The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This module provides command line interface (CLI) commands for configuring NetFlow on the Cisco XR 12000 Series Router.
To configure the number of entries in the monitor map flow cache, enter the cache entries command in flow monitor map configuration mode. To remove a configured number of entries and return the cache to the default configuration, use the no form of this command.
cache entries number
no cache entries number
number |
Number of entries in the flow cache. Replace the number argument with the number of flow entries allowed in the flow cache. Range is from 4096 through 1000000. |
number : 65535
Flow monitor map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure the number of entries in the monitor map flow cache to be 10000:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# cache entries 10000
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To disable the removal of entries from the monitor map flow cache, enter the cache permanent command in flow monitor map configuration mode. To re-enable the removal of entries from the flow cache, use the no form of this command.
cache permanent
no cache permanent
This command has no keywords or arguments.
The removal of entries from the monitor map flow cache is enabled.
Flow monitor map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to disable the removal of entries from the monitor map flow cache:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)#flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# cache permanent
This example shows how to re-enable the removal of entries from the monitor map flow cache:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# no cache permanent
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To configure the active, inactive, and update flow cache timeout, enter the cache timeout command in flow monitor map configuration mode. To remove the configured timeout value and return the cache to its default timeout value, use the no form of this command.
cache timeout { active | inactive | update } timeout_value
no cache timeout { active | inactive | update } timeout_value
active |
Specifies the active flow timeout. |
inactive |
Specifies the inactive flow timeout. |
update |
Specifies the update timeout. |
timeout_value |
Timeout value for the specified keyword ( active , inactive , or update ), in seconds. Range is from 1 through 604800. |
For active timeout, the default value is 1800 seconds.
For inactive timeout, the default value is 15 seconds.
For update timeout, the default value is 1800 seconds.
Flow monitor map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Note | The inactive timeout value should be smaller than the active timeout value. The update keyword is used for permanent caches only. It specifies the timeout value that is used to export entries from permanent caches. In this case, the entries are exported but remain the cache. |
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to set the active timeout for the monitor map cache to 200,000 seconds:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# cache timeout active 200000
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To export flow exporter templates to the collector or restart the flow exporter statistics collector, enter the clear flow exporter command in EXEC mode.
clear flow exporter [fem-name] { restart | statistics } location node-id
fem-name |
(Optional) Flow exporter name. |
restart |
Exports all of the current templates to the collector. |
statistics |
Clears the exporter statistics. |
location node-id |
Identifies the node whose flow exporter statistics you want to clear, or whose flow exporter statistics collector you want to restart. The node-id argument is expressed in the rack/slot/module notation. |
No default behavior or values
EXEC
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
basic-services |
read, write |
netflow |
read, write |
This example exports all templates to the collector:
RP/0/0/CPU0:router# clear flow exporter restart location 0/0/SP
Restart exporter all locations. Continue? [confirm]
This example shows how to clear flow exporter statistics on a specific node:
RP/0/0/CPU0:router# clear flow exporter statistics location 0/0/CPU0
Clear statistics for all exporters on the location. Continue? [confirm]
Command | Description |
| Creates a flow exporter map |
| Displays flow exporter data |
To clear the flow monitor data, enter the clear flow monitor command in EXEC mode.
clear flow monitor [name] cache [ force-export | statistics ] location node-id
name |
(Optional) Identifies a specific cache you want to clear. |
cache |
Clears all cache related information. |
force-export |
(Optional) Forces the export of flow records on flushing the cache on the specified node. |
statistics |
(Optional) Clears cache statistics on a specific node. |
location node-id |
Node whose flow monitor you want to clear. The node-id argument is expressed in the rack/slot/module notation. |
None
EXEC
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to clear the cache-related flow records on a specific node:
RP/0/0/CPU0:router# clear flow monitor cache force-export location 0/0/CPU0
Clear cache entries for this monitor on this location. Continue? [confirm]
Command | Description |
| Creates and configures a flow monitor map |
| Displays flow monitor map data. |
To configure the collector export destination, enter the destination command in flow exporter map configuration mode. To remove a configured export destination, use the no form of this command.
destination hostname_or_IP_address [ vrf vrf_name]
no destination hostname_or_IP_address [ vrf vrf_name]
hostname_or_IP_address |
Specify the export destination for the current flow exporter map. Enter the hostname or destination IP address in the A.B.C.D format. |
vrf vrf_name | (Optional) Specify the name of the VRF that is used to reach export destination. This is an optional keyword. If the vrf keyword is specified, then the destination is searched in the VRF that is specified (vrf_name). If the vrf keyword is not specified then, the destination is searched in the default routing table. |
None
Flow exporter map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.4.0 |
This command was moved to the flow exporter map configuration mode. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure the flow exporter map export destination to be a specific IP address:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)# destination 172.18.189.38
Command | Description |
| Creates a flow exporter map |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
To configure the differentiated services codepoint (DSCP) value for export packets, enter the dscp command in flow exporter map configuration mode. To remove a configured DSCP value, use the no form of this command.
dscp dscp_value
no dscp dscp_value
dscp_value |
Specifies the DSCP value for export packets. Replace dscp_value with a number. Range is from 0 through 63. |
None
Flow exporter map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.4.0 |
This command was moved to the flow exporter map configuration mode. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure the DSCP value for export packets to be 30:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)# dscp 30
Command | Description |
| Creates a flow exporter map |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
To associate a flow exporter map with the current flow monitor map, enter the exporter command in flow monitor map configuration mode. To remove an associated flow exporter map from a flow monitor map, use the no form of this command.
exporter map_name
no exporter map_name
map_name |
Name of the flow exporter map you want to associate with the current flow monitor map. The exporter map name can be a maximum of 32 characters.
|
None
Flow monitor map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.4.0 |
NetFlow was updated so that a single flow monitor map supports up to 8 exporters. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to associate a flow exporter map called “fem_1” with the current flow monitor map:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# exporter fem_1
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To specify a flow monitor map and a sampler map for the packets on an interface, use the flow command in interface configuration mode. To remove a configured flow monitor map, use the no form of this command.
flow [ ipv4 | ipv6 | mpls ] monitor name sampler name { egress | ingress }
no flow [ ipv4 | ipv6 | mpls ] monitor name sampler name { egress | ingress }
ipv4 |
Enables IPV4 NetFlow on the specified interface. |
ipv6 |
Enables IPV6 NetFlow on the specified interface. |
mpls |
Enables Multiprotocol Label Switching (MPLS)-aware NetFlow on the specified interface. |
monitor name |
Specifies the name of the flow monitor map you want to specify for IPv4, IPv6, or MPLS packets. |
sampler name |
Name of the sampler map you want to apply to the flow monitor map. |
egress |
Applies the flow monitor map on outgoing packets. |
ingress |
Applies the flow monitor map on incoming packets. |
None
Interface configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.5.0 |
The mpls keyword was added to the flow command to support MPLS-aware NetFlow. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to enable IPv4 NetFlow on a Bridge-group virtual interface, and then apply the flow monitor map on incoming and outgoing IPv4 packets:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# interface BVI 1 RP/0/0/CPU0:router(config-if)# flow ipv4 monitor NMS sampler NMS ingress RP/0/0/CPU0:router(config-if)# flow ipv4 monitor NMS sampler NMS egress
This example shows how to enable IPv6 NetFlow on a Bridge-group virtual interface, and then apply the flow monitor map on incoming and outgoing IPv6packets:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# interface BVI 1 RP/0/0/CPU0:router(config-if)# flow ipv6 monitor NMS sampler NMS ingress RP/0/0/CPU0:router(config-if)# flow ipv6 monitor NMS sampler NMS egress
Command | Description |
| Creates and configures a flow monitor map |
| Displays flow monitor map data. |
To create a flow exporter map and enter flow exporter map configuration mode, use the flow exporter-map command in global configuration mode. To remove a configured flow exporter map, use the no form of this command.
flow exporter-map fem-name
no flow exporter-map fem-name
fem-name |
Creates a new exporter map name, or specifies the name of an existing exporter map. |
None
Global configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
When you issue the flow exporter-map fem-name command in global configuration mode, the CLI prompt changes to “config-fem,” indicating that you have entered the flow exporter map configuration submode.
In this sample output, the question mark ( ? ) online help function displays all the commands available under flow exporter map configuration submode:
RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)# ? RP/0/0/CPU0:routerconfig-fem)#? clear Clear the uncommitted configuration commit Commit the configuration changes to running describe Describe a command without taking real actions destination Export destination configuration do Run an exec command dscp Specify DSCP value for export packets exit Exit from this submode no Negate a command or set its defaults pwd Commands used to reach current submode root Exit to the global configuration mode show Show contents of configuration source Source interface transport Specify the transport protocol for export packets version Specify export version parameters
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to create a flow exporter map called “map1,” and then enter the flow exporter map configuration submode for that map:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)#
Command | Description |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
To create and configure a flow monitor map and enter flow monitor map configuration submode, use the flow monitor-map command in global configuration mode. To remove a configured flow monitor map, use the no form of this command:
flow monitor-map map_name
no flow monitor-map map_name
map_name |
New monitor map name, or specifies the name of an existing monitor map. The monitor map name can be a maximum 32 characters. |
None
Global configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.4.0 |
NetFlow was updated so that a single flow monitor map supports up to 8 exporters. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
When you issue the flow monitor-map map_name command in global configuration mode, the CLI prompt changes to “config-fmm,” indicating that you have entered the flow monitor map configuration submode. In the following sample output, the question mark ( ? ) online help function displays all the commands available under flow monitor map configuration submode:
RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)#? cache Specify flow cache attributes clear Clear the uncommitted configuration commit Commit the configuration changes to running describe Describe a command without taking real actions do Run an exec command exit Exit from this submode exporter Specify flow exporter map name no Negate a command or set its defaults pwd Commands used to reach current submode record Specify a flow record map name root Exit to the global configuration mode show Show contents of configuration
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to enter flow monitor map configuration mode for a monitor map called “map1:”
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)#
Command | Description |
| Clears the flow monitor data |
| Specifies a flow monitor map |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To export the tables in the options template and specify export timeout values, enter the options command in flow exporter map version configuration mode. To return the options template to its default configuration values, use the no form of this command.
options { interface-table | sampler-table } [ timeout seconds ]
no options { interface-table | sampler-table } [ timeout seconds ]
interface-table |
Export the interface table. |
sampler-table |
Exports the sampler table. |
timeout seconds |
Specifies the export timeout value. Replace seconds with the export timeout value. Range is from 1 through 604800 seconds. |
Without options command, the default value for timeout is 0 seconds, which means that the template options are not exported by default. Where as when options command is used without mentioning any timeout, default timeout is 1800 seconds.
Flow exporter map version configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to export the timeout in the interface table to the options template.
RP/0/0/CPU0:router(config)# flow exporter-map f1 RP/0/0/CPU0:router(config-fem)# version v9 RP/0/0/CPU0:router(config-fem)# options interface-table timeout 45
Command | Description |
| Creates a flow exporter map |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
To configure the packet sampling interval for a monitor map, use the random 1 out-of command in sampler map configuration submode. To remove a configured sampling interval and return to the default sampling interval, use the no form of this command. The limit of sampling rate values per line card per direction is 4, and limit of total samplers per line card per direction is 16.
random 1 out-of number_of_packets
no random 1 out-of number_of_packets
number_of_packets |
Sampling interval in units of packets. Replace the number_of_packets argument with a number. Range is from 1 through 65535 units. |
There is no default value to number_of_packets . However, for optimal performance, the recommended value for number_of_packets is 10000.
Sampler map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure the sampler map to randomly sample 1 out of every 10 packets:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# sampler map1 RP/0/0/CPU0:router(config-sm)# random 1 out-of 10
To activate an IPv4 flow record, use the record ipv4 command in flow monitor map configuration mode. To deactivate the flow record, use the no form of this command.
record ipv4 [ peer-as | destination ]
no record ipv4
peer-as |
(Optional) Records peer AS.The Border Gateway Protocol (BGP) AS is not collected unless the bgp attribute download command is configured. |
destination |
(Optional) Records IPv4 destination based NetFlow accounting. |
The default is that no IPv4 flow record is enabled.
Flow monitor map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.7.0 |
The destination keyword was added to support destination-based NetFlow accounting. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The BGP AS is not collected unless the bgp attribute download command is configured.
The record ipv4 command exports the BGP AS information in the following format:
bgpSourceAsNumber
bgpDestinationAsNumber
The record ipv4 peer-as command exports the adjacent BGP AS information in the following format:
bgpPrevAdjacentAsNumber
bgpNextAdjacentAsNumber
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure an IPv4 flow record:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# record ipv4
This example shows how to configure an IPv4 flow record for destination-based NetFlow accounting:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# record ipv4 destination RP/0/0/CPU0:router(config-fmm)# exit RP/0/0/CPU0:router(config)# interface Gigabit Ethernet 0/0/0/0 RP/0/0/CPU0:router(config-if)# flow ipv4 monitor monitor1 ingress RP/0/0/CPU0:router(config-if)# end
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Configures the flow record map name for IPv6 |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To configure the flow record map name for IPv6, use the record ipv6 command in flow monitor map configuration mode. To remove the configured name from a flow record, use the no form of this command.
record ipv6
no record ipv6
peer-as |
Records peer AS. |
The default is that originating AS numbers are recorded.
Flow monitor map configuration
Release |
Modification |
---|---|
Release 4.0.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure the flow record map name for IPv6:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# record ipv6
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Activates an IPv4 flow record |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To configure the flow record map name for MPLS, use the record mpls command in flow monitor map configuration mode. To remove the configured name from a flow record, use the no form of this command.
record mpls [ipv4-fields] [ipv6-fields] [ipv4-ipv6-fields] [ labels number ]
no record mpls [ipv4-fields] [ipv6-fields] [ipv4-ipv6-fields] [ labels number ]
ipv4-fields |
(Optional) Collects IPv4 fields in the MPLS-aware Netflow when the payload of the MPLS packet has IPv4 fields. It also collects MPLS traffic with no IPv4 payload, but the IPv4 fields are set to zero. |
ipv6-fields |
(Optional) Collects IPv6 fields in the MPLS-aware Netflow when the payload of the MPLS packet has IPv6 fields. It also collects MPLS traffic with no IPv6 payload, but the IPv6 fields are set to zero. |
ipv4-ipv6-fields |
(Optional) Collects IPv4 and IPv6 fields in the MPLS-aware Netflow when the payload of the MPLS packet has either IPv4 fields or IPv6 fields. It also collects MPLS traffic with no IPv4 or IPv6 payload, but those fields are set to zero. |
labels number |
(Optional) Configures the number of labels that are used in hashing. The number argument is the number of labels that are used in hashing. The range is from 1 to 6. |
The default is no IPV4 fields and six labels.
Flow monitor map configuration
Release |
Modification |
---|---|
Release 3.5.0 |
This command was introduced. |
Release 4.0.0 |
IPv6 and IPv4-IPv6 fields were added. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
In Cisco IOS XR software, you can have only one MPLS flow monitor running on an interface at a time. If you apply an additional MPLS flow monitor to the interface, the new flow monitor overwrites the existing one.
You can configure the MPLS flow monitor to collect IPv4 fields, IPv6 fields, or both types of fields.
Task ID |
Operations |
---|---|
netflow |
read, write |
This configuration allows you to collect only MPLS fields. No payload information is collected.
RP/0/0/CPU0:router(config)# flow monitor-map MPLS-fmm RP/0/0/CPU0:router(config-fmm)# record mpls labels 3 RP/0/0/CPU0:router(config-fmm)# cache permanent RP/0/0/CPU0:router(config)# exit RP/0/0/CPU0:router(config)# interface Gigabit Ethernet 0/0/0/0 RP/0/0/CPU0:router(config-if)# flow mpls monitor MPLS-fmm sampler fsm ingress
This configuration allows you to collect MPLS traffic with IPv4 fields. It also collects MPLS traffic with no IPv4 payload, but the IPv4 fields are set to zero.
RP/0/0/CPU0:router(config)# flow monitor-map MPLS-IPv4-fmm RP/0/0/CPU0:router(config-fmm)# record mpls IPv4-fields labels 3 RP/0/0/CPU0:router(config-fmm)# cache permanent RP/0/0/CPU0:router(config-fmm)# exit RP/0/0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0 RP/0/0/CPU0:router(config-if)# flow mpls monitor MPLS-IPv4-fmm sampler fsm ingress
This configuration allows you to collect MPLS traffic with IPv6 fields. It also collects MPLS traffic with no IPv6 payload, but the IPv6 fields are set to zero.
RP/0/0/CPU0:router(config)# flow monitor-map MPLS-IPv6-fmm RP/0/0/CPU0:router(config-fmm)# record mpls IPv6-fields labels 3 RP/0/0/CPU0:router(config-fmm)# cache permanent RP/0/0/CPU0:router(config-fmm)# exit RP/0/0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0 RP/0/0/CPU0:router(config-if)# flow mpls monitor MPLS-IPv6-fmm sampler fsm ingress
This configuration allows you to collect MPLS traffic with both IPv6 and IPv4 fields. It also collects MPLS traffic with no IPv4 or IPv6 payload, but those fields are set to zero.
RP/0/0/CPU0:router(config)# flow monitor-map MPLS-IPv4-IPv6-fmm RP/0/0/CPU0:router(config-fmm)# record mpls IPv4-IPv6-fields labels 3 RP/0/0/CPU0:router(config-fmm)# cache permanent RP/0/0/CPU0:router(config-fmm)# exit RP/0/0/CPU0:router(config)# interface gigabitEthernet 0/0/0/0 RP/0/0/CPU0:router(config-if)# flow mpls monitor MPLS-IPv4-IPv6-fmm sampler fsm ingress
This example shows how to configure three labels for hashing:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow monitor-map map1 RP/0/0/CPU0:router(config-fmm)# record mpls labels 3
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Activates an IPv4 flow record |
| Displays flow monitor cache data in various formats. |
| Displays flow monitor map data. |
To enter sampler map configuration submode for a specific monitor map, use the sampler-map command in global configuration mode. To remove a configured sampler map, use the no form of this command.
sampler-map map_name
no sampler-map map_name
map_name |
Name of the sampler map you want to configure. The sampler map name can be a maximum 32 characters. |
None
Global configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
When you issue the sampler-map map_name command in global configuration mode, the CLI prompt changes to “config-sm,” indicating that you have entered the sampler map configuration submode. In this sample output, the question mark ( ? ) online help function displays all the commands available under sampler map configuration submode:
RP/0/0/CPU0:router(config)# sampler-map test RP/0/0/CPU0:router(config-sm)# ? clear Clear the uncommitted configuration commit Commit the configuration changes to running describe Describe a command without taking real actions do Run an exec command exit Exit from this submode no Negate a command or set its defaults pwd Commands used to reach current submode random Use random mode for sampling packets root Exit to the global configuration mode show Show contents of configuration
These restrictions prevent the NetFlow processes from using up all of the available CPU:
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to use the sampler-map command to enter sampler map configuration submode for the monitor map called “map1:”
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# sampler-map map1 RP/0/0/CPU0:router(config-sm)#
Command | Description |
| Specifies a flow monitor map |
To display flow exporter data, enter the show flow exporter command in EXEC mode.
show flow exporter [exporter_name] location node-id
exporter_name |
Identifies the flow exporter whose data you want to display. |
||
location node-id |
Location where the cache resides. The node-id argument is expressed in the rack/slot/module notation.
|
None
EXEC
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read |
This example shows how to display flow exporter map data:
RP/0/0/CPU0:router# show flow exporter fem1 location 0/0/CPU0
Flow Exporter: NFC
Used by flow monitors: fmm4
Status: Normal
Transport UDP
Destination 12.24.39.0 (50001)
Source 12.25.54.3 (5956)
Flows exported: 0 (0 bytes)
Flows dropped: 0 (0 bytes)
Templates exported: 1 (88 bytes)
Templates dropped: 0 (0 bytes)
Option data exported: 0 (0 bytes)
Option data dropped: 0 (0 bytes)
Option templates exported: 2 (56 bytes)
Option templates dropped: 0 (0 bytes)
Packets exported: 3 (144 bytes)
Packets dropped: 0 (0 bytes)
Total export over last interval of:
1 hour: 0 pkts
0 bytes
0 flows
1 minute: 3 pkts
144 bytes
0 flows
1 second: 0 pkts
0 bytes
0 flows
Field |
Description |
---|---|
Id |
Identifies the flow exporter map. |
Used by flow monitors |
Name of the flow monitors associated with the specified flow exporter map. |
Status |
Status of the exporter. |
Destination |
Export destination address the current flow exporter map. |
Flows exported |
Flows exported, in bytes. |
Flows dropped |
Flows dropped, in bytes. |
Templates exported |
Templates exported, in bytes. |
Templates dropped |
Templates dropped, in bytes. |
Option data exported |
Option data exported, in bytes. |
Option data dropped |
Option data dropped, in bytes. |
Option templates exported |
Option templates exported, in bytes. |
Option templates dropped |
Option templates dropped, in bytes. |
Packets exported: |
Packets exported, in bytes. |
Packets dropped |
Packets dropped, in bytes. |
Average export rate over interval of last: |
Average export rate, in bytes/pkts. Information is displayed for intervals of the last hour, minute, and second. |
To display flow exporter map information for a specific node, enter the show flow exporter-map command in EXEC mode.
show flow exporter-map [name]
name |
Name of the exporter map whose information you want to display. |
None
EXEC
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read |
This example shows how to display flow exporter map information:
RP/0/0/CPU0:router# show flow exporter-map map1
Flow Exporter Map : map1
-------------------------------------------------
Id : 2
DestinationIpAddr : 10.1.1.1
SourceIfName : Loopback0
SourceIpAddr : 10.1.1.1
DSCP : 10
TransportProtocol : UDP
TransportDestPort : 1024
Export Version: 9
Common Template Timeout : 1800 seconds
Options Template Timeout : 1800 seconds
Data Template Timeout : 600 seconds
Interface-Table Export Timeout : 1800 seconds
Sampler-Table Export Timeout : 0 seconds
Field |
Description |
||||
---|---|---|---|---|---|
Id |
Identifies the flow exporter map. |
||||
DestinationIpAddr |
Exports destination configuration. |
||||
SourceIfName |
Source interface for this exporter map. You can specify the source interface with the flow exporter-map command. |
||||
SourceIpAddr |
IP address of the source interface (SourceIfName). |
||||
DSCP |
Differentiated services codepoint (DSCP) value for export packets.
|
||||
TransportProtocol |
Displays the configured transport protocol.
|
||||
TransportDestPort |
Displays the configured destination port for UDP packets. |
||||
Export Version |
Displays the configured export format.
|
||||
Common Template Timeout |
Displays the configured common template timeout. |
||||
Options Template Timeout |
Displays the configured options template timeout.
|
||||
Data Template Timeout |
Displays the configured data template timeout.
|
||||
Interface-Table Export Timeout |
Displays the export timeout value for the interface table.
|
||||
Sampler-Table Export Timeout |
Displays the export timeout value for the sampler table.
|
Command | Description |
| Exports flow exporter templates to the collector |
| Creates a flow exporter map |
| Displays flow exporter data |
To display flow monitor cache data in various formats, enter the show flow monitor command in EXEC mode.
To match on Access Control Lists (ACLs) and one or more fields:
show flow monitor monitor-name cache match { ipv4 { acl name | source-address match-options | destination-address match-options | protocol match-options | tos match-options } | ipv6 { acl name | source-address match-options | destination-address match-options | protocol match-options | tc match-options } | layer4 { source-port-overloaded match-options | destination-port-overloaded match-options | tcp-flags match-flags-options } | bgp { source-as match-options | destination-as match-options } | interface { ingress match-if-options | egress match-if-options } | timestamp { first match-options | last match-options } | counters { byte match-options | packets match-options } | misc { forwarding-status match-options | direction match-dir-options } }
To sort flow record information according to a particular field:
show flow monitor monitor-name cache sort { ipv4 { source-address | destination-address | tos | protocol } | ipv4 { source-address | destination-address | tc | protocol } | mpls { label-2 | label-3 | label-4 | label-5 | label-6 | label-type | prefix | top-label } | layer4 { source-port-overloaded | destination-port-overloaded } | bgp { source-as | destination-as } | timestamp { first | last } | counters { bytes | packets } | misc { forwarding-status | direction } { top | bottom } [entries] }
To include or exclude one or more fields in the show flow monitor command output:
show flow monitor monitor-name cache { include | exclude } { ipv4 { source-address | destination-address | tos | protocol } | ipv6 { source-address | destination-address | tc | flow-label | option-headers | protocol } | mpls { label-2 | label-3 | label-4 | label-5 | label-6 | top-label } | layer4 { source-port-overloaded | destination-port-overloaded } | bgp { source-as | destination-as } | timestamp { first | last } | counters { bytes | packets } | misc { forwarding-status match-options | direction match-dir-options } }
To display summarized flow record statistics:
show flow monitor monitor-name cache summary location node-id
To display only key field, packet, and byte information for the flow records:
show flow monitor monitor-name cache brief location node-id
To display flow record information for a particular node only:
show flow monitor monitor-name cache location node-id
If you specified the show flow monitor monitor-name cache match command to match on ACL and one or more fields:
None
EXEC
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 4.0.0 |
Command was modified to add support for IPv6 and IPv6-aware MPLS fields. The interface keyword options were removed. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Note | To collect source and destination AS information, you must enable BGP on the relevant BGP AFI/SAFI. Unless this is done, all AS numbers in the flow records are displayed as 0. |
Keep these information in mind when using the show flow monitor command:
RP/0/0/CPU0:router# show flow monitor map1 cache summary ?
brief Show just the key fields
exclude Exclude field
format Display format
include Include field
location Specify a location
match Match criteria
sort Sorting criteria
Task ID |
Operations |
---|---|
netflow |
read |
This example shows how to display flow monitor data for a specific monitor map cache in the location 0/0/CPU0 :
RP/0/0/CPU0:router# show flow monitor fmm2 cache loc 0/0/CPU0
Cache summary for Flow Monitor fmm2:
Cache size: 65535
Current entries: 4
High Watermark: 62258
Flows added: 4
Flows not added: 0
Ager Polls: 60
- Active timeout 0
- Inactive timeout 0
- TCP FIN flag 0
- Watermark aged 0
- Emergency aged 0
- Counter wrap aged 0
- Total 0
Periodic export:
- Counter wrap 0
- TCP FIN flag 0
Flows exported 0
Matching entries: 4
IPV4SrcAddr IPV4DstAddr L4SrcPort L4DestPort BGPDstOrigAS BGPSrcOrigAS IPV4DstPrfxLen
IPV4SrcPrfxLen IPV4Prot IPV4TOS InputInterface OutputInterface L4TCPFlags ForwardStatus
ForwardReason FirstSwitched LastSwitched ByteCount PacketCount Dir Sampler ID
17.17.17.2 18.18.18.2 0 0 0 0 24 24 $
61 normal HundredGigE /0/0/8 HundredGigE 0/0/0/12 0 Fwd 0 00
00:02:43:800 00 00:02:49:980 37200 620 In 0
18.18.18.2 17.17.17.2 0 0 0 0 24 24 $
61 normal HundredGigE 0/0/0/12 HundredGigE 0/0/0/8 0 Fwd 0 00
00:02:43:791 00 00:02:49:980 37200 620 In 0
17.17.17.2 18.18.18.2 0 0 0 0 24 0 $
61 normal HundredGigE 0/0/0/8 HundredGigE 0/0/0/12 0 Fwd 0 00
00:02:43:798 00 00:02:49:980 34720 620 Out 0
18.18.18.2 17.17.17.2 0 0 0 0 24 0 $
61 normal HundredGigE 0/0/0/12 HundredGigE 0/0/0/8 0 Fwd 0 00
00:02:43:797 00 00:02:49:980 34720 620 Out 0
L4SrcPort L4DestPort BGPDstOrigAS BGPSrcOrigAS IPV4DstPrfxLen
Field |
Description |
---|---|
Cache summary for Flow Monitor fmm2 |
Displays general cache information for the specified flow monitor. The following information is displayed |
Ager Polls |
Displays the following ager statistics: |
Periodic export |
|
Cache summary for Flow Monitor fmm2 |
Displays general cache information for the specified flow monitor. The following information is displayed |
FirstSwitched |
Displays the system uptime at which the first packet of this flow was switched. The display format is days hours:minutes:seconds:milliseconds |
LastSwitched |
Displays the system uptime at which the last packet of this flow was switched. The display format is days hours:minutes:seconds:milliseconds |
To display flow monitor map data, enter the show flow monitor-map command in EXEC mode.
show flow monitor-map map-name
map-name |
Name of the monitor map whose data you want to display. |
None
EXEC
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.4.1 |
The ipv4-raw record map name was replaced with ipv4. |
Release 3.5.0 |
The show flow monitor-map command output was modified to include raw MPLS, and IPv4-aware MPLS information. |
Release 4.0.0 |
The show flow monitor-map command output was modified to include IPv6 and IPv6-aware MPLS information |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read |
This example shows how to display monitor-map data for a specific flow:
RP/0/0/CPU0:router# show flow monitor-map map1
Flow Monitor Map : map1
-------------------------------------------------
Id: 1
RecordMapName: ipv4
ExportMapName: NFC
CacheAgingMode: Permanent
CacheMaxEntries: 10000
CacheActiveTout: N/A
CacheInactiveTout: N/A
CacheUpdateTout: 60 seconds
Field |
Description |
||
---|---|---|---|
Flow Monitor Map |
Name of the flow monitor map whose information is display in the show flow monitor-map command output. |
||
Id |
Number that identifies the flow monitor map. |
||
RecordMapName |
Name of the flow record map that is associated with this monitor map. The RecordMapName indicates the type of packets NetFlow captures as they leave the router. |
||
ExportMapName |
Name of the export map that is associated with this monitor map. |
||
CacheAgingMode |
Current aging mode configured on this cache.“Permanent” indicates that the removal of entries from the monitor map flow cache is disabled.
|
||
CacheMaxEntries |
Number of flow entries currently allowed in the flow cache before the oldest entry is removed.
|
||
CacheActiveTout |
Active flow timeout configured for this cache, in seconds.
|
||
CacheInactiveTout |
Inactive flow timeout configured for this cache, in seconds.
|
||
CacheUpdateTout |
Update timeout configured for this cache, in seconds.
|
This example shows how to display monitor-map data for a specific IPv6 flow:
RP/0/0/CPU0:router# show flow monitor-map map2
Tue Jan 22 00:15:53.424 PST
Flow Monitor Map : map2
-------------------------------------------------
Id: 1
RecordMapName: ipv6-destination
CacheAgingMode: Normal
CacheMaxEntries: 65535
CacheActiveTout: 1800 seconds
CacheInactiveTout: 15 seconds
CacheUpdateTout: N/A
Command | Description |
| Clears the flow monitor data |
| Creates and configures a flow monitor map |
| Specifies a flow monitor map |
| Activates an IPv4 flow record |
| Configures the flow record map name for IPv6 |
| Configures the flow record map name for MPLS |
To display sampler map information, enter the show sampler-map command in EXEC mode.
show sampler-map [sampler-name]
sampler-name |
Identifies the sampler map whose information you want to display. |
None
EXEC
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read |
This example shows how to display sampler map information for a router:
RP/0/0/CPU0:router# show sampler-map map1
Sampler Map : map1
-------------------------------------------------
Id: 1
Mode: Random (1 out of 100 Pkts)
Field |
Description |
||
---|---|---|---|
Id |
Flow sampler map identifier. |
||
Mode |
Sampling interval in units of packet. “Random” mode is any mode that was configured with the flow monitor-map command.
|
Command | Description |
| Enter sampler map configuration submode for a specific monitor map |
| Specifies a flow monitor map |
To configure a source interface for the current collector, use the source command in flow exporter map configuration mode. To remove a configured source interface, use the no form of this command.
source type interface-path-id
no source type interface-path-id
type |
Interface type. For more information, use the question mark ( ? ) online help function. |
||
interface-path-id |
Physical interface or virtual interface.
For more information about the syntax for the router, use the question mark ( ? ) online help function. |
None
Flow exporter map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.4.0 |
This command was moved to the flow exporter map configuration mode. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
For the interface-path-id argument, use the following guidelines:
rack: Chassis number of the rack.
slot: Physical slot number of the modular services card or line card.
module: Module number. A physical layer interface module (PLIM) is always 0. Shared port adapters (SPAs) are referenced by their subslot number.
port: Physical port number of the T3 controller.
t1-num : T1 or E1 channel number. T1 channels range from 1 to 24; E1 channels range from 1 to 31.
channel-group-number : Time slot number. T1 time slots range from 1 to 24; E1 time slots range from 1 to 31. The channel-group-number is preceded by a colon and not a slash.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure a physical interface as a source for the current collector:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)# source GigabitEthernet 0/1/0/0
This example shows how to configure a virtual interface as a source for the current collector. In this example, the source is an Ethernet bundle:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)# source Bundle-Ether 1
Command | Description |
| Creates a flow exporter map |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
| Displays flow exporter map information for a specific node. |
To configure the export timeout value for the data and options templates, enter the template command in flow exporter map version configuration mode. To remove a configured template export timeout value, use the no form of this command.
template [ data | options ] timeout seconds
no template [ data | options ] timeout seconds
data |
(Optional) Specifies the data template. |
options |
(Optional) Specifies the options template. |
timeout seconds |
Configures the timeout value for the specified template, or for both the data and options templates. Replace seconds with the export timeout value. Range is from 1 through 604800 seconds. |
Default timeout value for data and options template is 1800 seconds.
Flow exporter map version configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure the export timeout value for the data template to be 300 seconds:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map fem1 RP/0/0/CPU0:router(config-fem)# version v9 RP/0/0/CPU0:router(config-fem-ver)# template data timeout 300
Command | Description |
| Creates a flow exporter map |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
| Displays flow exporter map information for a specific node. |
To configure the destination port for User Datagram Protocol (UDP) packets, enter the transport udp command in flow exporter map configuration mode. To remove a configured destination port, use the no form of this command.
transport udp port_value
no transport udp port_value
port_value |
Destination port for UDP packets. Replace port with the destination port value. Range is from 1024 through 65535. |
None
Flow exporter map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
Release 3.4.0 |
This command was moved to the flow exporter map configuration mode. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to configure the destination port for UDP packets:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)# transport udp 1030
Command | Description |
| Creates a flow exporter map |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
| Displays flow exporter map information for a specific node. |
To enter flow exporter map version configuration submode so that you can configure export version parameters, enter the version v9 command in flow exporter map configuration mode. To remove the current export version configuration and return to the default configuration, use the no form of this command.
version v9
no version v9
This command has no keywords or arguments.
None
Flow exporter map configuration
Release |
Modification |
---|---|
Release 3.3.0 |
This command was introduced. |
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
When you issue the version v9 command, the CLI prompt changes to “config-fem-ver,” indicating that you have entered flow exporter map version configuration submode. In this sample output, the question mark ( ? ) online help function displays all the commands available under flow exporter map version configuration submode:
RP/0/0/CPU0:router(config-fem)# version v9 RP/0/0/CPU0:router(config-fem-ver)#? clear Clear the uncommitted configuration commit Commit the configuration changes to running describe Describe a command without taking real actions do Run an exec command exit Exit from this submode no Negate a command or set its defaults options Specify export of options template pwd Commands used to reach current submode root Exit to the global configuration mode show Show contents of configuration template Specify template export parameters
Task ID |
Operations |
---|---|
netflow |
read, write |
This example shows how to enter flow exporter map version configuration submode:
RP/0/0/CPU0:router# configure RP/0/0/CPU0:router(config)# flow exporter-map map1 RP/0/0/CPU0:router(config-fem)# version v9 RP/0/0/CPU0:router(config-fem-ver)#
Command | Description |
| Creates a flow exporter map |
| Creates and configures a flow monitor map |
| Displays flow exporter data |
| Displays flow exporter map information for a specific node. |