Table Of Contents

Configuring NetFlow v9 for IPv6

Finding Feature Information

Contents

Prerequisites for NetFlow v9 for IPv6

Restrictions for NetFlow v9 for IPv6

Information About NetFlow v9 for IPv6

NetFlow and NDE on the PFC

NetFlow Export Format Version 9

How to Configure NetFlow v9 for IPv6

Configuring the NDE for VRF Interface

Examples

Configuration Examples for NetFlow v9 for IPv6

Example: Configuring the NetFlow v9 for IPv6 Feature

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for NetFlow v9 for IPv6

Configuring NetFlow v9 for IPv6

---

First Published: February 27, 2007

Last Updated: December 17, 2010

This module contains information about and instructions for configuring NetFlow and NetFlow Data Export (NDE) for capturing and exporting data from IP version 6 (IPv6) traffic flows using the NetFlow version 9 (v9) export format.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the"Feature Information for NetFlow v9 for IPv6" section.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

•Prerequisites for NetFlow v9 for IPv6

•Restrictions for NetFlow v9 for IPv6

•Information About NetFlow v9 for IPv6

•How to Configure NetFlow v9 for IPv6

•Configuration Examples for NetFlow v9 for IPv6

•Additional References

•Feature Information for NetFlow v9 for IPv6

Prerequisites for NetFlow v9 for IPv6

Your router must be configured with Cisco IOS Release 12.2(33)SRB or later releases to configure the NetFlow v9 for IPv6 feature.

Restrictions for NetFlow v9 for IPv6

NDE v9 records for IPv6 do not contain Autonomous System (AS) numbers and prefix length information.

Information About NetFlow v9 for IPv6

Before you configure the NetFlow v9 for IPv6 feature, you should understand the following concepts:

•NetFlow and NDE on the PFC

•NetFlow Export Format Version 9

NetFlow and NDE on the PFC

The NetFlow cache on the Policy Feature Card (PFC) captures statistics for flows that are routed in hardware.

The PFC uses one of these flow masks to create NetFlow entries:

•source-only—The cache contains one entry for each source IP address. All flows from a given source IP address use this entry.

•destination—The cache contains one entry for each destination IP address. All flows to a given destination IP address use this entry.

•destination-source—The cache contains one entry for each source and destination IP address pair. All flows between the same source and destination IP addresses use this entry.

•destination-source-interface—Adds the source VLAN SNMP ifIndex to the information in the destination-source flow mask.

•full—A separate cache entry is created for each IP flow. A full entry includes the source IP address, destination IP address, protocol, and protocol interfaces.

•full-interface—Adds the source VLAN SNMP ifIndex to the information in the full flow mask.

See the

NetFlow Export Format Version 9

For all NetFlow export versions, the NetFlow export datagram consists of a header and a sequence of flow records. The header contains information such as sequence number, record count, and system uptime. The flow record contains flow information, such as IP addresses, ports, and routing information.

NetFlow version 9 export format is the newest NetFlow export format. The distinguishing feature of the NetFlow version 9 export format is that it is template based. Templates make the record format extensible. NetFlow version 9 export format allows future enhancements to NetFlow without requiring concurrent changes to the basic flow-record format.

The NetFlow version 9 export record format is different from the traditional NetFlow fixed format export record. In NetFlow version 9, a template describes the NetFlow data, and the flow set contains the actual data. This arrangement allows for flexible export.

The use of templates with the NetFlow version 9 export format provides several other key benefits:

•You can export almost any information from a router or switch, including Layer 2 through 7 information, routing information, IP version 6 (IPv6), IP version 4 (IPv4), multicast, and Multiprotocol Label Switching (MPLS) information. This new information allows new applications for export data and new views of network behavior.

•Third-party business partners who produce applications that provide NetFlow collector or display services for NetFlow are not required to recompile their applications each time a new NetFlow export field is added. Instead, they can use an external data file that documents the known template formats.

•New features can be added to NetFlow more quickly, without breaking current implementations.

•NetFlow is "future-proofed" against new or developing protocols, because the version 9 export format can be adapted to provide support for them and for other non-NetFlow-based approaches to data collection.

Table 1 shows the NetFlow version 9 export packet header format.

Table 1 Field Names and Descriptions for the NetFlow Version 9 Export Packet Header 

Field Name	Bytes	Description
Version	0-1	The version of NetFlow records exported in this packet; for version 9, this value is 0x0009.
Count	2-3	Number of FlowSet records (both template and data) that are contained within this packet.
System Uptime	4-7	Time, in milliseconds, since this device was first booted.
UNIX Seconds	8-11	Seconds since 0000 Coordinated Universal Time (UTC) 1970.
Sequence Number	12-15	Incremental sequence counter of all export packets sent by this export device; this value is cumulative, and it can be used to find out whether any export packets have been missed. This is a change from the NetFlow version 5 and version 8 headers, where this number represented "total flows."
Source ID	16-19	The Source ID field is a 32-bit value that is used to guarantee uniqueness for each flow exported from a particular device. (The Source ID field is the equivalent of the engine type and engine ID fields found in the NetFlow version 5 and version 8 headers.) The format of this field is vendor specific. In Cisco's implementation, the first two bytes are reserved for future expansion and are always zero. Byte 3 provides uniqueness with respect to the routing engine on the exporting device. Byte 4 provides uniqueness with respect to the particular line card or Versatile Interface Processor on the exporting device. Collector devices should use the combination of the source IP address and the Source ID field to associate an incoming NetFlow export packet with a unique instance of NetFlow on a particular device.

Figure 1 shows a typical example of exporting data using the NetFlow version 9 export format.

Figure 1 NetFlow Version 9 Export Format Packet Example

How to Configure NetFlow v9 for IPv6

This section contains the following:

•Configuring the NDE for VRF Interface (required)

Configuring the NDE for VRF Interface

Perform the steps in this task to configure the NDE for VRF interfaces feature.

SUMMARY STEPS

1. enable

2. configure terminal

3. ipv6 unicast-routing

4. mls flow {ip | ipv6} {destination | destination-source | full | interface-destination-source | interface-full | source}

5. mls nde sender

6. ip flow-export version 9

7. ip flow-export destination {ip-address | hostname} udp-port

8. interface type number

9. ipv6 address ip-address/mask

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. •Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	ipv6 unicast-routing Example: Router(config)# ipv6 unicast-routing	Enables the forwarding of IPv6 unicast datagrams.
Step 4	mls flow {ip | ipv6} {destination | destination-source | full | interface-destination-source | interface-full | source} Example: Router(config)# mls flow ipv6 interface-full	Specifies the NetFlow flow mask for IPv6 traffic.
Step 5	mls nde sender Example: Route(config)# mls nde sender	Enables NDE globally on the router. Note NDE does not start exporting data until you specify a destination for the exported traffic. The destination for exported traffic is specified in Step 7.
Step 6	ip flow-export version 9 Example: Router(config)# ip flow-export version 9	Configures NDE to use the NetFlow version 9 export format.
Step 7	ip flow-export destination {ip-address | hostname} udp-port Example: Router(config)# ip flow-export destination 172.16.10.2 88	Specifies the IP address or the hostname of the NetFlow collector and the UDP port on which the NetFlow collector is listening.
Step 8	interface type number Example: Router(config)# interface fastethernet 1/1	Specifies the interface that you want to enable NetFlow on and enters interface configuration mode.
Step 9	ipv6 address ip-address/mask Example: Router(config-if)# ipv6 address 2001:0DB8:AB::2/64	Configures an IPv6 address on the interface.

Examples

The following output of the show mls nde command verifies that NDE is enabled on the router.

Router# show mls nde

 NetFlow Data Export enabled 

 Exporting flows to 10.30.30.2 (12345)  172.16.10.2 (88)

 Exporting flows from 10.4.9.149 (58970)

 Version: 9

 Layer2 flow creation is disabled

 Layer2 flow export is disabled

 Include Filter not configured 

 Exclude Filter not configured 

 Total NetFlow Data Export Packets are:

    0 packets, 0 no packets, 0 records

 Total NetFlow Data Export Send Errors:

        IPWRITE_NO_FIB = 0

        IPWRITE_ADJ_FAILED = 0

        IPWRITE_PROCESS = 0

        IPWRITE_ENQUEUE_FAILED = 0

        IPWRITE_IPC_FAILED = 0

        IPWRITE_OUTPUT_FAILED = 0

        IPWRITE_MTU_FAILED = 0

        IPWRITE_ENCAPFIX_FAILED = 0

 NetFlow Aggregation Disabled

Configuration Examples for NetFlow v9 for IPv6

This section contains the following configuration example:

•Example: Configuring the NetFlow v9 for IPv6 Feature

Example: Configuring the NetFlow v9 for IPv6 Feature

The following example shows how to configure the router for NetFlow and NDE for IPv6 traffic using NetFlow export format version 9.

ipv6 unicast-routing

mls flow ipv6 interface-full 

mls nde sender 

ip flow-export version 9 

ip flow-export destination 172.16.10.2 88

interface FastEthernet1/1 

ipv6 address 2001:0DB8::1/64

Additional References

Related Documents

Related Topic	Document Title
Cisco IOS commands	Cisco IOS Master Commands List, All Releases
NetFlow commands	Cisco IOS NetFlow Command Reference
NetFlow flow masks and flow records	Configuring NetFlow and NDE
NetFlow export format version 9 and the export format architecture	NetFlow version 9 Flow-Record Format

Standards

Standard	Title
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.	—

MIBs

MIB	MIBs Link
None	To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs

RFCs

RFC	Title
RFC 3954	Cisco Systems NetFlow Services Export Version 9.

Technical Assistance

Description	Link
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.	http://www.cisco.com/cisco/web/support/index.html

Feature Information for NetFlow v9 for IPv6

Table 2 lists the release history for this feature.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

---

Note Table 2 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

---

Table 2 Feature Information for NetFlow v9 for IPv6 

Feature Name	Releases	Feature Information
NetFlow v9 for IPv6	12.2(33)SRB	The NetFlow v9 for IPv6 feature enables the export of NetFlow flow information for IPv6 traffic. In Cisco IOS Release 12.2(33)SRB, support for this feature was introduced on the Cisco 7600 series routers. The following sections provide information about this feature: •Information About NetFlow v9 for IPv6 •How to Configure NetFlow v9 for IPv6 The following commands were introduced or modified: mls flow, mls nde sender.

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2007-2010 Cisco Systems, Inc. All rights reserved.