Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Configuring a Netflow Collector for Cisco Nexus 9000 Series Switches
Cisco Nexus 5600 Series:
Configuring NetFlow
Note: Use the show flow exporter command to display NetFlow statistics. Use the clear flow exporter command to clear NetFlow flow exporter statistics. In the commands below, "Ethernet2/9
" is the interface on which the Netflow is being enabled.
Login to the router as an admin user, and run the commands below:
This example shows how to configure a NetFlow exporter configuration for IPv4:
flow exporter pw
destination 172.20.101.87 use-vrf management
transport udp 3000
source mgmt0
version 9
flow record pw
match ipv4 source address
match ipv4 destination address
match ip protocol
match ip tos
match transport source-port
match transport destination-port
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
collect ip version
sampler testsampler
mode 1 out-of 65536
flow monitor pw
record pw
exporter pw
interface Ethernet2/9
ip flow monitor pw input sampler testsampler
Verifying the NetFlow Configuration
To display the NetFlow configuration, perform one of the following tasks:
Command | Purpose |
---|---|
show flow exporter [name] | Displays information about NetFlow flow exporters and statistics. You can enter up to 63 alphanumeric characters for the flow exporter name. |
show flow interface [interface-type slot/port] | Displays information about NetFlow interfaces. |
show flow record [name] | Displays information about NetFlow flow records. You can enter up to 63 alphanumeric characters for the flow record name. |
show flow record netflow layer2-switched input | Displays information about the Layer 2 NetFlow configuration. |
show flow timeout | Displays information about NetFlow timeouts. |
show sampler [name] | Displays information about NetFlow samplers. You can enter up to 63 alphanumeric characters for the sampler name. |
show hardware ip flow | Displays information about NetFlow hardware IP flows. |
show running-config netflow | Displays the NetFlow configuration that is currently on your device. |
Reference
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/system_management/7x/b_5600_System_Mgmt_Config_7x/configuring_netflow.html#task_BECBC10EB3F34790BEAE2836530D2D22
Cisco Nexus 9000 Series
Configuration NetFlow
This example shows how to configure a NetFlow exporter configuration for IPv4:
To enable the NetFlow feature
configure terminal
feature netflow
end
To create a flow record
configure terminal
flow record vrni-record
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect transport tcp flags
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
End
To create a flow exporter
configure terminal
flow exporter vrni-exporter
destination <PROXY_IP>
transport udp 2055
version 9
source <INTERFACE_NAME>
end
To create the flow monitor for each interface
configure terminal
flow monitor vrni-monitor
record vrni-record
exporter vrni-exporter
end
To configure timeouts
configure terminal
cache timeout inactive 30
cache timeout active 60
end
To configure the flow monitor for each interface on the ingress mode and the egress mode or at least the ingress mode
configure terminal
interface <INTERFACE_NAME>
ip flow monitor vrni-monitor input
end
Verifying the NetFlow Configuration
To display the NetFlow configuration, perform one of the following tasks:
Command | Purpose |
---|---|
show flow cache [ipv4 | ipv6 | ce] | Displays information about NetFlow IP flows. |
show flow exporter [name] | Displays information about NetFlow flow exporters and statistics. You can enter up to 63 alphanumeric characters for the flow exporter name. |
show flow interface [interface-type slot/port] | Displays information about NetFlow interfaces. |
show flow record [name] | Displays information about NetFlow flow records. You can enter up to 63 alphanumeric characters for the flow record name. |
show flow record netflow layer2-switched input | Displays information about the Layer 2 NetFlow configuration. |
show running-config netflow | Displays the NetFlow configuration that is currently on your device. |
Reference
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/system_management/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_System_Management_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_System_Management_Configuration_Guide_7x_chapter_011100.html
https://docs.vmware.com/en/VMware-vRealize-Network-Insight/Cloud/com.vmware.vrni.using.doc/GUID-F2BC0864-F84B-4CAF-9027-FDDC8FBBF3B8.html
Seceon Inc. All rights reserved. https://www.seceon.com