In the following example, the configuration shows the three ways to enable the NetFlow metering process on an interface. The command ip route-cache flow, which is valid only on the main interface, is the old way. This command was superseded by the ip flow ingress and ip flow egress commands, which can be enabled on the main interface or a subinterface:
Router(config)# interface serial 0/0 Router(config-if)# ip route-cache flow Router(config)# interface serial 0/1 Router(config-if)# ip flow ingress Router(config)# interface FastEthernet 1/0 Router(config-if)# ip flow ingress Router# show ip flow interface Serial0/0 ip route-cache flow Serial0/2 ip flow ingress FastEthernet1/0 ip flow egress
The following lines configure the NetFlow version 5 exports to a collector with IP address 10.48.71.219 and UDP port 1234, with the loopback 0 IP address as the source IP address of the UDP packets. Finally, the autonomous system fields are populated with information about the adjacent peers and are exported in the flow records:
Router(config)# ip flow-export source Loopback0 Router(config)# ip flow-export version 5 peer-as Router(config)# ip flow-export destination 10.48.71.219 1234 Router# show ip flow export Flow export v5 is enabled for main cache Exporting flows to 10.48.71.219 (1234) Exporting using source interface Loopback0 Version 5 flow records, peer-as 679912 flows exported in 123007 udp datagrams 0 flows failed due to lack of export packet 30 export packets were sent up to process level 0 export packets were dropped due to no fib 0 export packets were dropped due to adjacency issues 0 export packets were dropped due to fragmentation failures 0 export packets were dropped due to encapsulation fixup failures 0 export packets were dropped enqueuing for the RP 0 export packets were dropped due to IPC rate limiting
The show ip flow export command displays the NetFlow version 5 configuration and some interesting statistics, such as the number of flow records exported, the number of export packets, the number of packets that were not exported, and the reason for failures. To increase reliability in case of network failure, optionally configure a second collector that duplicates the flow records to two destinations.
To change the default active and inactive timeouts (respectively, 30 minutes and 15 seconds), enter the following:
Router(config)# ip flow-cache timeout active 60 Router(config)# ip flow-cache timeout inactive 20
The confirmation of these new timeouts is displayed in the output of the show ip cache flow command.