Configuring NetFlow Multicast Accounting
|
||||||||||||||||||||||||||||||||||||||||||||||||
Contents
Configuring NetFlow Multicast AccountingLast Updated: May 10, 2012
This document contains information about and instructions for configuring NetFlow multicast accounting. NetFlow multicast accounting allows you to capture multicast-specific data (both packets and bytes) for multicast flows. NetFlow is a Cisco IOS application that provides statistics on packets flowing through the router. It is emerging as a primary network accounting and security technology.
Finding Feature InformationYour software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required. Prerequisites for Configuring NetFlow Multicast AccountingBefore you can configure NetFlow multicast accounting, you must:
Restrictions for Configuring NetFlow Multicast AccountingMemory ImpactIf traffic is heavy, the additional flows might fill the global flow hash table. If you must increase the size of the global flow hash table, you must also add memory to the router. NetFlow has a maximum cache size of 65,536 flow record entries of 64 bytes each. To deduce the packet-replication factor, multicast accounting adds 16 bytes (for a total of 80 bytes) to each multicast flow record. Performance ImpactIngress multicast accounting does not greatly affect performance. Because of the additional accounting-related computation that occurs in the traffic-forwarding path of the router, egress NetFlow multicast accounting might degrade network performance slightly, but it does not limit the functionality of the router. Information About Configuring NetFlow Multicast Accounting
NetFlow Multicast BenefitsNetFlow multicast allows you to capture multicast-specific data (both packets and bytes) for multicast flows. For example, you can capture the packet-replication factor for a specific flow as well as for each outgoing stream. NetFlow multicast provides complete end-to-end usage information about network traffic for a complete multicast traffic billing solution. You can use NetFlow multicast accounting to identify and count multicast packets on the ingress side or the egress side (or both sides) of a router. Multicast ingress accounting provides information about the source and how many times the traffic was replicated. Multicast egress accounting monitors the destination of the traffic flow. NetFlow multicast lets you enable NetFlow statistics to account for all packets that fail the reverse path forwarding (RPF) check and that are dropped in the core of the service provider network. Accounting for RPF-failed packets provides more accurate traffic statistics and patterns. Multicast Ingress and Multicast Egress AccountingNetFlow multicast lets you select either multicast ingress accounting, in which a replication factor (equal to the number of output interfaces) indicates the load, or multicast egress accounting, in which all outgoing multicast streams are counted as separate streams, or both multicast ingress and multicast egress accounting. NetFlow multicast lets you collect information about how much data is leaving the interfaces of the router (egress and multicast ingress accounting) or how much multicast data is received (multicast ingress accounting). On the ingress side, multicast packets are counted as with unicast packets, but with two additional fields (for number of replicated packets and byte count). With multicast ingress accounting, the destination interface field is set to null, and the IP next hop field is set to 0 for multicast flows. How to Configure NetFlow Multicast Accounting
Configuring NetFlow Multicast Accounting in Releases 12.4(12)Before You Begin
SUMMARY STEPS
You must have already configured IP multicast on the networking devices in your network. See the Cisco IOS IP Multicast Configuration Guide , for more information on configuring IP multicast. DETAILED STEPS Troubleshooting TipsIf there are no multicast flow records in the NetFlow cache, check the multicast switching counters for the existence of process-switched packets (NetFlow exports only fast-switched or MDFS-switched packets). If process-switched packets are present, check the MDFS routing table to help determine potential problems. Configuring NetFlow Multicast Accounting in Cisco IOS Releases Prior to 12.4(12)Configuring NetFlow Multicast Egress AccountingBefore You Begin
SUMMARY STEPS
You must have already configured IP multicast on the networking devices in your network. See the Cisco IOS IP Multicast Configuration Guide, for more information on configuring IP multicast. DETAILED STEPS Troubleshooting TipsIf there are no multicast flow records in the NetFlow cache, check the multicast switching counters for the existence of process-switched packets (NetFlow exports only fast-switched or MDFS-switched packets). If process-switched packets are present, check the MDFS routing table to help determine potential problems. Configuring NetFlow Multicast Ingress AccountingPerform the steps in this required task to configure NetFlow multicast ingress accounting. Multicast ingress NetFlow accounting is enabled by default. Before You Begin
SUMMARY STEPS
You must have already configured IP multicast on the networking devices in your network. See the Cisco IOS IP Multicast Configuration Guide, for more information on configuring IP multicast. DETAILED STEPS Troubleshooting TipsIf there are no multicast flow records in the NetFlow cache, check the multicast switching counters for the existence of process-switched packets (NetFlow exports only fast-switched or MDFS-switched packets). If process-switched packets are present, check the MDFS routing table to help determine potential problems. Verifying the NetFlow Multicast Accounting Configuration
SUMMARY STEPS
DETAILED STEPS
Configuration Examples for NetFlow Multicast Accounting
Configuring NetFlow Multicast Accounting in Original ReleasesThe following example shows how to configure multicast NetFlow accounting: configure terminal ip multicast-routing ip multicast netflow rpf-failure ip multicast netflow output-counters ! interface ethernet 0/0 ip flow ingress end Configuring NetFlow MC Accounting in Releases Prior to 12.2(33)SRB
Configuring NetFlow Multicast Egress Accounting ExampleThe following example shows how to configure multicast egress NetFlow accounting on the egress Ethernet 0/0 interface: configure terminal ip multicast-routing ip multicast netflow rpf-failure ! interface ethernet 0/0 ip multicast netflow egress end Configuring NetFlow Multicast Ingress Accounting ExampleThe following example shows how to configure multicast ingress NetFlow accounting on the ingress Ethernet 1/0 interface: configure terminal ip multicast-routing ip multicast netflow rpf-failure ! interface ethernet 1/0 ip multicast netflow ingress end Additional ReferencesRelated Documents
MIBsFeature Information for Configuring NetFlow Multicast AccountingThe following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
1 This was a minor modification to the existing NetFlow Multicast Support feature. Minor feature modifications are not included in Feature Navigator.
GlossaryCEF --Cisco Express Forwarding. A Layer 3 IP switching technology that optimizes network performance and scalability for networks with large and dynamic traffic patterns. dCEF --distributed Cisco Express Forwarding. A type of CEF switching in which line cards (such as Versatile Interface Processor (VIP) line cards) maintain identical copies of the forwarding information base (FIB) and adjacency tables. The line cards perform the express forwarding between port adapters; this relieves the Route Switch Processor of involvement in the switching operation. egress traffic --Traffic leaving the network. fast switching --Cisco feature in which a route cache is used for expediting packet switching through a router. ingress traffic --Traffic entering the network. multicast data --Single packets copied by the network and sent to a specific subset of network addresses. These addresses are specified in the Destination Address field. NetFlow --A Cisco IOS application that provides statistics on packets flowing through the router. It is emerging as a primary network accounting and security technology. NetFlow Aggregation --A NetFlow feature that lets you summarize NetFlow export data on an IOS router before the data is exported to a NetFlow data collection system such as the NetFlow Collection Engine. This feature lowers bandwidth requirements for NetFlow export data and reduces platform requirements for NetFlow data collection devices. NetFlow Collection Engine (formerly called NetFlow FlowCollector)--A Cisco application that is used with NetFlow on Cisco routers and Catalyst series switches. The NetFlow Collection Engine collects packets from the router that is running NetFlow and decodes, aggregates, and stores them. You can generate reports on various aggregations that can be set up on the NetFlow Collection Engine. NetFlow v9 --NetFlow export format Version 9. A flexible and extensible means for carrying NetFlow records from a network node to a collector. NetFlow Version 9 has definable record types and is self-describing for easier NetFlow Collection Engine configuration. RPF --Reverse Path Forwarding. Multicasting technique in which a multicast datagram is forwarded out of all but the receiving interface if the receiving interface is the one used to forward unicast datagrams to the source of the multicast datagram. ToS byte --type of service byte. Second byte in the IP header that indicates the desired quality of service (QoS) for a particular datagram. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. 1 This was a minor modification to the existing NetFlow Multicast Support feature. Minor feature modifications are not included in Feature Navigator. © 2012 Cisco Systems, Inc. All rights reserved.
|
||||||||||||||||||||||||||||||||||||||||||||||||