Cisco CNS NetFlow Collection Engine Installation and Configuration Guide, 4.0
Installing and Configuring CNS NetFlow Collection Engine
Download this chapter
Installing and Configuring CNS NetFlow Collection EngineInstalling and Configuring CNS NetFlow Collection Engine
give_us_feedback

Table Of Contents

Installing and Configuring CNS NetFlow Collection Engine

Verifying System Requirements

Installing CNS NetFlow Collection Engine

Installing on a Solaris Platform

Installing on an HP-UX Platform

Installing on a Linux Platform

Installing on a Cisco CNS 2100 Series Intelligence Engine Appliance

Running the Setup Program

How to Re-execute Setup

Valid Values for Parameters

Sample Setup

Default CNS NetFlow Collection Engine File Hierarchy

Setting UNIX Environment Variables

Enabling NetFlow Data Export

Starting CNS NetFlow Collection Engine

Verifying That CNS NetFlow Collection Engine Is Running

Stopping CNS NetFlow Collection Engine

Stopping the CNS NetFlow Collection Engine Daemon


Installing and Configuring CNS NetFlow Collection Engine

This chapter describes how to install Cisco CNS NetFlow Collection Engine, configure it, and then validate that it is operating properly. This chapter includes the following sections:

Verifying System Requirements

Installing CNS NetFlow Collection Engine

Setting UNIX Environment Variables

Enabling NetFlow Data Export

Starting CNS NetFlow Collection Engine

Verifying That CNS NetFlow Collection Engine Is Running

Stopping CNS NetFlow Collection Engine

Stopping the CNS NetFlow Collection Engine Daemon

Verifying System Requirements

CNS NetFlow Collection Engine, Release 4.0 operates with the following platforms:

Solaris-Version 2.6 or 2.8. A minimum of an Ultra-1 workstation is recommended with at least 256 MB RAM, 512 MB of swap space, and 4 GB of disk space.

HP-UX, Version 11i (32-bit and 64-bit are supported). A minimum of a Class C workstation is recommended with at least 256 MB RAM, 512 MB of swap space, and 4 GB of disk space.

Linux for RedHat Linux 7.1 for i386 processors. Requires RedHat Package Manager (RPM). An i386 processor-based Linux platform is required with at least 256 MB RAM, 512 MB of swap space, and 4 GB of disk space.

Cisco CNS 2100 Series Intelligence Engine appliance.

Note To prevent NetFlow data export packet loss, the workstation should be dedicated to the CNS NetFlow Collections Engine and should not be running other applications.

CNS NetFlow Collection Engine, Release 4.0 requires at least 45 MB of disk space for its binary and configuration files.

CNS NetFlow Collection Engine generates output files containing aggregated data. These files require additional disk space; the exact amount depends on the flow arrival rate, collection interval, number of aggregation schemes specified, binary versus ASCII data file types, use of compression or not, and data file retention policies.

For more information on planning and managing disk space usage, see the "Managing Disk Space" section on page 5-44.

Installing CNS NetFlow Collection Engine

CNS NetFlow Collection Engine is distributed on CD-ROM. The installation process consists of the following general tasks:

Identify a locally mounted partition, such as /tmp, that you can use to hold the CNS NetFlow Collection Engine tar file when you transfer it from the distribution CD-ROM.

Note Before you copy the CNS NetFlow Collection Engine tar file, you should verify that the locally mounted partition you plan to use contains at least 100 MB of free disk space. This partition must be large enough to hold the tar file, the files extracted from the tar file, and the temporary work files created by the installation script while it is installing CNS NetFlow Collection Engine.

Copy the appropriate tar file from the CNS NetFlow Collection Engine distribution CD-ROM.

Extract the CNS NetFlow Collection Engine files from the tar file.

Start the installation script.

The CNS NetFlow Collection Engine installation script makes the installation process as easy as possible by automatically handling new and upgrade installation issues.

For example, CNS NetFlow Collection Engine requires that the value of the data size (maxdsiz) system tunable parameter in HP-UX Version 11.0 be set to at least 524,288 KB for satisfactory CNS NetFlow Collection Engine operation. If you attempt to install CNS NetFlow Collection Engine on a workstation whose maxdsiz value is below 524,288 KB, the CNS NetFlow Collection Engine installation script checks the current value, detects that it does not match the recommended minimum value, displays the following message, and puts a similar message in the installation log file named nfc_install.log, which is located at $NFC_DIR/logs when the installation process is complete. 

ERROR: Existing datasize is "65536" 

The required datasize is at least "524288" 

System parameters validation failed, please consult 

your system administrator or your system vendor technical

support for changing the system parameter(s) "maxdsiz" 

and rebuilding the kernel before running NetFlow CNS NetFlow Collection Engine.

The HP-UX Version 11.0 default for maxdsiz is 65536. If the value of this parameter falls below the recommended minimum value of 524,288 KB, you must change the value to 524,288 KB and then rebuild your kernel.

Note The process of changing this system tunable parameter value and rebuilding the kernel is beyond the scope of this document. For information or help, you should refer to the documentation that came with your workstation, contact your system administrator, or contact your workstation vendor's technical support organization.

The installation script also searches for files from a previously installed version of CNS NetFlow Collection Engine. If it detects a previously installed version, it preserves existing data and configuration files (preserving the configuration files retains any additions or changes to the CNS NetFlow Collection Engine resource definitions or parameter settings that you may have made while using the previously installed version of CNS NetFlow Collection Engine.) Later in the installation process, the installation script allows you to specify whether you want to use the existing configuration files, or use the new configuration files. Depending on your choice, the unused files are given an alternative filename suffix and saved in case you need them later.

The installation script also gives you the opportunity to keep existing log files or delete them along with other files from the earlier CNS NetFlow Collection Engine version. You can also specify alternative path names for the log files associated with the new CNS NetFlow Collection Engine version.

Note If the installation script does not find files from a previously installed version of CNS NetFlow Collection Engine, the installation is a first-time installation and is basically the same as for an upgrade installation, but with fewer prompts from the installation script. The installation script prompts you for responses to any required steps.

Installing on a Solaris Platform

The following procedure shows an upgrade installation. If you are installing CNS NetFlow Collection Engine for the first time, the installation is basically the same, but with fewer prompts from the installation script (because there are no files from a previously installed version of CNS NetFlow Collection Engine). The installation script prompts you for responses to any required steps.

Note During an upgrade installation, existing configuration files and data files are detected and you are given the option of saving them with a .old extension.

To install CNS NetFlow Collection Engine on a Solaris platform, perform the following steps:

Step 1 Log in as root.

Step 2 Copy the NFC-solaris-standard-X-Y.tar file from the distribution CD-ROM to a locally mounted directory such as /tmp on the workstation.

Note Replace the X and Y in the tar file name with the major and minor software release number.

Step 3 Extract the CNS NetFlow Collection Engine files from the tar file.

# tar -xvf NFC-solaris-standard-X-Y.tar

Step 4 Run the installation script to begin the installation process. Answer all questions.

# ./NFC_setup.sh NFC.solaris.Z 

********************************************************************

                  NetFlow FlowCollector 4.0

       Copyright (c) 1986-2002 by Cisco Systems, inc.

                    All rights reserved

********************************************************************




Hit Return to continue...

The installation script searches for any previously installed version of CNS NetFlow Collection Engine. 

Searching for existing copy of CSCOnfc

Found previous copy of CSCOnfc

If it detects a previously installed version, it asks whether you want to delete the existing log files or leave them untouched. Enter y (yes). 

Found existing log file /opt/CSCOnfc/logs/nfc.log

Would you like to delete this log file? (y/n)? y

If you enter y (yes), the installation script deletes the nfc.log file. If you enter n (no), the installation script does not delete the file.

The installation then repeats the prompt for the Gateway log file (nfcgw.log): 

Found existing log file /opt/CSCOnfc/logs/nfcgw.log

Would you like to delete this log file? (y/n)? y

The installation script then identifies the previously installed version of CNS NetFlow Collection Engine and prompts you to confirm that you want to delete the existing CNS NetFlow Collection Engine files. Enter y (yes). 

The following package is currently installed:

  CSCOnfc        Cisco NetFlow FlowCollector

             (Solaris2.6) 2.0


Do you want to remove this package? y

The installation script deletes the files and path names associated with the previously installed version and signals the successful completion of the task: 

Removal of <CSCOnfc> was successful

The installation script begins installing the new version. The system prompts you to select the package to be installed. Press Return to accept the default. 

... Starting FlowCollector 4.0 Install ...


The following packages are available:

1 CSCOnfc      Cisco NetFlow FlowCollector

       (Solaris2.6) 4.0


Select package(s) you wish to process (or `all' to process

all packages). (default: all) [?,??,q]:<CR>

The installation script begins processing the installation package. As part of the process, the installation script prompts you to confirm file permissions. Enter y (yes). 

The following files are being installed with setuid and/or setgid permissions:                                                                    

   /opt/CSCOnfc/bin/.nfcleaner0 <setuid root> 

   /opt/CSCOnfc/bin/NFCGW <setuid root> 

   /opt/CSCOnfc/bin/NFCollector <setuid root> 


Do you want to install these as setuid/setgid files [y,n,?,q] y

The installation script continues installing CNS NetFlow Collection Engine and signals when it has completed the task: 

Installation of <CSCOnfc> was successful.

When the installation script has successfully completed the installation phase, it enters the post installation setup phase. 

post installation setup ...

During this phase, the installation script prompts you to select a method for handling CNS NetFlow Collection Engine configuration files. When you update to a new version of CNS NetFlow Collection Engine, your existing configuration files are not lost. The installation script gives you the opportunity to select how the old and new configuration files are handled. Unless your installation imposes special requirements, accept the default and enter 1. 

Please choose one of the following:

(1) Install new default configuration files

   (Your existing configuration files will be saved with `.old'

   extensions should you want to refer to them later)


(2) Retain existing configuration files

   (New default configuration files will be saved with `.default'

   extensions should you want to refer to them later)


Please choose [1/2] [1]: 1

1

Installing new configuration files ...


Saving existing configuration files with .old extensions 

in /opt/CSCOnfc/config ...

Note The configuration files provided with CNS NetFlow Collection Engine 4.0 contain several new configuration parameters that are not available under CNS NetFlow Collection Engine 1.0/2.0. If you decide to retain the configuration files (Option 2) from the previously installed version, you may want to add these new configuration parameters and their values to your existing configuration files after you are finished with the installation process. That way you have access to the new features that these configuration parameters control.

Next, the installation script offers you the opportunity to change the default path names for the CNS NetFlow Collection Engine log file and gateway log file. Unless your installation imposes special requirements, you should accept the default path names. Press Return to accept the default. 

FlowCollector's log file is: /opt/CSCOnfc/logs/nfc.log

Enter a new location+name (hit RETURN to continue)<CR>


FlowCollector Gateway's log file is: /opt/CSCOnfc/logs/nfcgw.log


Enter a new location+name (hit RETURN to continue)<CR>

Next, the installation script asks you if you want CNS NetFlow Collection Engine applications to start automatically when the system is initialized. This saves you the extra step of starting CNS NetFlow Collection Engine processes from the command line when the system is started. 

Would you like the FlowCollector applications to be 

automatically started when the system is initialized?  (y/n)? y

Finally, the installation script tests system tunable parameters. This includes the maxdsiz parameter discussed in the "Installing CNS NetFlow Collection Engine" section. If an error is encountered, you are prompted to take appropriate action to fix the problem. 

Checking system tunable parameters ... 


Validation successful

.

.

.

FlowCollector 4.0 installation completed successfully.

The record of this installation session is saved in /opt/CSCOnfc/logs/nfc_install.log.

Installing on an HP-UX Platform

The following procedure shows an upgrade installation. If you are installing CNS NetFlow Collection Engine for the first time, the installation is basically the same as an upgrade installation, but with fewer prompts from the installation script (because there are no files from a previously installed version of CNS NetFlow Collection Engine). The installation script prompts you for responses to any required steps.

Note During an upgrade installation, existing configuration files and data files are detected and you are given the option of saving them with a .old extension.

To install CNS NetFlow Collection Engine over a previously installed version on an HP-UX platform, perform the following steps:

Step 1 Log in as root.

Step 2 Copy the NFC-hpux-standard-X-Y.tar file from the distribution CD-ROM to a locally mounted directory on the workstation.

Step 3 Extract the CNS NetFlow Collection Engine files from the tar file. 

# tar -xvf NFC-hpux-standard-X-Y.tar

Step 4 Run the installation script to begin the pre installation process. Answer all questions. 

# ./NFC_setup.sh NFC.hpux.Z 


********************************************************************

                    NetFlow FlowCollector 4.0

             Copyright (c) 1986-2002 by Cisco Systems, inc.

                      All rights reserved

********************************************************************


Hit Return to continue...

The installation script searches for any previously installed version of CNS NetFlow Collection Engine. If it detects a previously installed version, it looks for log files associated with that version and prompts you to confirm that the log files can be deleted. If you want to remove the files, enter y (yes). 

Searching for existing copy of CSCOnfc...


Found previous copy of CSCOnfc

Found existing log file /opt/CSCOnfc/logs/nfc.log

Would you like to delete this log file? (y/n)? y


/opt/CSCOnfc/logs.nfc.log has been deleted


Found existing log file /opt/CSCOnfc/logs/nfcgw.log

Would you like to delete this log file (y/n)? y


/opt/CSCOnfc/logs/nfcgw.log has been deleted

invoking /usr/sbin/swremove utility...

When the installation script has successfully removed the log files, it removes any other earlier CNS NetFlow Collection Engine files except configuration files and data files. This process takes approximately a minute. During the time that the installation script is removing files, it displays various progress information messages. 

=======  03/22/2002 13:46:57 PDT  BEGIN swremove SESSION (non-interactive)

.

.

.

=======  03/22/02 13:47:06 PDT END swremove SESSION (non-interactive)

When the installation script has successfully removed the previous version, it begins installing the new version. This process takes approximately a minute. During the time that the installation script is extracting, copying, and installing files, it displays various progress information. 

...Starting FlowCollector 4.0 Install ....

.

.

.

======= 03/22/2002 13:47:12 PDT  BEGIN swcopy SESSION (non-interactive)

.

.

.

======= 03/22/2002 13:47:23 PDT  END swcopy SESSION (non-interactive)


======= 03/22/2002 13:47:24 PDT  BEGIN swinstall SESSION (non-interactive)

.

.

.

======= 03/22/2002 13:47:37 PDT  END swinstall SESSION (non-interactive)

.

.

.

When the installation script has successfully completed the installation phase, it enters the post installation setup phase. 

post installation setup ...

During this phase, the installation script prompts you to select a method for handling CNS NetFlow Collection Engine configuration files. When you update to a new version of CNS NetFlow Collection Engine, your existing configuration files are not lost. The installation script gives you the opportunity to select how the old and new configuration files are handled. Unless your installation imposes special requirements, accept the default and enter 1. 

Please choose one of the following:

(1) Install new default configuration files

    (Your existing configuration files will be saved with `.old'

    extensions should you want to refer to them later)

(2) Retain existing configuration files

    (New default configuration files will be saved with `.default'

    extensions should you want to refer to them later)


Please choose [1/2] [1]: 1

1

Installing new configuration files ...


Saving existing configuration files with .old extensions 

in /opt/CSCOnfc/config ...

Note The configuration files provided with CNS NetFlow Collection Engine 4.0 contain several new configuration parameters that are not available under CNS NetFlow Collection Engine 1.0/2.0. If you decide to retain the configuration files (Option 2) from the previously installed version, you may want to add these configuration parameters and their values to your existing configuration files after you are finished with the installation process. That way you have access to the new features that these configuration parameters control.

Next, the installation script offers you the opportunity to change the default path names for the CNS NetFlow Collection Engine log file and gateway log file. Unless your installation imposes special requirements, you should accept the default path names. Press Return to accept the default. 

FlowCollector's log file is: /opt/CSCOnfc/logs/nfc.log

Enter a new location+name (hit RETURN to continue)<CR>


FlowCollector Gateway's log file is: /opt/CSCOnfc/logs/nfcgw.log

Enter a new location+name (hit RETURN to continue)<CR>

Next, the installation script asks you if you want CNS NetFlow Collection Engine applications to start automatically when the system is initialized. This saves you the extra step of starting CNS NetFlow Collection Engine processes from the command line when the system is started. 

Would you like the FlowCollector applications to be 

automatically started when the system is initialized?  (y/n)? y

Finally, the installation script tests system tunable parameters. This includes the maxdsiz parameter discussed in the "Installing CNS NetFlow Collection Engine" section. If an error is encountered, you are prompted to take appropriate action to fix the problem. 

Checking system tunable parameters ... 


Validation successful                                                         


.

.

.

FlowCollector 4.0 installation completed successfully.

The record of this installation session is saved in /opt/CSCOnfc/logs/nfc_install.log.

Installing on a Linux Platform

The following procedure shows an upgrade installation. If you are installing CNS NetFlow Collection Engine for the first time, the installation is basically the same as an upgrade installation, but with fewer prompts from the installation script (because there are no files from a previously installed version of CNS NetFlow Collection Engine). The installation script prompts you for responses to any required steps.

Note During an upgrade installation, existing configuration files and data files are detected and you are given the option of saving them with a .old extension.

To install CNS NetFlow Collection Engine Release 4.0 on a Linux 7.1 platform, perform the following steps:

Step 1 Log in as root.

Step 2 Copy the NFC-linux-standard-4.0-0.3.tar file from the distribution CD-ROM to a locally mounted directory on the workstation.

Step 3 Extract the CNS NetFlow Collection Engine files from the tar file. 

# tar -xvf NFC-linux-standard-4.0-0.3.tar

Step 4 Run the installation script to begin the pre installation process. Answer all questions. 

# ./NFC_Setup.sh CSCOnfc-4.0-0-1.i386.rpm


********************************************************************

 NetFlow FlowCollector 4.0(0.3)standard

 Copyright (c) 2001, 2002 by Cisco Systems, Inc.

 All rights reserved

********************************************************************


Hit Return to continue...

The installation script searches for any previously installed version of CNS NetFlow Collection Engine. 

Searching for existing copy of CSCOnfc..

Found previous copy of CSCOnfc, performing upgrade...

If it detects a previously installed version, it asks whether you want to delete the existing log files or leave them untouched. 


Found existing log file /opt/CSCOnfc/logs/nfc.log

Would you like to delete this log file?  (y/n)? y

If you enter y (yes), the installation script deletes the nfc.log file. If you enter n (no), the installation script does not delete the file.

The installation then repeats the prompt for the Gateway and CNS/XML interface log files: 


Found existing log file /opt/CSCOnfc/logs/nfcgw.log,

Would you like to delete this log file?  (y/n)? y


Found existing log file /opt/CSCOnfc/logs/nfcxml.log,

Would you like to delete this log file?  (y/n)? y

When you update to a new version of CNS NetFlow Collection Engine, your existing configuration files are not lost. The RedHat Package Manager determines if any of the configuration files have changed since installation and backs then up if new configuration files are necessary for the new installation to operate. The installation script gives you the opportunity to select how the old and new configuration files are handled. Unless your installation imposes special requirements, accept the default and enter 1. 


Please choose one of the following..

(1) Install new default configuration files

    (Existing configuration files that have been modified will

    be saved with '.old' extensions should you want to refer to them later)

(2) Retain existing configuration files

    (New default configuration files will be saved with '.default'

     extensions should you want to refer to them later)

Please choose [1]: 1

Installing new configuration files ...

Saving existing configuration files with .old extensions in

/opt/CSCOnfc/config ...

Next, the installation script asks if you want the CNS NetFlow Collection Engine applications to start automatically when the system is initialized. This saves you the extra step of starting the CNS NetFlow Collection Engine processes from the command line when the system is started. 


Would you like the Flow Collector applications to be 

automatically started when the system is initialized?  (y/n)? y

There are currently no system parameters tuned during a Linux installation. 


Checking system tunable parameters ... 

Validation successful



...Starting FlowCollector Install ....

When the installation script has successfully completed the installation phase, it enters the post installation setup phase. 


post installation setup ...

Next, the installation script offers you the opportunity to change the default path names for the CNS NetFlow Collection Engine log file and gateway log file. Unless your installation imposes special requirements, you should accept the default path names. Press Return to accept the default. 


Enter FlowCollector's log file [/opt/CSCOnfc/logs/nfc.log]: 

Filename is /opt/CSCOnfc/logs/nfc.log <CR>


Enter FlowCollector Gateway's log file [/opt/CSCOnfc/logs/nfcgw.log]: <CR>

Filename is /opt/CSCOnfc/logs/nfcgw.log


FlowCollector installation completed successfully.

The record of this installation session is saved in /opt/CSCOnfc/logs/nfc_install.log.

Installing on a Cisco CNS 2100 Series Intelligence Engine Appliance

To install CNS NetFlow Collection Engine Release 4.0 on a CNS 2100 Series Intelligence Engine appliance, perform the following steps:

Step 1 Power up the CNS 2100 Series Intelligence Engine system.

Step 2 Insert the CNS NetFlow Collection Engine, Release 4.0 CD-ROM in the CD drive.

Step 3 Press the Reset button to ensure the system starts the CD-ROM.

The software installs automatically. When the install process completes, the CD-ROM is automatically ejected and the system restarts.

Step 4 Login by means of the serial port.

Set up the serial port as follow:

Baud rate: 9600

Data bits: 8

Parity: N

Stop bit: 1

Step 5 Go to the following section "Running the Setup Program" to run the Setup program.

Running the Setup Program

You must run the Setup program when you start the system for the first time.

You must connect to the system using the serial port to use the Setup program. The parameters for using the serial port are 9600-N-8-1.

Note If this is the first time running Setup, or you have just run reinitialize or relocate, you cannot connect to the system using Telnet. Telnet is only possible if the network interfaces are configured.

To run Setup, follow these steps:

Step 1 Start the system.

When the system finishes the startup routine, a login prompt appears.

Step 2 Log in with username setup.

The Setup program starts.

Step 3 Enter responses to the prompts that appear.

For information about valid values for each parameter, see Table 2-1.

Use the following conventions when running the Setup program:

Press Enter to enter a response and proceed to the next prompt.

After you enter a response, you cannot edit it again. To change an entered response you must exit the Setup program and enter your responses again. You can exit the Setup program in two ways:

Press Ctrl-c.

The login prompt appears. Use the login setup to run the Setup program.

Enter n at the final prompt, Committed changes: [y/n].

The Setup program exits without saving the configuration, then restarts.

Press Backspace or Delete to delete characters.

Step 4 Provide values where prompted.

Step 5 Review your Setup configuration.

Step 6 To commit (save) your changes, type y.

After you save the configuration, the shell prompt appears.

How to Re-execute Setup

You cannot run Setup a second time by logging in as setup because that account is disabled for security reasons after it is used once successfully. To re-execute Setup, login as root, then run the script /etc/ie2100setup.

Valid Values for Parameters

Valid values for each parameter in the Setup program are listed in Table 2-1.

Table 2-1 Valid Values for Setup Parameters 

Parameter
Type
Length

Host name

Alphanumeric, dash

1æ32

Domain name

Alphanumeric, dash, dot

1æunlimited

eth0 IP address

IP address

 

eth0 Network mask

Network mask

 

eth0 Default gateway ip address

Gateway IP

 

Primary DNS Server IP address

IP address

 

Secondary DNS Server IP address

IP address

 

Root password

Password

1æ12

nfcuser password

Password

1æ12


Sample Setup 

Entering Network Appliance Setup for NetFlow FlowCollector

Type ctrl-c to exit


For information about the parameters in this setup, refer to

the "NetFlow FlowCollector Installation and User Guide".


Enter hostname: nfcapp1-lnx

Enter domain name: cisco.com

Enter eth0 IP address: 64.102.41.63

Enter eth0 network mask: 255.255.255.0

Enter eth0 default gateway IP address: 64.102.41.1

Enter primary DNS server IP address: 64.102.6.247

Enter secondary DNS server IP address (optional): 

Enter root password: 

Enter value again to confirm: 

Enter nfcuser password: 

Enter value again to confirm: 


The following setup values were specified:


Hostname:                             nfcapp1-lnx

Domain name:                          cisco.com

IP address for eth0:                  64.102.41.63

Network mask for eth0:                255.255.255.0

Default gateway IP address for eth0:  64.102.41.1

Primary DNS server IP address:        64.102.6.247

Secondary DNS server IP address:     

Password for root:                    *******

Password for nfcuser:                 ***


Use these values? (y/n) y

The system must be rebooted.  Reboot now? (y/n) y

Default CNS NetFlow Collection Engine File Hierarchy

Figure 2-1 shows the default CNS NetFlow Collection Engine directory structure created by the installation script.

Figure 2-1 Default CNS NetFlow Collection Engine File Hierarchy

Setting UNIX Environment Variables

Add the following environment variables to the startup files (.cshrc or .profile) of all users wanting to run the CNS NetFlow Collection Engine application. These environment variables identify the location of the CNS NetFlow Collection Engine directory structure and the nf.resources file:

Set NFC_DIR to /opt/CSCOnfc

Set NFC_RESOURCEFILE to $NFC_DIR/config/nf.resources

For C shell users, the commands (using default installation values) are: 

setenv NFC_DIR /opt/CSCOnfc

setenv NFC_RESOURCEFILE $NFC_DIR/config/nf.resources

For Bourne or Korn shell users, the commands (using default installation values) are: 

NFC_DIR=/opt/CSCOnfc; export NFC_DIR

NFC_RESOURCEFILE=$NFC_DIR/config/nf.resources; export NFC_RESOURCEFILE

The nf.resources file contains the variables and corresponding path names used to configure your startup CNS NetFlow Collection Engine environment (see Table 2-2).

The files identified in Table 2-2 are described in Chapter 5, "Customizing the CNS NetFlow Collection Engine."

Table 2-2 nf.resources Variables 

Variable
Default Path Name

NFC_CONFIGFILE

$NFC_DIR/config/nfconfig.file

NFC_KNOWNPROTOCOLS

$NFC_DIR/config/nfknown.protocols

NFC_KNOWNSRCPORTS

$NFC_DIR/config/nfknown.srcports

NFC_KNOWNDSTPORTS

$NFC_DIR/config/nfknown.dstports

NFC_KNOWNSRCASNS

$NFC_DIR/config/nfknown.srcasns

NFC_KNOWNDSTASNS

$NFC_DIR/config/nfknown.dstasns

NFC_LOG

$NFC_DIR/config/nfc.log

NFCGW_LOG

$NFC_DIR/config/nfcgw.log


In addition to the path names, the nf.resources file also includes a number of parameters for tuning CNS NetFlow Collection Engine performance. For more information about the parameters in the nf.resources file, see Chapter 5, "Customizing the CNS NetFlow Collection Engine."

Enabling NetFlow Data Export

Because of the configuration differences between routers and switches, any detailed configuration description for either type of NetFlow export device is beyond the scope of this guide. At the broadest conceptual level, you need to perform the following types of configuration tasks on the export devices:

Enable NetFlow services on Cisco routers; enable Multilayer Switching (MLS) on Catalyst 5000 series switches equipped with an NFFC.

Specify the IP address and the UDP port number used to identify CNS NetFlow Collection Engine as the receiver of exported NetFlow data. In a default CNS NetFlow Collection Engine installation, UDP ports 9995 and 9996 are automatically configured as the UDP ports CNS NetFlow Collection Engine uses to receive NetFlow exported data.

Enable NetFlow data export.

For information on Cisco IOS software features related to NetFlow services on Cisco routers, refer to the Cisco IOS software configuration guides and command references. For information on specific configuration commands for Cisco Catalyst 5000 series switches, refer to the "NetFlow Switching Enhancements" feature module in Cisco IOS release notes and feature modules.

For information on software features related to MLS on Catalyst 5000 series switches, refer to the Catalyst 5000 Series Multilayer Switching User Guide.

Starting CNS NetFlow Collection Engine

To start CNS NetFlow Collection Engine, you can be logged in as a normal user or as root. To run CNS NetFlow Collection Engine, perform the following steps:

Step 1 Log in.

Step 2 To start the CNS NetFlow Collection Engine application, enter the following command:

$   $NFC_DIR/bin/nfcollector start all

CNS NetFlow Collection Engine runs as several processes. This command also starts the CNS NetFlow Collection Engine Daemon if it is not already running. See the "CNS NetFlow Collection Engine Architectural Overview" section on page 1-5 for details about these processes.

Note Typically, CNS NetFlow Collection Engine is started and allowed to run until there is some reason to stop it. The NFUI is separate from CNS NetFlow Collection Engine and dependent on CNS NetFlow Collection Engine for current application statistics and resource definitions-such as for threads, filters, and protocols. Once CNS NetFlow Collection Engine is running, anyone can start the NFUI and use it to review application statistics and resource definitions. However, you cannot create or modify CNS NetFlow Collection Engine resource definitions while CNS NetFlow Collection Engine is running. For more information about the NFUI, see Chapter 3, "Using the CNS NetFlow Collection Engine User Interface."

Verifying That CNS NetFlow Collection Engine Is Running

To verify that CNS NetFlow Collection Engine is running properly, perform the following steps.

Step 1 To display a table of CNS NetFlow Collection Engine statistics, enter the following command:

$    $NFC_DIR/bin/NFUI -s

The following is displayed: 

FlowCollector has been up since Thu Nov 14 11:55:27 2002

Port		Packets rcvd(wrap)					Records(wrap)				Discarded		 	UnknownTempIDs Missed Recs(wrap)	Missed Packets(wrap)

----		------------------			-------------						---------			--------------	-----------------	 --------------------


9995 					0(0) 				0(0)				0				0			0(0)                    0(0)


9996          				 1034(0) 				 3102(0)					0				0			0(0)                    0(0)

Note The statistics are listed according to the UDP port numbers on which CNS NetFlow Collection Engine is expecting NetFlow data. In a default CNS NetFlow Collection Engine installation, UDP ports 9995 and 9996 are automatically configured as the UDP ports CNS NetFlow Collection Engine uses to receive NetFlow exported data. You can define other UDP port numbers (see the "Creating a Thread" section on page 5-9.

Step 2 Verify that the UDP ports that are expected to receive export data are receiving data.

In the example shown above, UDP port 9996 is collecting data, but UDP port 9995 is not.

Step 3 Check the $NFC_DIR/logs/nfc.log, $NFC_DIR/logs/nfcd.log and $NFC_DIS/logs/nfcxml.log files for error messages.

If you are receiving data on the CNS NetFlow Collection Engine UDP port and there are no error messages in the log files, CNS NetFlow Collection Engine is running properly. You should periodically monitor the $NFC_DIR/logs/nfc.log, $NFC_DIR/logs/nfcd.log, and $NFC_DIS/logs/nfcxml.log files for error and warning messages.

Stopping CNS NetFlow Collection Engine

To stop CNS NetFlow Collection Engine, perform the following steps:

Step 1 Log in.

Step 2 Enter the following command to stop the CNS NetFlow Collection Engine application. 

# $NFC_DIR/bin/nfcollector stop all

Note To stop CNS NetFlow Collection Engine, you must be logged in as root or the user who started this CNS NetFlow Collection Engine session. This command does not stop the CNS NetFlow Collection Engine Daemon.

Stopping the CNS NetFlow Collection Engine Daemon

Stop the CNS NetFlow Collection Engine Daemon using one of two commands. Keep in mind that each command has a different effect on the CNS NetFlow Collection Engine workstation. To stop the CNS NetFlow Collection Engine Daemon and all processes that the Daemon started, enter the following command: 

# $NFC_DIR/bin/nfcollector stop nfcd

To stop the Daemon and all other CNS NetFlow Collection Engine processes, enter the following command: 

# $NFC_DIR/bin/nfcollector clean
Caution The nfcollector clean command does not gracefully stop the system. Any and all CNS NetFlow Collection Engine functions cease immediately. This includes flow collection and data file creation. Use this command with caution.