Cisco IOS Software Releases 12.0 S

Table Of Contents

NetFlow v9 Export Format

Contents

Restrictions for NetFlow Version 9 Data Export

Information About NetFlow Version 9 Data Export

NetFlow Version 9

Uses of NetFlow Data

Template-Based Flow Record Format

Flow Records

Parts of a NetFlow Export Packet

Format Flexibility

How to Configure NetFlow Version 9 Data Export

Configuring Version 9 Data Export for the Main Cache

Configuring Version 9 Data Export for Aggregation Caches

Verifying the Configuration

Troubleshooting Tips

Configuration Examples for NetFlow Version 9 Data Export

Configuring Version 9 Data Export for the Main Cache Example

Configuring Version 9 Data Export for Aggregation Caches Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

debug ip flow export

export

ip flow-export

show ip flow export

Glossary

NetFlow v9 Export Format

---

With this release, NetFlow can export data in NetFlow v9 (version 9) export format. This format is flexible and extensible, which provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, MPLS, NAT, and BGP next hop.

Third-party business partners who produce applications that provide NetFlow Collection Engine (formerly called NetFlow FlowCollector) or display services for NetFlow do not need to recompile their applications each time a new NetFlow technology is added. Instead, with the NetFlow v9 Export Format feature, they can use an external data file that documents the known template formats and field types.

NetFlow version 9 data export supports CEF switching, dCEF switching, and fast switching.

Feature Specifications for NetFlow Version 9 Data Export

Feature History
Release	Modification
12.0(24)S	This feature was introduced.
12.3(1)	This feature was integrated into Cisco IOS Release 12.3(1), and output of the debug ip flow export command was modified to show NetFlow version 9 information.
12.2(18)S	This feature was integrated into Cisco IOS Release 12.2(18)S.
Supported Platforms
Cisco 2600 series, Cisco 3600 series, Cisco 7100 series, Cisco 7200 series, Cisco 7300 series, Cisco 7400 series, Cisco 7500 series, Cisco 12000 series

Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

This document includes the following sections:

•Restrictions for NetFlow Version 9 Data Export

•Information About NetFlow Version 9 Data Export

•How to Configure NetFlow Version 9 Data Export

•Configuration Examples for NetFlow Version 9 Data Export

•Additional References

•Command Reference

•Glossary

Restrictions for NetFlow Version 9 Data Export

Backward Compatibility

Version 9 is not backward-compatible with version 5 or version 8. If you need version 5 or version 8, then you must configure version 5 or version 8.

Export Bandwidth

Export bandwidth increases for version 9 (because of template flowsets) versus version 5.

Overhead

The increase in overhead versus version 5 varies with the frequency with which template flowsets are sent. With one template flowset sent per 10 export packets, the overhead is one percent versus version 5 export (considering only one technology being exported). With one template flowset sent for every export packet, the overhead is about eight percent. Interleaving of various technologies also increases overhead.

Memory Impact

The memory used depends on the data structures used to maintain template flowsets. Because this implementation does not access the NetFlow cache entry size directly, the memory used is not significant.

Performance Impact

Version 9 slightly decreases overall performance, because generating and maintaining valid template flowsets requires additional processing.

Information About NetFlow Version 9 Data Export

To configure NetFlow version 9 data export, you must understand the following concepts:

•NetFlow Version 9

•Uses of NetFlow Data

•Template-Based Flow Record Format

•Flow Records

•Parts of a NetFlow Export Packet

•Format Flexibility

NetFlow Version 9

NetFlow Version 9 is a flexible and extensible means to carry NetFlow records from a network node to a collector. NetFlow version 9 has definable record types and is self-describing for easier NetFlow Collection Engine configuration. In NetFlow version 9,

•record formats are defined using templates

•template descriptions are communicated from the router to the NetFlow Collection Engine

•flow records are sent from the router to the NetFlow Collection Engine with minimal template information so that the NetFlow Collection Engine can relate the records to the appropriate template

•version 9 is independent of the underlying transport (UDP, TCP, SCTP, and so on)

Uses of NetFlow Data

Cisco IOS® NetFlow services provide network administrators with access to information about IP flows within their data networks. Exported NetFlow data can be used for a variety of purposes, including network management and planning, enterprise accounting and departmental chargebacks, ISP billing, data warehousing, and data mining for marketing purposes.

Template-Based Flow Record Format

The main feature of NetFlow version 9 export format is that it is template-based. A template describes a NetFlow record format and attributes of the fields (such as type and length) within the record. The router assigns each template an ID, which is communicated to the NetFlow Collection Engine along with the template description. The template ID is used for all further communication from the router to the NetFlow Collection Engine.

Flow Records

The basic output of NetFlow is a flow record. In NetFlow version 9, a flow record follows the same sequence of fields as defined by the template definition. The template to which NetFlow flow records belong is determined by prefixing the template ID to the group of NetFlow flow records that belong to a template. A complete discussion of existing NetFlow flow-record formats is at http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/netflsol/nfwhite.htm.

Parts of a NetFlow Export Packet

In NetFlow version 9, an export packet consists of the packet header and flowsets. The packet header identifies the new version and other information. Flowsets are of two types: a template flowset and a data flowset. The template flowset describes the fields that will be in the data flowsets (or flow records). Each data flowset contain the values or statistics of one or more flows (similar to flow records in version 5 or version 8, but with a flowset-specific header) with the same template ID number. When the NetFlow Collection Engine receives a template flowset, it stores the flowset and export source address so that subsequent data flowsets that match the flowset ID and source combination are parsed according to the field definitions in the template flowset. Version 9 supports the NetFlow Collection Engine version 4.0.

For a complete description of the version 9 packet headers, template flowsets, and data flowsets, see the Cisco IOS NetFlow Version 9 Flow-Record Format White Paper at http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/tflow_wp.htm.

Format Flexibility

In version 9, new formats are defined on the router and are sent to the NetFlow Collection Engine on an interval that you set. You can enable the features that you want, and the fields corresponding to those features are sent to the NetFlow Collection Engine.

How to Configure NetFlow Version 9 Data Export

See the following sections for configuration tasks for the NetFlow Version 9 Data Export feature. Each task in the list is identified as either required or optional.

•Configuring Version 9 Data Export for the Main Cache (required)

•Configuring Version 9 Data Export for Aggregation Caches (required)

•Verifying the Configuration (optional)

•Troubleshooting Tips (optional)

Configuring Version 9 Data Export for the Main Cache

This section shows how to configure version 9 data export for the main cache. Templates (and options templates) need not be exported along with every export packet. You can export templates (and options templates) after a specific number of export packets or after a specific number of minutes (or both).

SUMMARY STEPS

1. enable

2. configure terminal

3. ip flow-export version 9

4. ip flow-export template refresh-rate packets

5. ip flow-export template timeout-rate minutes

6. ip flow-export template options export-stats

7. ip flow-export template options refresh-rate packets

8. ip flow-export template options timeout-rate minutes

9. end

DETAILED STEPS

	Command	Purpose
Step 1	enable Example: Router> enable	Enters privileged EXEC mode.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	ip flow-export version 9 Example: Router(config)# ip flow-export version 9	Enables version 9 data export for the main cache. Caution Entering this command on a Cisco 12000 series Internet Router causes packet forwarding to stop for a few seconds while NetFlow reloads the route processor and line card CEF tables. To avoid interruption of service to a live network, apply this command during a change window, or include it in the startup-config file to be executed during a router reboot.
Step 4	ip flow-export template refresh-rate packets Example: Router(config)# ip flow-export template refresh-rate 15	(Optional) Specifies the refresh rate in number of export packets. packets is an integer from 1 to 600 inclusive. The default is 20 packets.
Step 5	ip flow-export template timeout-rate minutes Example: Router(config)# ip flow-export template timeout-rate 90	(Optional) Specifies the timeout rate in minutes. minutes is an integer from 1 to 3600 inclusive. The default is 30 minutes.
Step 6	ip flow-export template options export-stats Example: Router(config)# ip flow-export template options export-stats	(Optional) Specifies the options template export statistics, including how many export packets have been sent and how many flows have been exported
Step 7	ip flow-export template options refresh-rate packets Example: Router(config)# ip flow-export template options refresh-rate 25	(Optional) Specifies the refresh rate in number of export packets. packets is an integer from 1 to 600 inclusive. The default is 20 packets.
Step 8	ip flow-export template options timeout-rate minutes Example: Router(config)# ip flow-export template options timeout-rate 120	(Optional) Specifies the timeout rate in minutes. minutes is an integer from 1 to 3600 inclusive. The default is 30 minutes.
Step 9	end Example: Router(config)# end	Ends the configuration session and returns to privileged EXEC mode.

Configuring Version 9 Data Export for Aggregation Caches

You can specify the frequency of template generation for aggregation caches. This section shows how to configure version 9 data export for aggregation caches.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip flow-aggregation cache {as | as-tos | bgp-nexthop-tos | destination-prefix | destination-prefix-tos | prefix | prefix-port | prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos}

4. export version 9

5. export template refresh-rate packets

6. export template timeout-rate minutes

7. enabled

8. end

DETAILED STEPS

	Command	Purpose
Step 1	enable Example: Router> enable	Enters privileged EXEC mode.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	ip flow-aggregation cache {as | as-tos | bgp-nexthop-tos | destination-prefix | destination-prefix-tos | prefix | prefix-port | prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos} Example: Router(config)# ip flow-aggregation cache as	Specifies the aggregation cache scheme and enables aggregation cache configuration mode.
Step 4	export version 9 Example: Router(config-flow-cache)# export version 9	Specifies version 9 data export for aggregation caches.
Step 5	export template refresh-rate packets Example: Router(config-flow-cache)# export template refresh-rate 10	(Optional) Specifies the refresh rate in number of export packets. packets is an integer from 1 to 600 inclusive. The default is 20 packets.
Step 6	export template timeout-rate minutes Example: Router(config-flow-cache)# export template timeout-rate 60	(Optional) Specifies the timeout rate in minutes. minutes is an integer from 1 to 3600 inclusive. The default is 30 minutes.
Step 7	enabled Example: Router(config-flow-cache)# enabled	Enables aggregation caches.
Step 8	end Example: Router(config-flow-cache)# end	Ends the configuration session and returns to privileged EXEC mode.

Verifying the Configuration

This section shows how to verify successful configuration of NetFlow version 9 data export.

SUMMARY STEPS

•show ip cache verbose flow

•show ip flow export

•show ip flow export template

DETAILED STEPS

Command	Purpose
show ip cache verbose flow Example: Router> show ip cache verbose flow	Displays additional NetFlow fields in the header when NetFlow version 9 data export is configured.
show ip flow export Example: Router> show ip flow export	Displays the statistics for the NetFlow data export, including the main cache and all other enabled caches.
show ip flow export template Example: Router> show ip flow export template	Displays the statistics for the NetFlow data export (such as template timeout and refresh rate) for the template-specific configurations.

Troubleshooting Tips

Use the debug ip flow export command to display debugging output for NetFlow version 9 data export.

Configuration Examples for NetFlow Version 9 Data Export

This section provides the following configuration examples:

•Configuring Version 9 Data Export for the Main Cache Example

•Configuring Version 9 Data Export for Aggregation Caches Example

Configuring Version 9 Data Export for the Main Cache Example

The following example shows how to configure version 9 data export for the main cache:

Router> enable

Password:

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)# ip flow-export version 9

Router(config)# ip flow-export template refresh-rate 15

Router(config)# ip flow-export template timeout-rate 90

Router(config)# ip flow-export template options export-stats

Router(config)# ip flow-export template options refresh-rate 25

Router(config)# ip flow-export template options timeout-rate 120

Router(config)# end

Router(config)# 

3w5d:%SYS-5-CONFIG_I: Configured from console by console

Configuring Version 9 Data Export for Aggregation Caches Example

The following example shows how to configure version 9 data export for an autonomous system (AS) aggregation cache scheme:

Router> enable

Password:

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)# ip flow-aggregation cache as

 Router(config-flow-cache)# export version 9

 Router(config-flow-cache)# export template refresh-rate 10

 Router(config-flow-cache)# export template timeout-rate 60

 Router(config-flow-cache)# enabled

 Router(config-flow-cache)# end

Router# 

3w5d:%SYS-5-CONFIG_I: Configured from console by console

Additional References

For additional information related to NetFlow v9 Export Format, see the following references:

•Related Documents

•Standards

•MIBs

•RFCs

•Technical Assistance

Related Documents

Related Topic	Document Title
NetFlow	Cisco IOS Switching Services Configuration Guide Cisco IOS Switching Services Command Reference, Release 12.3 Cisco IOS Command Reference Master Index, Release 12.3
NetFlow version 9 data export	NetFlow v9 Export Format feature module, Release 12.3
NetFlow version 9 export format	NetFlow Version 9 Flow-Record Format white paper
Description of an actual customer deployment of NetFlow services within an IP network	NetFlow Services for an Enterprise Network integrated solutions document (ISD)
IP multicast routing	"IP Multicast" part in the Cisco IOS IP Configuration Guide, Release 12.2
NetFlow Minimum Prefix Mask For Router-Based Aggregation feature	NetFlow Minimum Prefix Mask for Router-Based Aggregation feature module, Release 12.1(3)T
NetFlow ToS-Based Router Aggregation feature	NetFlow ToS-Based Router Aggregation feature module, Release 12.1(3)T
Sampled NetFlow feature	Sampled NetFlow feature module, Release 12.0(26)S
Cisco CNS NetFlow Collection Engine (formerly called NetFlow FlowCollector)	Cisco CNS NetFlow Collection Engine Installation and User Guide, Release 4.0 Documentation Updates for Cisco CNS NetFlow Collection Engine, Release 4.0 Release Notes for Cisco CNS NetFlow Collection Engine, Release 4.0
NetFlow Data Analyzer	Network Data Analyzer Installation and User Guide, Release 3.0 Release Notes for Network Data Analyzer, Release 3.0
NetFlow performance test results	NetFlow Performance Analysis white paper

Standards

Standards1	Title
None	—

1 Not all supported standards are listed.

MIBs

MIBs1	MIBs Link
None	—

1 Not all supported MIBs are listed.

RFCs

RFCs1	Title
None	—

1 Not all supported RFCs are listed.

Technical Assistance

Description	Link
Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.	http://www.cisco.com/public/support/tac/home.shtml

Command Reference

This section documents new and modified commands. All other commands used with this feature are documented in the Cisco IOS Release 12.3 command reference publications.

New Commands

•debug ip flow export

Modified Commands

•export

•ip flow-export

•show ip flow export

debug ip flow export

To enable debugging output for NetFlow data export, use the debug ip flow export command in privileged EXEC mode. To disable debugging output for NetFlow data export, use the no form of this command.

debug ip flow export

no debug ip flow export

Syntax Description

This command has no keywords or arguments.

Defaults

Debugging output for NetFlow data export is disabled.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.0(1)	This command was introduced.
12.3(1)	Debugging output for NetFlow version 9 data export was added.
12.2(18)S	This command was integrated into Cisco IOS Release 12.2(18)S.

Usage Guidelines

Because debugging output is assigned high priority in the CPU process, you should use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, you should use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following is sample output from the debug ip flow export command:

Router# debug ip flow export

IP Flow export mechanism debugging is on

*Mar 6 22:56:21.627:IPFLOW:Sending export pak to 1.1.1.1 port 9999

*Mar 6 22:56:21.627:IPFLOW:Error sending export packet:Adjacency failure

Related Commands

Command	Description
export destination	Enables export of information from NetFlow aggregation caches.
ip flow-aggregation cache	Enables NetFlow aggregation cache schemes.
ip flow-export	Enables export of information in NetFlow cache entries.
show ip cache flow aggregation	Displays the NetFlow aggregation cache configuration.
show ip flow export	Display the statistics for NetFlow data export.

export

To enable the export of information from NetFlow aggregation caches, use the export command in aggregation cache configuration mode. To disable the export of information from NetFlow aggregation caches, use the no form of this command.

export {destination ip-address port | version [8 | 9] | template {refresh-rate packets | timeout-rate minutes}}

no export {destination ip-address port | version [8 | 9] | template {refresh-rate packets | timeout-rate minutes}}

Syntax Description

ip-address	Destination IP address.
port	Destination UDP port.
version [8 | 9]	(Optional) Version of the format for the export.
template	(Optional) Configures NetFlow template options for NetFlow version data export.
refresh-rate packets	(Optional) Specifies the number of export packets before the information is resent. You can specify from 1 to 600 packets. The default is 20 packets.
timeout-rate minutes	(Optional) Specifies the time before the information is resent. You can specify from 1 to 3600 minutes. The default is 30 minutes.

Defaults

An export destination is not set.

Command Modes

Aggregation cache configuration

Command History

Release	Modification
12.0(3)T	This command was introduced.
12.0(24)S	The version, 8, 9, template, refresh-rate, and timeout-rate keywords were added.
12.3(1)	This command was integrated into Cisco IOS Release 12.3(1).
12.2(18)S	This command was integrated into Cisco IOS Release 12.2(18)S.

Usage Guidelines

To configure NetFlow version 9 template options (by entering export template {refresh-rate packets | timeout-rate minutes}), you must first specify NetFlow version 9 export format (by entering export version 9).

For version 8 data exports, the maximum number of aggregated flow records and the maximum size in bytes of each UDP datagram are as follows:

Aggregation Scheme	Maximum Number of Flow Records	UDP Packet Size (Bytes)
BGP Autonomous System	51	1456
Destination Prefix	44	1436
Prefix	35	1428
Protocol Port	51	1456
Source Prefix	44	1436

Examples

The following example shows how to configure an export destination for an aggregation cache:

 Router(config-flow-cache)# export destination 10.41.41.1 9992

Related Commands

Command	Description
clear adjacency	Configures aggregation cache operational parameters.
debug ip flow export	Enables debugging output for NetFlow data export
default-name	Enables an aggregation cache.
ip flow-aggregation cache	Enables aggregation cache configuration mode.
ip flow-export	Enables the exporting of information in NetFlow cache entries.
show ip cache flow aggregation	Displays the aggregation cache configuration.
show ip flow export	Displays the statistics for the NetFlow data export
show mpoa client	Displays the statistics for the data export including the main cache and all other enabled caches.

ip flow-export

To enable the export of information in NetFlow cache entries, use the ip flow-export command in global configuration mode. To disable the export of information, use the no form of this command.

ip flow-export [destination ip-address udp-port] | [source {ip-address | interface-name}] | [version {1 | [{5 | 9} [origin-as | peer-as] [bgp-nexthop]]}] | [template {refresh-rate packets | timeout-rate minutes} [options {export-stats | refresh-rate packets | timeout-rate minutes}]]

no ip flow-export [destination ip-address udp-port] | [source {ip-address | interface-name}] | [version {1 | [{5 | 9} [origin-as | peer-as] [bgp-nexthop]]}] | [template {refresh-rate packets | timeout-rate minutes} [options {export-stats | refresh-rate packets | timeout-rate minutes}]]

Syntax Description

destination ip-address udp-port	IP address and protocol-specific port number of the workstation to which you want to send the NetFlow information.
source {ip-address | interface-name}	IP address and interface type and number for the source address.
version 1	(Optional) Specifies that the export packet uses the version 1 format. This is the default. The version field occupies the first two bytes of the export record. The number of records stored in the datagram is a variable from 1 to 24 for version 1.
version 5	(Optional) Specifies that the export packet uses the version 5 format. The number of records stored in the datagram is a variable between 1 and 30 for version 5.
version 9	(Optional) Specifies that the export packet uses the version 9 format.
origin-as	(Optional) Specifies that export statistics include the origin autonomous system (AS) for the source and destination.
peer-as	(Optional) Specifies that export statistics include the peer AS for the source and destination.
bgp-nexthop	(Optional) Specifies that export statistics include BGP next hop related information.
template	Specifies that the refresh-rate and timeout-rate keywords apply to the template.
options	Specifies that the export-stats, refresh-rate, and timeout-rate keywords apply to the options template.
export-stats	(Optional) Specifies that the export statistics include the total number of flows exported and the total number of packets exported.
refresh-rate packets	(Optional) Specifies the number of export packets before the options are resent. You can specify from 1 to 600 packets. The default is 20 packets.
timeout-rate minutes	(Optional) Specifies the time before the options are resent. You can specify from 1 to 3600 minutes. The default is 30 minutes.

Defaults

Export of information in NetFlow cache entries is disabled. You can specify origin AS accounting or peer AS export accounting, but not both.

Command Modes

Global configuration

Command History

Release	Modification
11.1 CA	This command was introduced.
12.0(24)S	The 9 keyword was added.
12.3(1)	This command was integrated into Cisco IOS Release 12.3(1), and the bgp-nexthop keyword was added.
12.2(18)S	This command was integrated into Cisco IOS Release 12.2(18)S.

Usage Guidelines

A NetFlow cache entry contains a lot of information. When flow switching is enabled with the ip route-cache flow command, you can use the ip flow-export command to configure the router to export the flow cache entry to a workstation when a flow expires. This feature can be useful for statistics, billing, and security.

Version 5 and version 9 formats includes the source and destination AS addresses, source and destination prefix masks, and a sequence number. Because this change might appear on your router as a maintenance release, support for version 1 format is maintained with the version 1 keyword.

---

Caution Entering the ip flow-export or no ip flow-export command on the Cisco 12000 Series Internet Routers and specifying any version format other than version 1 (in other words, entering the ip flow-export or no ip flow-export command and specifying either the version 5 or version 9 keyword) causes packet forwarding to stop for a few seconds while NetFlow reloads the route processor and line card CEF tables. To avoid interruption of service to a live network, apply this command during a change window, or include it in the startup-config file to be executed during a router reboot.

---

For more information on version 1 and version 5 data format, see the "NetFlow Data Format" section in the "Configuring NetFlow Switching" chapter of the Cisco IOS Switching Services Configuration Guide. For more information on version 9 data format, see the Cisco IOS NetFlow Version 9 Flow-Record Format white paper.

Examples

The following example shows how to configure the router to export the NetFlow cache entry to UDP port 125 on the workstation at 134.22.23.7 when the flow expires using version 1 format:

Router(config)# ip flow-export 134.22.23.7 125

The following example shows how to configure the router to export the NetFlow cache entry to UDP port 2048 on the workstation at 134.22.23.7 when the flow expires using version 5 format and includes the peer AS information:

Router(config)# ip flow-export 134.22.23.7 2048 version 5 peer-as

Related Commands

Command	Description
debug ip flow export	Enables debugging output for NetFlow data export.
export destination	Enables the exporting of information from NetFlow aggregation caches.
ip route-cache flow	Enables NetFlow switching for IP routing.
show ip flow export	Displays the statistics for the NetFlow data export.

show ip flow export

To display the statistics for the NetFlow data export, including statistics for the main cache and all other enabled caches, use the show ip flow export command in user EXEC or privileged EXEC mode.

show ip flow export [template]

Syntax Description

template

(Optional) Shows the data export statistics (such as template timeout and refresh rate) for the template-specific configurations.

Command Modes

User EXEC

Privileged EXEC

Command History

Release	Modification
11.1CC	This command was introduced.
12.2(2)T	This command was modified to display multiple NetFlow export destinations.
12.0(24)S	The template keyword was added.
12.3(1)	This command was integrated into Cisco IOS Release 12.3(1).
12.2(18)S	This command was integrated into Cisco IOS Release 12.2(18)S.

Examples

The following is sample output from the show ip flow export command:

Router# show ip flow export

Flow export is enabled

Exporting flows to 10.42.42.1 (9991) 10.0.101.254 (9991) 

   Exporting using source IP address 10.0.101.203

   Version 5 flow records

Export Stats for 10.42.42.1 (9991)

           3 flows exported in 3 udp datagrams

           0 flows failed due to lack of export packet

           3 export packets were sent up to process level

           0 export packets were dropped due to no fib

           0 export packets were dropped due to adjacency issues

           0 export packets were dropped enqueuing for the RP

           0 export packets were dropped due to IPC rate limiting

Export Stats for 10.0.101.254 (9991)

           7 flows exported in 7 udp datagrams

           0 flows failed due to lack of export packet

           6 export packets were sent up to process level

           0 export packets were dropped due to no fib

           0 export packets were dropped due to adjacency issues

           0 export packets were dropped enqueuing for the RP

           0 export packets were dropped due to IPC rate limiting

The following is sample output from the show ip flow export template command:

Router# show ip flow export template

Template Options Flag = 0

   Total number of Templates added = 0

   Total active Templates = 0

   Flow Templates active = 0

   Flow Templates added = 0

   Option Templates active = 0

   Option Templates added = 0

   Template ager polls = 0

   Option Template ager polls = 0

Main cache version 9 export is enabled

 Template export information

   Template timeout = 30

   Template refresh rate = 20

 Option export information

   Option timeout = 30

   Option refresh rate = 20

Router# 

Related Commands

Command	Description
clear adjacency	Configures aggregation cache operational parameters.
debug ip flow export	Enables debugging output for NetFlow data export
exit	Leaves aggregation cache mode.
export destination	Enables the exporting of information from NetFlow aggregation caches.
ip flow-aggregation cache	Enables aggregation cache configuration mode.
ip flow-export	Enables the exporting of information in NetFlow cache entries.

Glossary

CEF—Cisco Express Forwarding. Layer 3 IP switching technology that optimizes network performance and scalability for networks with large and dynamic traffic patterns.

BGP—Border Gateway Protocol. Interdomain routing protocol that replaces exterior border gateway protocol (EBGP). BGP exchanges reachability information with other BGP systems. It is defined by RFC 1163.

BGP next hop—IP address of the next hop to be used to reach a certain destination.

data flowset—Collection of one or more data records that are grouped together in an export packet.

data record—Provides information about an IP flow that exists on the device that produced an export packet. Each group of data records (meaning each data flowset) references a previously transmitted template ID, which can be used to parse the data within the records.

dCEF—Distributed Cisco Express Forwarding. Type of CEF switching in which line cards (such as VIP line cards) maintain an identical copy of the forwarding information base (FIB) and adjacency tables. The line cards perform the express forwarding between port adapters; this relieves the route/switch processor of involvement in the switching operation.

export packet—Type of packet built by a device (for example, a router) with NetFlow services enabled that is addressed to another device (for example, the NetFlow Collection Engine). The packet contains NetFlow statistics. The other device processes the packet (parses, aggregates, and stores information on IP flows).

fast switching—Cisco feature in which a route cache is used to expedite packet switching through a router.

flow—Unidirectional stream of packets between a given source and destination—both defined by a network-layer IP address and transport-layer source and destination port numbers.

flowset—Collection of flow records that follow the packet header in an export packet. A flowset contains information that must be parsed and interpreted by the NetFlow Collection Engine device. There are two different types of flowsets: template flowsets and data flowsets. An export packet contains one or more flowsets, and both template and data flowsets can be mixed in the same export packet.

NetFlow—Cisco IOS acceleration and accounting feature that maintains per-flow information.

NetFlow Aggregation—A NetFlow feature that lets you summarize NetFlow export data on an IOS router before the data is exported to a NetFlow data collection system such as the NetFlow FlowCollector. This feature lowers bandwidth requirements for NetFlow export data and reduces platform requirements for NetFlow data collection devices.

NetFlow Collection Engine (formerly NetFlow FlowCollector)—Cisco application that is used with NetFlow on Cisco routers and Catalyst 5000 series switches. The NetFlow Collection Engine collects packets from the router that is running NetFlow and decodes, aggregates, and stores them. You can generate reports on various aggregations that can be set up on the NetFlow Collection Engine.

NetFlow v9—NetFlow export format version 9. A flexible and extensible means to carry NetFlow records from a network node to a collector. NetFlow version 9 has definable record types and is self-describing for easier NetFlow Collection Engine configuration.

options data record—Special type of data record (which is based on an options template) with a reserved template ID that provides information about the NetFlow process itself.

options template—Type of template record used to communicate the format of data related to the NetFlow process.

packet header—First part of an export packet. It provides basic information about the packet (such as the NetFlow version, number of records contained in the packet, and sequence numbering) so that lost packets can be detected.

template flowset—Collection of one or more template records that are grouped in an export packet.

template ID—Unique number that distinguishes a template record from other template records produced by the same export device. A NetFlow Collection Engine application that receives export packets from several devices should be aware that uniqueness is not guaranteed across export devices. Thus, the NetFlow Collection Engine should also cache the address of the export device that produced the template ID in order to enforce uniqueness.

template record—Defines the format of subsequent data records that might be received in current or future export packets. A template record within an export packet does not necessarily indicate the format of data records within that same packet. A NetFlow Collection Engine application must cache any template records received and then parse any data records it encounters by locating the appropriate template record in the cache.

ToS—type of service byte. Second byte in the IP header that indicates the desired quality of service for a particular datagram.

---

Note Refer to the Internetworking Terms and Acronyms for terms not included in this glossary.

---

Copyright © 2003 Cisco Systems, Inc. All rights reserved.