NetFlow
Monitoring
NetFlow Monitoring
Note | For Release 3.0(2), NetFlow monitoring is supported for end-host mode only. |
NetFlow is a standard network protocol for collecting IP traffic data. NetFlow enables you to define a flow in terms of unidirectional IP packets that share certain characteristics. All packets that match the flow definition are then collected and exported to one or more external NetFlow collectors where they can be further aggregated, analyzed and used for application specific processing.
Cisco UCS Manager uses NetFlow-capable adapters (Cisco UCS VIC 1240, Cisco UCS VIC 1280, and Cisco UCS VIC 1225) to communicate with the routers and switches that collect and export flow information.
Network Flows
A flow is a set of unidirectional IP packets that have common properties such as, the source or destination of the traffic, routing information, or the protocol used. Flows are collected when they match the definitions in the flow record definition.
Flow Record Definitions
A flow record definition contains all information about the properties used to define the flow, which can include both characteristic properties or measured properties. Characteristic properties, also called flow keys, are the properties that define the flow. Cisco UCS Manager supports IPv4, IPv6, and Layer 2 keys. Measured characteristics, also called flow values or nonkeys, are values that you can measure, such as the number of bytes contained in all packets of the flow, or the total number of packets.
A flow record definition is a specific combination of flow keys and flow values. You can use the following type of flow record definitions:
Flow Exporters, Flow Exporter Profiles, and Flow Collectors
Flow exporters transfer the flows to the flow connector based on the information in a flow exporter profile. The flow exporter profile contains the networking properties used to export NetFlow packets. The networking properties include a VLAN, the source IP address, and the subnet mask for each fabric interconnect.
Note | In the Cisco UCS Manager GUI, the networking properties are defined in an exporter interface that is included in the profile. In the Cisco UCS Manager CLI, the properties are defined in the profile. |
Flow collectors receive the flows from the flow exporter. Each flow collector contains an IP address, port, external gateway IP, and VLAN that defines where the flows are sent.
Flow Monitors and Flow Monitor Sessions
A flow monitor consists of a flow definition, one or two flow exporters, and a timeout policy. You can use a flow monitor to specify which flow information you want to gather, and where you want to collect it from. Each flow monitor operates in either the egress or ingress direction.
A flow monitor session contains up to four flow monitors: two flow monitors in the ingress direction and two flow monitors in the egress direction. A flow monitor session can also be associated with a vNIC.
NetFlow Limitations
The following limitations apply to NetFlow monitoring:
-
NetFlow monitoring is not supported on the Cisco UCS 6100 Series Fabric Interconnect.
-
NetFlow monitoring is supported on the Cisco UCS 1200 and 1300 series VIC adapters. However, on the 1200 series VIC adapters, NetFlow is not recommended with FCoE traffic.
-
You can have up to 64 flow record definitions, flow exporters, and flow monitors.
-
NetFlow is not supported in vNIC template objects.
-
PVLANs and local VLANs are not supported for service VLANs.
-
All VLANs must be public and must be common to both fabric interconnects.
-
VLANs must be defined as an exporter interface before they can be used with a flow collector.
-
You cannot use NetFlow with usNIC, the Virtual Machine queue, or Linux ARFS.
Creating a Flow Record Definition
Viewing Flow Record Definitions
Step 1 | In the Navigation pane, click LAN. |
Step 2 | On the LAN tab, expand . |
Step 3 | Choose Flow Record Definitions to view the list of all flow definitions. |
Step 4 | Double-click the name of a flow definition to view the properties for the selected flow definition. On the Properties window, you can modify the keys and non-keys used for the flow. |
Defining the Exporter Profile
Step 1 | In the Navigation pane, click LAN. | ||||||||||||
Step 2 | On the LAN tab, expand . | ||||||||||||
Step 3 | Click Flow Exporter Profile default. | ||||||||||||
Step 4 | In the Properties area, to the side of the Exporter Interface(s) table, click Add. | ||||||||||||
Step 5 | In the
Create
Exporter Interface dialog box, complete the following fields:
| ||||||||||||
Step 6 | Click OK. |
Creating a Flow Collector
Step 1 | In the Navigation pane, click LAN. | ||||||||||||||
Step 2 | On the LAN tab, expand LAN. | ||||||||||||||
Step 3 | Click Netflow Monitoring. | ||||||||||||||
Step 4 | In the Work pane, click the Flow Collectors tab. | ||||||||||||||
Step 5 | Click Add at the side of the Flow Collectors table. | ||||||||||||||
Step 6 | In the
Create Flow Collectors dialog box, complete the
following fields:
| ||||||||||||||
Step 7 | Click OK. |
Creating a Flow Exporter
Step 1 | In the Navigation pane, click LAN. | ||||||||||||||||||||
Step 2 | On the LAN tab, expand . | ||||||||||||||||||||
Step 3 | Right-click Flow Exporters and choose Create Flow Exporter. | ||||||||||||||||||||
Step 4 | In the
Create
Flow Exporter dialog box, complete the following fields:
| ||||||||||||||||||||
Step 5 | Click OK. |
Creating a Flow Monitor
Step 1 | In the Navigation pane, click LAN. | ||||||||||||||
Step 2 | On the LAN tab, expand . | ||||||||||||||
Step 3 | Right-click Flow Monitors and choose Create Flow Monitor. | ||||||||||||||
Step 4 | In the
Create
Flow Monitor dialog box, complete the following fields:
| ||||||||||||||
Step 5 | Click OK. |
Creating a Flow Monitor Session
Step 1 | In the Navigation pane, click LAN. | ||||||||||||||
Step 2 | On the LAN tab, expand . | ||||||||||||||
Step 3 | Right-click Flow Monitor Sessions and choose Create Flow Monitor Session. | ||||||||||||||
Step 4 | In the
Create
Flow Monitor Session dialog box, complete the following fields:
| ||||||||||||||
Step 5 | Click OK. |
Associating a Flow Monitor Session to a vNIC
Step 1 | In the Navigation pane, click LAN. |
Step 2 | On the LAN tab, expand . |
Step 3 | Click the flow monitor session that you want to associate. |
Step 4 | Click Flow Exporter Profile default. |
Step 5 | In the Properties area, expand vNICs. |
Step 6 | Click Add at the side of the table. |
Step 7 | In the Add Monitoring Session Source dialog box, choose the vNIC that you want to associate with the flow monitor session. |
Step 8 | Click OK to close the dialog box. |
Step 9 | Click Save to close the dialog box. |