Cisco CNS NetFlow Collection Engine Installation and Configuration Guide, 5.0.2 - Configuring CNS NetFlow Collection Engine [Cisco NetFlow Collection Engine]

Table Of Contents

Configuring CNS NetFlow Collection Engine

Required Patches and Software Packages

UNIX Environment Variables

Enabling NetFlow Data Export

Starting CNS NetFlow Collection Engine

Verifying That CNS NetFlow Collection Engine Is Running

NetFlow Collection Engine Configuration Files

Browser Requirements

Stopping CNS NetFlow Collection Engine

Configuring CNS NetFlow Collection Engine

This chapter describes how to configure Cisco CNS NetFlow Collection Engine and then validate that it is operating properly.

This chapter includes the following sections:

•Required Patches and Software Packages

•UNIX Environment Variables

•UNIX Environment Variables

•Enabling NetFlow Data Export

•Starting CNS NetFlow Collection Engine

•Verifying That CNS NetFlow Collection Engine Is Running

•NetFlow Collection Engine Configuration Files

•Browser Requirements

•Stopping CNS NetFlow Collection Engine

Required Patches and Software Packages

Solaris Platform

On the Solaris platform, the following patch should be installed on the system prior to running CNS NetFlow Collection Engine:

•"32-Bit Shared library patch for C++" (108434-13 or later for Solaris 8, 111711-06 or later for Solaris 9)

Solaris patches can be downloaded at http://sunsolve.sun.com/.

Red Hat Enterprise Linux Platform

On Red Hat Enterprise Linux platform, the following packages must be installed on the system prior to running CNS NetFlow Collection Engine:

•The X Windows package must be installed for the web-based user interface to function properly. This is part of the default system configuration when Red Hat Enterprise Linux is installed; otherwise refer to Red Hat Enterprise Linux documentation for further instructions.

•For Red Hat Enterprise 3, you must ensure that the compat-libstdc++ RPM is installed on the system. This RPM is included in the Red Hat Enterprise 3 distribution CDs.

UNIX Environment Variables

In releases prior to version 5.0, the CNS NetFlow Collection Engine Installation Guide recommended setting a number of environment variables, such as NFC_DIR and NFC_RESOURCEFILE. These settings should be removed from the environment for this release prior to installing and running CNS NetFlow Collection Engine. The environment is automatically determined by startup scripts in the 5.0 release.

Enabling NetFlow Data Export

Because of the configuration differences between routers and switches, any detailed configuration description for either type of NetFlow export device is beyond the scope of this guide. At the broadest conceptual level, you must perform the following types of configuration tasks on the export devices:

•Enable NetFlow services on Cisco routers; enable Multilayer Switching (MLS) on Catalyst 5000 series switches equipped with an NFFC.

•Specify the IP address and the UDP port number used to identify CNS NetFlow Collection Engine as the receiver of exported NetFlow data. For information on configuring the UDP ports that CNS NetFlow Collection Engine uses to receive NetFlow exported data, refer to the "Creating an Aggregator" section in the Cisco CNS NetFlow Collection Engine User Guide, 5.0.3.

•Enable NetFlow data export.

For information on Cisco IOS software features related to NetFlow services on Cisco routers, see the Cisco IOS software configuration guides and command references.

For information on specific configuration commands for Cisco Catalyst 5000 series switches, see the "NetFlow Switching Enhancements" feature module in Cisco IOS release notes and feature modules.

For information on software features related to MLS on Catalyst 5000 series switches, see the Catalyst 5000 Series Multilayer Switching User Guide.

Starting CNS NetFlow Collection Engine

To start CNS NetFlow Collection Engine, you must be logged in as the user specified during installation. Beginning in version 5.0, CNS NetFlow Collection Engine executables no longer have setuid-to-bin permission.

Step 1 To run CNS NetFlow Collection Engine, log in as the user specified during installation.

Step 2 Enter the following command:
/opt/CSCOnfc/bin/nfcollector start all 
CNS NetFlow Collection Engine runs as several processes. See the "CNS NetFlow Collection Engine Architectural Overview" section on page 1-5 for details about these processes.

Note Typically, CNS NetFlow Collection Engine is started and allowed to run until there is some reason to stop it.

Verifying That CNS NetFlow Collection Engine Is Running

To verify that CNS NetFlow Collection Engine is running properly, perform the following steps.

Step 1 To display a table of CNS NetFlow Collection Engine statistics, use the web-based user interface as described in the "Status" section of the CNS NetFlow Collection Engine User Guide.

Step 2 Verify that the UDP ports that are expected to receive export data are receiving data. The status page of the web UI should indicate that flows are being received.

Step 3 Check log files in NFC_DIR/logs for error messages.

If you are receiving data on the CNS NetFlow Collection Engine UDP port and there are no error messages in the log files, CNS NetFlow Collection Engine is running properly.

You should periodically monitor the log files for error and warning messages.

NetFlow Collection Engine Configuration Files

Table 3-1 displays all of the configuration files used by CNS NetFlow Collection Engine.

Table 3-1 CNS NetFlow Collection engine Configuration Files

File

Directory

Description

nfcmem

/opt/CSCOnfc/config

Memory limits for each collector process.

nfc-config.xml

/opt/CSCOnfc/config

Collector configuration file for the user-specific configuration.

nfc-config-predefined.xml

/opt/CSCOnfc/config

Collector configuration file of predefined configuration. You should never modify this file.

nfcbgp.xml

/opt/CSCOnfc/config

BGP peer configuration file.

nfcre.xml

/opt/CSCOnfc/config

Report generator configuration file.

nfcpw.xml

/opt/CSCOnfc/config

Process watcher configuration file.

nfcifname.xml

/opt/CSCOnfc/config

SNMP interface name mapping configuration file.

dnslookup.conf

/opt/CSCOnfc/config

DNS mapping configuration file.

nfc-log4j.properties

/opt/CSCOnfc/config

Logging properties file for collector.

nfcweb-log4j.properties

/opt/CSCOnfc/config

Logging properties file for the web-based UI.

nfcpw-log4j.properties

/opt/CSCOnfc/config

Logging properties file for the process watcher.

nfcre-log4j.properties

/opt/CSCOnfc/config

Logging properties file for the report generator.

nfcxml-log4j.properties

/opt/CSCOnfc/config

Logging properties file for the CNS/XML interface.

nfcbgp-log4j.properties

/opt/CSCOnfc/config

Logging properties file for the BGP peer.

server.xml

/opt/CSCOnfc/tomcat/conf

Web server configuration file.

web.xml

/opt/CSCOnfc/tomcat/webapps/nfc/WEB-INF

Web application configuration file for web-based UI.

Browser Requirements

The CNS NetFlow Collection Engine, Release 5.0 web-based user interface is compatible with Microsoft Internet Explorer 6.0.28, and Netscape Navigator 7.0.1 on Windows or UNIX. The web-based UI requires that the browser support a Java virtual machine (JVM) to run applets. Either the Microsoft JVM or the Sun JVM can be used. For the filter editor and multi-field map editor applets to be displayed, a Sun JVM (version 1.4.1_02 or higher) must be used.

Stopping CNS NetFlow Collection Engine

To stop the CNS NetFlow Collection Engine, you must be logged in as the user specified during installation. Beginning in version 5.0, CNS NetFlow Collection Engine executables no longer have setuid-to-bin permission.

To stop CNS NetFlow Collection Engine, enter the following command to stop the CNS NetFlow Collection Engine application:

# /opt/CSCOnfc/bin/nfcollector shutdown

To immediately and ungracefully stop all CNS NetFlow Collection Engine processes, enter the following command:

# /opt/CSCOnfc/bin/nfcollector clean

Caution The nfcollector clean command does not gracefully stop the system. Any and all CNS NetFlow Collection Engine functions cease immediately. Use this command with caution. The nfcollector shutdown command is the preferred way to shut down CNS NetFlow Collection Engine.

CNS NetFlow Collection Engine subsystems can also be stopped individually. For example, only the collection subsystem is stopped by entering the following command:

# /opt/CSCOnfc/bin/nfcollector stop collection