Flexible NetFlow uses flows to provide statistics for
accounting, network monitoring, and network planning.
A flow is a
unidirectional stream of packets that arrives on a source interface and has the
same values for the keys. A key is an identified value for a field within the
packet. You create a flow using a flow record to define the unique keys for
your flow.
The
switch supports the
Flexible NetFlow feature that enables enhanced network
anomalies and security detection.
Flexible NetFlow allows you to define an optimal flow
record for a particular application by selecting the keys from a large
collection of predefined fields.
All key values must
match for the packet to count in a given flow. A flow might gather other fields
of interest, depending on the export record version that you configure. Flows
are stored in the
Flexible NetFlow cache.
You can export the data that Flexible NetFlow gathers for your flow by using an exporter and export this data to a remote system such as a Flexible NetFlow collector. The Flexible NetFlow collector can use an IPv4 address.
You define the size of
the data that you want to collect for a flow using a monitor. The monitor
combines the flow record and exporter with the
Flexible NetFlow cache information.
Starting with the Cisco IOS XE 16.12.1 release, Source Group Tag (SGT) and Destination Group Tag (DGT) fields over Flexible
NetFlow are supported for IPv6 traffic.