1. Home
  2. Networking
  3. Network Management

Example: NetFlow Version 5 on a Router

In the following example, the configuration shows the three ways to enable the NetFlow metering process on an interface. The command ip route-cache flow, which is valid only on the main interface, is the old way. This command was superseded by the ip flow ingress and ip flow egress commands, which can be enabled on the main interface or a subinterface:

Router(config)# interface serial 0/0
Router(config-if)# ip route-cache flow
Router(config)# interface serial 0/1
Router(config-if)# ip flow ingress
Router(config)# interface FastEthernet 1/0
Router(config-if)# ip flow ingress

Router# show ip flow interface
Serial0/0
  ip route-cache flow
Serial0/2
  ip flow ingress
FastEthernet1/0
  ip flow egress

The following lines configure the NetFlow version 5 exports to a collector with IP address 10.48.71.219 and UDP port 1234, with the loopback 0 IP address as the source IP address of the UDP packets. Finally, the autonomous system fields are populated with information about the adjacent peers and are exported in the flow records:

Router(config)# ip flow-export source Loopback0
Router(config)# ip flow-export version 5 peer-as
Router(config)# ip flow-export destination 10.48.71.219 1234

Router# show ip flow export
Flow export v5 is enabled for main cache
  Exporting flows to 10.48.71.219 (1234)
  Exporting using source interface Loopback0
  Version 5 flow records, peer-as
  679912 flows exported in 123007 udp datagrams
  0 flows failed due to lack of export packet
  30 export packets were sent up to process level
  0 export packets were dropped due to no fib
  0 export packets were dropped due to adjacency issues
  0 export packets were dropped due to fragmentation failures
  0 export packets were dropped due to encapsulation fixup failures
  0 export packets were dropped enqueuing for the RP
  0 export packets were dropped due to IPC rate limiting

The show ip flow export command displays the NetFlow version 5 configuration and some interesting statistics, such as the number of flow records exported, the number of export packets, the number of packets that were not exported, and the reason for failures. To increase reliability in case of network failure, optionally configure a second collector that duplicates the flow records to two destinations.

To change the default active and inactive timeouts (respectively, 30 minutes and 15 seconds), enter the following:

Router(config)# ip flow-cache timeout active 60
Router(config)# ip flow-cache timeout inactive 20

The confirmation of these new timeouts is displayed in the output of the show ip cache flow command.



Network Management: Accounting and Performance Strategies - Graphically Rich Book
About the Authors
About the Technical Reviewers
Acknowledgments
Icons Used in This Book
Command Syntax Conventions
Introduction
Part I: Data Collection and Methodology Standards
Part II: Implementations on the Cisco Devices
Chapter 4. SNMP and MIBs
Chapter 5. RMON
Chapter 6. IP Accounting
Chapter 7. NetFlow
Fundamentals of NetFlow
CLI Operations
SNMP Operations with the NETFLOW-MIB
Example: NetFlow Version 5 on a Router
Example: NetFlow Configuration on the Catalyst
Example: NetFlow Version 8
Example: NetFlow Version 9
New Features Supported with NetFlow Version 9
Deployment Guidelines
Supported Devices and IOS Versions
Chapter 8. BGP Policy Accounting
Chapter 9. AAA Accounting
Chapter 10. NBAR
Chapter 11. IP SLA
Chapter 12. Summary of Data Collection Methodology
Part III: Assigning Technologies to Solutions