.

collect timestamp absolute {first | last}

no collect timestamp absolute {first | last}

Syntax Description

first	Configures the field for the first absolute timestamp, as a nonkey field.
last	Configures the field for the last absolute timestamp, as a nonkey field.

Command Default

The absolute timestamp fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the field for the first absolute timestamp, as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect absolute timestamp first

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect timestamp interval

To configure the start time of the monitoring interval as a nonkey field for a flow record, use the collect timestamp interval command in flow record configuration mode. To disable the use of the start time of the monitoring interval as a nonkey field for a flow record, use the no form of this command.

collect timestamp interval

no collect timestamp interval

Syntax Description

This command has no arguments or keywords.

Command Default

The start time of the monitoring interval is not configured as a nonkey field.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

Examples

The following example configures the start time of the monitoring interval as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect timestamp interval

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect timestamp sys-uptime

To configure the system uptime of the first seen or last seen packet in a flow as a nonkey field for a flow record, use the collect timestamp sys-uptime command in flow record configuration mode. To disable the use of the first seen or last seen packet in a flow as a nonkey field for a flow record, use the no form of this command.

collect timestamp sys-uptime {first | last}

no collect timestamp sys-uptime {first | last}

Syntax Description

first	Configures the system uptime for the time the first packet was seen from the flows as a nonkey field and enables collecting time stamps based on the system uptime for the time the first packet was seen from the flows.
last	Configures the system uptime for the time the last packet was seen from the flows as a nonkey field and enables collecting time stamps based on the system uptime for the time the most recent packet was seen from the flows.

Command Default

The system uptime field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
12.2(50)SY	This command was integrated into Cisco IOS Release 12.2(50)SY.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures time stamps based on the system uptime for the time the first packet was seen from the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect timestamp sys-uptime first

The following example configures the time stamps based on the system uptime for the time the most recent packet was seen from the flows as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect timestamp sys-uptime last

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the time stamps based on the system uptime for the time the most recent packet was seen from the flows as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect timestamp sys-uptime last

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect transport

To configure one or more of the transport layer fields as a nonkey field for a flow record, use the collect transport command in flow record configuration mode. To disable the use of one or more of the transport layer fields as a nonkey field for a flow record, use the no form of this command.

collect transport {destination-port | igmp type | source-port}

no collect transport {destination-port | igmp type | source-port}

Syntax Description

destination-port	Configures the destination port as a nonkey field and enables collecting the value of the destination port from the flows.
igmp type	Configures the Internet Group Management Protocol (IGMP) type as a nonkey field and enables collecting the value of the IGMP type from the flows.
source-port	Configures the source port as a nonkey field and enables collecting the value of the source port from the flows.

Command Default

The transport layer fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures the transport destination port as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport destination-port

The following example configures the transport source port as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport source-port

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the transport source port as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect transport source-port

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect transport event packet-loss counter

To configure the event packet-loss counter field as a nonkey field for a flow record, use the collect transport event packet-loss countercommand in flow record configuration mode. To disable the use of the event packet-loss counter field as a nonkey field for a flow record, use the no form of this command.

collect transport event packet-loss counter

no collect transport event packet-loss counter

Syntax Description

This command has no arguments or keywords.

Command Default

The event packet-loss counter field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

The event packet-loss counter is incremented when a lost RTP packet is detected. However, the counter is also incremented when a reorder occurs, in other words, when packets are received out of order.

Examples

The following example configures event packet-loss counter field as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect transport event packet-loss counter

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect transport icmp ipv4

To configure the internet control message protocol (ICMP) IPv4 type field and the code field as nonkey fields for a flow record, use the collect transport icmp ipv4 command in flow record configuration mode. To disable the use of the ICMP IPv4 type field and code field as nonkey fields for a flow record, use the no form of this command.

collect transport icmp ipv4 {code | type}

no collect transport icmp ipv4 {code | type}

Syntax Description

code	Configures the ICMP code as a nonkey field and enables collecting the value of the ICMP code from the flow.
type	Configures the ICMP type as a nonkey field and enables collecting the value of the ICMP type from the flow.

Command Default

The ICMP IPv4 type field and the code field are not configured as nonkey fields.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures the ICMP IPv4 code field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport icmp ipv4 code

The following example configures the ICMP IPv4 type field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport icmp ipv4 type

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the ICMP IPv4 type field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect transport icmp ipv4 type

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect transport icmp ipv6

To configure the Internet Control Message Protocol (ICMP) IPv6 type field and code field as nonkey fields for a flow record, use the collect transport icmp ipv6 command in flow record configuration mode. To disable the use of the ICMP IPv6 type field and code field as nonkey fields for a flow record, use the no form of this command.

collect transport icmp ipv6 {code | type}

no collect transport icmp ipv6 {code | type}

Syntax Description

code	Configures the ICMP code as a nonkey field and enables collecting the value of the ICMP code from the flow.
type	Configures the ICMP type as a nonkey field and enables collecting the value of the ICMP type from the flow.

Command Default

The ICMP IPv6 type field and code field are not configured as nonkey fields.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(20)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures the ICMP IPv6 code field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport icmp ipv6 code

The following example configures the ICMP IPv6 type field as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport icmp ipv6 type

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the ICMP IPv6 type field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect transport icmp ipv6 type

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect transport initiator port

To configure one or more of the transport initiator port field as a nonkey field for a flow record, use the collect transport initiator port command in flow record configuration mode. To disable the use of one or more of the transport initiator port field as a nonkey field for a flow record, use the no form of this command.

collect transport initiator port

no collect transport initiator port

Syntax Description

This command has no arguments or keywords.

Command Default

The transport initiator port field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the transport initiator port field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect transport initiator port

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect transport packets

To configure various packet fields as a nonkey field for a flow record, use the collect transport packetscommand in flow record configuration mode. To disable the use of a packet field as a nonkey field for a flow record, use the no form of this command.

collect transport packets {lost counter | lost rate | expected counter | out-of-order | round-trip-time}

no collect transport packets {lost counter | lost rate | expected counter | out-of-order | round-trip-time}

Syntax Description

lost counter	Configures the field that counts the number of lost packets as a nonkey field.
lost rate	Configures the field that counts the rate of lost packets as a nonkey field.
expected counter	Configures the field that counts the number of expected packets as a nonkey field.
out-of-order	Configures the number of out-of-order packets as a nonkey field and enables collecting the values from the flow.
round-trip-time	Configures the field for the packet round-trip-time as a nonkey field.

Command Default

The packet fields are not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.
Cisco IOS XE Release 3.6S	This command was modified. The out-of-order keyword was added into Cisco IOS XE Release 3.6S for Cisco Performance Monitor.

Usage Guidelines

You can retrieve different transport packet counters for RTP and TCP. The following transport packet counters as available:

rtp lost counter
rtp lost rate
rtp expected counter
tcp transport round-trip-time
number of out-of-order packets

Examples

The following example configures the field that counts the number of lost packets as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect transport packets lost counter

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect transport responder port

To configure the transport responder port field as a nonkey field for a flow record, use the collect transport responder port command in flow record configuration mode. To disable the use of the transport responder port field as a nonkey field for a flow record, use the no form of this command.

collect transport responder port

no collect transport responder port

Syntax Description

This command has no arguments or keywords.

Command Default

The transport responder port field is not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
Cisco IOS XE Release 3.8S	This command was introduced.

Usage Guidelines

Examples

The following example configures the transport responder port field as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect transport responder port

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect transport rtp jitter

To configure one of the RTP jitter fields as a nonkey field for a flow record, use the collect transport rtp jittercommand in flow record configuration mode. To disable the use of a jitter field as a nonkey field for a flow record, use the no form of this command.

collect transport rtp jitter {mean | maximum | minimum}

no collect transport rtp jitter {mean | maximum | minimum}

Syntax Description

jitter	Configures the RTP jitter field as a nonkey field.
mean	Configures the mean value of the RTP jitter field as a nonkey field.
maximum	Configures the maximun value of the RTP jitter field as a nonkey field.
minimum	Configures the minumum value of the RTP jitter field as a nonkey field.

Command Default

The RTP jitter field is not configured as a nonkey field for a user-defined flow record.

Command Modes

flow record configuration (config-flow-record)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

Examples

The following example configures the RTP jitter field as a nonkey field:

Router(config)# flow record type performance-monitor PM-RECORD-4
Router(config-flow-record)# collect transport rtp jitter

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

collect transport tcp

To configure one or more of the TCP fields as a nonkey field for a flow record, use the collect transport tcp command in flow record configuration mode. To disable the use of one or more of the TCP fields as a nonkey field for a flow record, use the no form of this command.

collect transport tcp {acknowledgement-number | destination-port | flags [ack | cwr | ece | fin | psh | rst | syn | urg] | header-length | maximum-segment-size | sequence-number | source-port | urgent-pointer | window-size | window-size-average | window-size-maximum | window-size-minimum}

no collect transport tcp {acknowledgement-number | destination-port | flags [ack | cwr | ece | fin | psh | rst | syn | urg] | header-length | maximum-segment-size | sequence-number | source-port | urgent-pointer | window-size | window-size-average | window-size-maximum | window-size-minimum}

Cisco Catalyst 6500 Switches in Cisco IOS Release 12.2(50)SY

collect transport tcp flags [ack | cwr | ece | fin | psh | rst | syn | urg]

no collect transport tcp flags [ack | cwr | ece | fin | psh | rst | syn | urg]

Syntax Description

acknowledgement- number	Configures the TCP acknowledgement number as a nonkey field and enables collecting the value of the TCP acknowledgment number from the flow.
destination-port	Configures the TCP destination port as a nonkey field and enables collecting the value of the TCP destination port from the flow.
flags	Configures one or more of the TCP flags as a nonkey field and enables collecting the values from the flow.
ack	(Optional) Configures the TCP acknowledgment flag as a nonkey field.
cwr	(Optional) Configures the TCP congestion window reduced flag as a nonkey field.
ece	(Optional) Configures the TCP Explicit Congestion Notification echo (ECE) flag as a nonkey field.
fin	(Optional) Configures the TCP finish flag as a nonkey field.
psh	(Optional) Configures the TCP push flag as a nonkey field.
rst	(Optional) Configures the TCP reset flag as a nonkey field.
syn	(Optional) Configures the TCP synchronize flag as a nonkey field.
urg	(Optional) Configures the TCP urgent flag as a nonkey field.
header-length	Configures the TCP header length (in 32-bit words) as a nonkey field and enables collecting the value of the TCP header length from the flow.
maximum-segment-size	Configures the maximum segment size as a nonkey field and enables collecting the values from the flow.
sequence-number	Configures the TCP sequence number as a nonkey field and enables collecting the value of the TCP sequence number from the flow.
source-port	Configures the TCP source port as a nonkey field and enables collecting the value of the TCP source port from the flow.
urgent-pointer	Configures the TCP urgent pointer as a nonkey field and enables collecting the value of the TCP urgent pointer from the flow.
window-size	Configures the TCP window size as a nonkey field and enables collecting the value of the TCP window size from the flow.
window-size-average	Configures the average window size as a nonkey field and enables collecting the values from the flow.
window-size-maximum	Configures the maximum window size as a nonkey field and enables collecting the values from the flow.
window-size-minimum	Configures the minimum window size as a nonkey field and enables collecting the values from the flow.

Command Default

The TCP fields are not configured as a nonkey field.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
12.2(50)SY	This command was modified. The acknowledgement-number, destination-port, header-length, sequence-number,source-port, urgent-pointer,and window-sizekeywords were not supported in Cisco IOS Release 12.2(50)SY.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.
Cisco IOS XE Release 3.6S	This command was modified. The maximum-segment-size, window-size-average, window-size-maximum, and window-size-minimum keywords were added into Cisco IOS XE Release 3.6S for Cisco Performance Monitor.

Usage Guidelines

collect transport tcp flags ece

For more information about ECN echo, refer to RFC 3168 The Addition of Explicit Congestion Notification (ECN) to IP , at the following URL: http://www.ietf.org/rfc/rfc3168.txt .

Examples

The following example configures the TCP acknowledgment number as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport tcp acknowledgement-number

The following example configures the TCP source port as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport tcp source-port

The following example configures the TCP acknowledgment flag as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport tcp flags ack

The following example configures the TCP finish flag as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport tcp flags fin

The following example configures the TCP reset flag as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport tcp flags rst

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the TCP reset flag as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect transport tcp flags rst

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

collect transport udp

To configure one or more of the user datagram protocol UDP fields as a nonkey field for a flow record, use the collect transport udp command in flow record configuration mode. To disable the use of one or more of the UDP fields as a nonkey field for a flow record, use the no form of this command.

collect transport udp {destination-port | message-length | source-port}

no collect transport udp {destination-port | message-length | source-port}

Syntax Description

destination-port	Configures the UDP destination port as a nonkey field and enables collecting the value of the UDP destination port fields from the flow.
message-length	Configures the UDP message length as a nonkey field and enables collecting the value of the UDP message length fields from the flow.
source-port	Configures the UDP source port as a nonkey field and enables collecting the value of the UDP source port fields from the flow.

Command Default

The UDP fields are not configured as nonkey fields.

Command Modes

Flow record configuration (config-flow-record)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	Support for this command was added for Cisco 7200 series routers in Cisco IOS Release 12.2(33)SRC.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Cisco Performance Monitor.
Cisco IOS XE Release 3.5S	This command was integrated into Cisco IOS XE Release 3.5S for Cisco Performance Monitor.

Usage Guidelines

Examples

The following example configures the UDP destination port as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport udp destination-port

The following example configures the UDP message length as a nonkey field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport udp message-length

The following example configures the UDP source port as a non-key field:

Router(config)# flow record FLOW-RECORD-1
Router(config-flow-record)# collect transport udp source-port

Cisco Performance Monitor in Cisco IOS Release 15.2(2)T and XE 3.5S

The following example configures the UDP source port as a nonkey field:

Router(config)# flow record type performance-monitor RECORD-1
Router(config-flow-record)# collect transport udp source-port

Related Commands

Command	Description
flow record	Creates a flow record, and enters Flexible NetFlow flow record configuration mode.
flow record type performance-monitor	Creates a flow record, and enters Performance Monitor flow record configuration mode.

debug fm performance-monitor

To enable the display of debugging information for the Performance Monitor component of Feature Manager, use the debug fm performance-monitorcommand in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug fm performance-monitor {all | dynamic | event | unusual | verbose | vmr}

no debug fm performance-monitor {all | dynamic | event | unusual | verbose | vmr}

Syntax Description

all	Displays information about adjacency messages on an ANCP server.
dynamic	Displays detailed static configuration information relating to ANCP and dynamic line conditions.

event	Displays information about ANCP protocol events.
unusual	Displays information about ANCP neighbors.
verbose	Displays information about ANCP control packets.
vmr	(Optional) Displays static configuration information for ANCP control packets.

Command Modes

Privileged EXEC (#)

Command History

Release	Modification
15.0(1)SY	This command was introduced on the Catalyst 6500 platform.

Usage Guidelines

This command is available only on the Catalyst 6500 platform.

Command Default

Debugging for the Performance Monitor component of Feature Manager is disabled.

Examples

The following example shows how to enable debugging for dynamic policy configuration.

Router# debug fm performance dynamic

Related Commands

Command	Description
show platform hardware acl entry interface	Displays information about inbound and outbound access control list (ACL) ternary content addressable memory (TCAM) interface entries.
show platform software ccm	Displays information about ternary content addressable memory (TCAM) Cisco CallManager (CCM) entries.
show platform software feature-manager performance-monitor	Displays information about the Performance Monitor component of Feature Manager.
show platform software feature-manager tcam	Displays information about dynamic ternary content addressable memory (TCAM) entries for the Performance Monitor component of Feature Manager.

debug performance monitor

To enable debugging for performance monitor, use the debug performance monitorcommand in privileged EXEC mode. To disable debugging, use the no form of this command.

debug performance monitor {database | dynamic | event | export | flow-monitor | metering | provision | sibling | snmp | tca | timer}

no debug performance monitor {database | dynamic | event | export | flow-monitor | metering | provision | sibling | snmp | tca | timer}

Syntax Description

database	Enables debugging for the flow database.
dynamic	Enables debugging for dynamic monitoring.
event	Enables debugging for performance events.
export	Enables debugging for exporting.
flow-monitor	Enables debugging for flow monitors.
metering	Enables debugging for the metering layer.
provision	Enables debugging for provisioning.
sibling	Enables debugging for sibling management.
snmp	Enables debugging for SNMP.
tca	Enables debugging for Threshold Crossing Alarms (TCA).
timer	Enables debugging for timers.

Command Default

Debugging for performance monitor is disabled.

Command Modes

Privileged EXEC

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Examples

The following example shows how to enable debugging for dynamic monitoring:

Router# debug performance monitor dynamic

Related Commands

Command	Description
flow exporter	Creates a flow exporter.
flow monitor type performance-monitor	Creates a flow monitor.

description (Performance Monitor)

To configure a description for a flow exporter, flow record, flow monitor, or policy map use the descriptioncommand in the appropriate configuration mode. To remove the description, use the no form of this command.

description description

no description

Syntax Description

description

Text string that describes the flow exporter, flow record, flow monitor, or policy map.

Command Default

No description is configured.

Command Modes

Flow exporter configuration (config-flow-exporter)
Flow record configuration (config-flow-record)
Flow monitor configuration (config-flow-monitor)
Policy configuration (config-pmap)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

The description command is meant solely as a comment to be put in the configuration to help you remember information about the flow exporter, flow record, flow monitor, or policy map, such as which packets are included within the policy map.

Examples

The following example shows how to configuration a description for a flow record:

Router(config)# flow record type performance-monitor
Router(config-flow-record)# description collect the number of IPV4 packet dropped
Router(config-flow-record)# match ipv4
 protocol
 
Router(config-flow-record)# collect counter
 packets
 dropped

Related Commands

Command	Description
flow exporter	Creates a flow exporter.
flow record type performance-monitor	Creates a flow record for Performance Monitor.
flow monitor type performance-monitor	Creates a flow monitor.
policy-map type performance-monitor	Creates a policy map.

destination

To configure an export destination for a flow exporter, use the destination command in flow exporter configuration mode. To remove an export destination for a flow exporter, use the no form of this command.

destination {{ip-address | hostname} | vrf vrf-name}

no destination

Syntax Description

ip-address	IPv4 or IPv6 address of the workstation to which you want to send the NetFlow information.
hostname	Hostname of the device to which you want to send the NetFlow information.
vrf vrf-name	Specifies that the export data packets are to be sent to the named Virtual Private Network (VPN) routing and forwarding (VRF) instance for routing to the destination, instead of to the global routing table.

Command Default

An export destination is not configured.

Command Modes

flow exporter configuration (config-flow-exporter)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
Cisco IOS XE Release 3.1S	This command was integrated into Cisco IOS XE Release 3.1S.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.
15.2(2)T	This command was integrated into Cisco IOS Release 15.2(2)T for Flexible Netflow and Cisco Performance Monitor.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor.

Each flow exporter can have only one destination address or hostname. With Flexible Netflow, you can export to a either an IPv4 or IPv6 address.

When you configure a hostname instead of the IP address for the device, the hostname is resolved immediately and the IP address is stored in the running configuration. If the hostname-to-IP-address mapping that was used for the original domain name system (DNS) name resolution changes dynamically on the DNS server, the router does not detect this, and the exported data continues to be sent to the original IP address, resulting in a loss of data. Resolving the hostname immediately is a prerequisite of the export protocol, to ensure that the templates and options arrive before the data

Examples

The following example shows how to configure the networking device to export the Flexible NetFlow or Performance Monitorcache entry to a destination system using an IPv4 address:

Router(config)# flow exporter FLOW-EXPORTER-1
Router(config-flow-exporter)# destination 10.0.0.4

The following example shows how to configure the networking device to export the Flexible NetFlow cache entry to a destination system using an IPv6 address:

Router(config)# flow exporter FLOW-EXPORTER-1
Router(config-flow-exporter)# destination 10:0:0:4:4

The following example shows how to configure the networking device to export the Flexible NetFlow or Performance Monitor cache entry to a destination system using a VRF named VRF-1:

Router(config)# flow exporter FLOW-EXPORTER-1
Router(config-flow-exporter)# destination 172.16.10.2 vrf 
VRF-1

Related Commands

Command	Description
flow exporter	Creates a flow exporter.

dscp (Flexible NetFlow)

To configure a differentiated services code point (DSCP) value for flow exporter datagrams, use the dscp command in flow exporter configuration mode. To remove a DSCP value for flow exporter datagrams, use the no form of this command.

dscp dscp

no dscp

Syntax Description

dscp	The DSCP to be used in the DSCP field in exported datagrams. Range: 0 to 63. Default 0.

Command Default

The differentiated services code point (DSCP) value is 0.

Command Modes

flow exporter configuration (config-flow-exporter)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.

Examples

The following example sets 22as the value of the DSCP field in exported datagrams:

Router(config)# flow exporter FLOW-EXPORTER-1
Router(config-flow-exporter)# dscp 
22

Related Commands

Command	Description
flow exporter	Creates a flow exporter.

export-protocol

To configure the export protocol for a Flexible NetFlow exporter, use the export-protocol command in Flexible NetFlow flow exporter configuration mode. To restore the use of the default export protocol for a Flexible NetFlow exporter, use the no form of this command.

export-protocol {netflow-v5 | netflow-v9 | ipfix}

no export-protocol

Syntax Description

netflow-v5	Configures Netflow Version 5 export as the export protocol.
netflow-v9	Configures Netflow Version 9 export as the export protocol.
ipfix	Configures IPFIX as the export protocol. The export of extracted fields from NBAR is supported only over IPFIX.

Command Default

Netflow Version 9 export is used as the export protocol for a Flexible NetFlow exporter.

Command Modes

Flexible NetFlow flow exporter configuration (config-flow-exporter)

Command History

Release	Modification
12.4(22)T	This command was introduced.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7200 and Cisco 7300 Network Processing Engine (NPE) series routers.
Cisco IOS XE Release 3.1S	This command was integrated into Cisco IOS XE Release 3.1S.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.
15.2(4)M	This command was modified. The ipfix keyword was added in Cisco IOS Release 15.2(4)M.
Cisco IOS XE Release 3.8S	This command was integrated into Cisco IOS XE Release 3.8S.

Usage Guidelines

The NetFlow Version 5 export protocol is supported only for flow monitors that use the Flexible NetFlow predefined records.

The export of extracted fields from NBAR is supported only over IPFIX.

Examples

The following example configures Netflow Version 5 export as the export protocol for a Flexible NetFlow exporter:

Router(config)# flow exporter FLOW-EXPORTER-1
Router(config-flow-exporter)# export-protocol netflow-v5

Related Commands

Command	Description
flow exporter	Creates a flow exporter

exporter

To configure a flow exporter for a flow monitor, use the exporter command in the appropriate configuration mode. To remove a flow exporter for a flow monitor, use the no form of this command.

exporter exporter-name

no exporter exporter-name

Syntax Description

exporter-name

Name of a flow exporter that was previously configured.

Command Default

An exporter is not configured.

Command Modes

flow monitor configuration (config-flow-monitor)
Policy configuration (config-pmap-c)
Policy monitor configuration (config-pmap-c-flowmon)

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.
12.2(33)SRC	This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on the Cisco 7200 series routers.
12.2(33)SRE	This command was integrated into Cisco IOS Release 12.2(33)SRE for the Cisco 7300 Network Processing Engine (NPE) series routers.
Cisco IOS XE Release 3.1S	This command was integrated into Cisco IOS XE Release 3.1S.
15.1(3)T	This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor. Support was added for policy configuration mode and policy monitor configuration configuration mode.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.

Usage Guidelines

You must have already created a flow exporter by using the flow exporter command before you can apply the flow exporter to a flow monitor with the exporter command.

For Performance Monitor, you can associate a flow exporter with a flow monitor while configuring either a flow monitor, policy map, or service policy.

Examples

The following example configures an exporter for a flow monitor:

Router(config)# flow monitor FLOW-MONITOR-1
Router(config-flow-monitor)# exporter 
EXPORTER-1

The following example shows one of the ways to configure a flow exporter for Performance Monitor:

Router(config)# policy-map type performance-monitor policy-4
Router(config-pmap)# class class-4
Router(config-pmap-c)# flow monitor monitor-4
Router(config-pmap-c-flowmon)# exporter exporter-4

Related Commands

Command	Description
flow exporter	Creates a flow exporter.
flow monitor	Creates a flow monitor.
flow monitor type performance-monitor	Creates a flow monitor for Performance Monitor.
policy-map type performance-monitor	Creates a policy map for Performance Monitor
service-policy type performance-monitor	Associates policy map with an interface for Performance Monitor.

flow monitor type performance-monitor

To configure a flow monitor for Performance Monitor, use the flow monitor type performance-monitorcommand in global configuration mode. To remove flow monitor, use the no form of this command.

flow monitor type performance-monitor monitor-name

no flow monitor type performance-monitor monitor-name

Syntax Description

monitor-name

Specifies which flow monitor is being configured.

Command Modes

Global configuration (config)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

.Before you configure flow monitor, you should first configure a flow record and an optional flow exporter.

Examples

The following example shows how to configure a flow monitor:

Router(config)# flow monitor type performance-monitor PM-MONITOR-4

Related Commands

Command	Description
flow record type performance-monitor	Creates a flow record for Performance Monitor.

flow record type performance-monitor

To configure a flow record for Performance Monitor, use the flow record type performance-monitorcommand in global configuration mode. To remove the flow record, use the no form of this command.

flow record type performance-monitor record-name

no flow record type performance-monitor record-name

Syntax Description

record-name

Specifies which flow record is being configured.

Command Modes

Global configuration (config)

Command History

Release	Modification
15.1(3)T	This command was introduced.
12.2(58)SE	This command was integrated into Cisco IOS Release 12.2(58)SE.

Usage Guidelines

Examples

The following example shows how to configure a flow record:

Router(config)# flow record type performance-monitor PM-RECORD-4

Related Commands

Command	Description