Table Of Contents

F Commands

feature scheduler

flow exporter

flow monitor

flow record

flow timeout

F Commands

---

This chapter describes the Cisco NX-OS system management commands that begin with the letter F.

feature scheduler

To enable the scheduling of maintenance jobs, use the feature scheduler command. Maintenance jobs can be scheduled for one-time-only or at periodic intervals. Maintenance jobs include Quality of Service policy changes, data and configuration backup, etc.

To disable the scheduler, use the no form of this command.

feature scheduler

no feature scheduler

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Configuration mode

Supported User Roles

Superuser
VDC administrator

Command History

Release	Modified
4.0(1)	This command was introduced.

Usage Guidelines

You must enable the scheduler feature before you can configure a maintenance job.

This command does not require a license.

Examples

The following example shows how to enable the scheduler:

switch# config t

switch(config)# feature scheduler 

switch(config)#

The following example shows how to disable the scheduler:

switch# config t

switch(config)# no feature scheduler 

switch(config)#

Related Commands

Command	Description
scheduler	Creataes and schedules maintenance jobs.
show scheduler	Displays scheduler information.

flow exporter

To create a Flexible NetFlow flow exporter, or to modify an existing Flexible NetFlow flow exporter, and enter Flexible NetFlow flow exporter configuration mode, use the flow exporter command in global configuration mode. To remove a Flexible NetFlow flow exporter, use the no form of this command.

flow exporter exporter-name

no flow exporter exporter-name

Syntax Description

exporter-name

Name of the flow exporter that is created or modified.

Command Default

Flow exporters are not present in the configuration until you create them.

Command Modes

Global configuration

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

Flow exporters export the data in the flow monitor cache to a remote system, such as a server running NetFlow collector, for analysis and storage. Flow exporters are created as separate entities in the configuration. Flow exporters are assigned to flow monitors to provide data export capability for the flow monitors. You can create several flow exporters and assign them to one or more flow monitors to provide several export destinations. You can create one flow exporter and apply it to several flow monitors.

Once you enter the flow export configuration mode, the prompt changes to the following:

switch(config-flow-exporter)#

Within the flow export configuration mode, the following keywords and arguments are available to configure the flow exporters:

•description description—Provides a description for this flow exporter; maximum of 63 characters.

•destination {ip-addr | ipv6-addr} [use-vrf label-name]—Specifies the destination address for the collector. Enter the optional use-vrf label-name to specify a VRF. Use the following format when entering the destination address:

–ip-addr—A.B.C.D

–ipv6-addr—A:B::C:D

•dscp value—Specifies the differentiated services codepoint (DSCP) value. Range: 0 to 63.

•exit—Exits from the current configuration mode.

•no—Negates a command or sets its defaults.

•source interface—Specifies the source interface for this destination. The valid values for interface are as follows:

–ethernet mod/port—Specifies the Ethernet IEEE 802.3z interface module and port number. The ranges for the module and port number depend on the chassis used.

–loopback virtual-num—Specifies the virtual interface number. Range: 0 to 1023.

–mgmt num—Specifies the management interface number. Range: 0 to 0.

•transport udp dest-port—Specifies the transport UDP destination port. Range: 0 to 65535

•version {5 | 9}—Specifies the export version 5 or the version 9 and enters the export version configuration mode. See the version command for additional information.

This command does not require a license.

Examples

The following example creates a flow exporter named FLOW-EXPORTER-1, enters Flexible NetFlow flow exporter configuration mode, and configures the flow exporter:

switch(config)# flow exporter FLOW-EXPORTER-1

switch(config-flow-exporter)# description located in Pahrump, NV

switch(config-flow-exporter)# destination A.B.C.D

switch(config-flow-monitor)# dscp 32

switch(config-flow-monitor)# source ethernet 3/2

switch(config-flow-monitor)# transport udp 59

switch(config-flow-monitor)# version 5

Related Commands

Command	Description
clear flow exporter	Clears the flow monitor.
show flow exporter	Displays flow monitor status and statistics.

flow monitor

To create a Flexible NetFlow flow monitor, or to modify an existing Flexible NetFlow flow monitor, and enter Flexible NetFlow flow monitor configuration mode, use the flow monitor command in global configuration mode. To remove a Flexible NetFlow flow monitor, use the no form of this command.

flow monitor monitor-name

no flow monitor monitor-name

Syntax Description

monitor-name

Name of the flow monitor that is created or modified.

Command Default

Flow monitors are not present in the configuration until you create them.

Command Modes

Global configuration

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

Flow monitors are the Flexible NetFlow component that is applied to interfaces to perform network traffic monitoring. Flow monitors consist of a record that you add to the flow monitor after you create the flow monitor, and a cache that is automatically created at the time the flow monitor is applied to the first interface. Flow data is collected from the network traffic during the monitoring process based on the key and non-key fields in the record which is configured for the flow monitor and stored in the flow monitor cache.

Once you enter the flow monitor configuration mode, the prompt changes to the following:

switch(config-flow-monitor)#

Within the flow monitor configuration mode, the following keywords and arguments are available to configure the flow monitor:

•description description—Provides a description for this flow monitor; maximum of 63 characters.

•exit—Exits from the current configuration mode.

•exporter name—Specifies the name of an exporter to export records.

•no—Negates a command or sets its defaults.

•record {record-name | netflow ipv4 collection-type | netflow-original}—Specifies a flow record to use as follows:

–record-name—Name of a record.

–netflow ipv4 collection-type—Specifies the traditional IPv4 NetFlow collection schemes as follows:

original-input—Specifies the traditional IPv4 input NetFlow.

original-output—Specifies the traditional IPv4 output NetFlow

protocol-port—Specifies the protocol and ports aggregation scheme.

–netflow-original—Specifies the traditional IPv4 input NetFlow with origin autonomous systems.

The netflow-original and original-input keywords are the same and are equivalent to the following commands:

•match ipv4 source address

•match ipv4 destination address

•match ip tos

•match ip protocol

•match transport source-port

•match transport destination-port

•match interface input

•collect counter bytes

•collect counter packet

•collect timestamp sys-uptime first

•collect timestamp sys-uptime last

•collect interface output

•collect transport tcp flags

•collect routing next-hop address ipv4

•collect routing source as

•collect routing destination as

The original-output keywords are the same as original-input keywords except for the following:

•match interface output (instead of match interface input)

•collect interface input (instead of collect interface output)

This command does not require a license.

Examples

The following examples creates and configures a flow monitor named FLOW-MONITOR-1:

switch(config)# flow monitor FLOW-MONITOR-1

switch(config-flow-monitor)# description monitor location las vegas, NV

switch(config-flow-monitor)# exporter exporter-name1

switch(config-flow-monitor)# record test-record

switch(config-flow-monitor)# netflow ipv4 original-input

Related Commands

Command	Description
clear flow monitor	Clears the flow monitor.
show flow monitor	Displays flow monitor status and statistics.

flow record

To create a Flexible NetFlow flow record, or to modify an existing Flexible NetFlow flow record, and enter Flexible NetFlow flow record configuration mode, use the flow record command in global configuration mode. To remove a Flexible NetFlow flow record, use the no form of this command.

flow record record-name

no flow record record-name

Syntax Description

record-name

Name of the flow record that is created or modified.

Command Default

Flow records are not present in the configuration until you create them.

Command Modes

Global configuration

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

Flexible NetFlow uses key and non-key fields just as original NetFlow does to create and populate flows in a cache. In Flexible NetFlow a combination of key and non-key fields is called a record. Original NetFlow and Flexible NetFlow both use the values in key fields in IP datagrams, such as the IP source or destination address and the source or destination transport protocol port, as the criteria for determining when a new flow must be created in the cache while network traffic is being monitored. A flow is defined as a stream of packets between a given source and a given destination. New flows are created whenever NetFlow analyzes a packet that has a unique value in one of the key fields.

Once you enter the flow record configuration mode, the prompt changes to the following:

switch(config-flow-record)#

Within the flow record configuration mode, the following keywords and arguments are available to configure the flow record:

•collect—Specifies a non-key field. See the collect command for additional information.

•description description—Provides a description for this flow record; maximum of 63 characters.

•exit—Exits from the current configuration mode.

•match—Specifies a key field. See the match command for additional information.

•no—Negates a command or sets its defaults.

Cisco NX-OS enables the following match fields by default when you create a flow record:

•match interface input

•match interface output

•match flow direction

This command does not require a license.

Examples

The following example creates a flow record named FLOW-RECORD-1, and enters Flexible NetFlow flow record configuration mode:

switch(config)# flow record FLOW-RECORD-1

switch(config-flow-record)#

Related Commands

Command	Description
clear flow monitor	Clears the flow monitor.
flow monitor	Creates a flow monitor.
show flow monitor	Displays flow monitor status and statistics.

flow timeout

To create a Flexible NetFlow flow timeout or to modify an existing Flexible NetFlow flow timeout, use the flow timeout command in global configuration mode. To remove a Flexible NetFlow flow timeout, use the no form of this command.

flow timeout {active seconds | aggressive threshold percentage | fast seconds | inactive seconds | session}

no flow timeout {active seconds | aggressive threshold percentage | fast seconds | inactive seconds | session}

Syntax Description

active seconds	Specifies the active or long timeout in seconds. Range: 60 to 4092. Default: 1800.
aggressive threshold percentage	Specifies percentage of NetFlow table content. Range 50 to 99.
fast seconds	Specifies the fast aging timeout in seconds. Range: 32 to 512. Default: 15.
inactive seconds	Specifies the inactive or normal timeout in seconds. Range: 15 to 4092. Default: 15.
session	Enables TCP session aging.

Command Default

The default settings are as follows:

•Active timeout—1800 seconds

•Aggressive aging timeout—Disabled

•Fast timeout—Disabled; if enabled, default is 15 seconds.

•Inactive timeout—15 seconds

•Session aging timeout—Disabled

Command Modes

Global configuration

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

The active timeout is amount of time to wait before sending flow information about an active session. The flow is not removed from the cache after this timeout; however, the packet count, byte count and timestamps are reset.

The aggressive timeout only affects hardware caches and is used when flows are being received faster than expected. If flows are being received faster than the threshold, they are aged out of the cache.

The fast timeout specifies when an inactive flow should be aged out.

The inactive timeout is used for Transmission Control Protocol (TCP) sessions that receive no more data from sender (FIN) followed by an acknowledgment field is significant (ACK) or a reset (RST) packet being received. This indicates the session is over and the flow can be aged out.

This command does not require a license.

Examples

The following example shows how to specify the active or long timeout in seconds:

switch(config)# flow timeout active 60

switch(config)# 

The following example shows how to specify the percentage of the NetFlow table content:

switch(config)# flow timeout aggressive threshold 60

switch(config)# 

The following example shows how to specify the fast aging timeout in seconds:

switch(config)# flow timeout fast 60

switch(config)# 

The following example shows how to specify the inactive or normal timeout in seconds:

switch(config)# flow timeout inactive 82

switch(config)# 

The following example shows how to enable TCP session aging:

switch(config)# flow timeout session

switch(config)# 

Related Commands

Command	Description
flow record	Creates a flow exporter.
clear flow monitor	Clears the flow monitor.
flow monitor	Creates a flow monitor.
show flow monitor	Displays flow monitor status and statistics.