Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Configuring a Netflow Collector for Cisco Nexus 9000 Series Switches




Cisco Nexus 5600 Series: 

Configuring NetFlow

Note: Use the show flow exporter command to display NetFlow statistics. Use the clear flow exporter command to clear NetFlow flow exporter statistics. In the commands below, "Ethernet2/9" is the interface on which the Netflow is being enabled.

Login to the router as an admin user, and run the commands below:

This example shows how to configure a NetFlow exporter configuration for IPv4:

flow exporter pw destination 172.20.101.87 use-vrf management transport udp 3000 source mgmt0 version 9 flow record pw match ipv4 source address match ipv4 destination address match ip protocol match ip tos match transport source-port match transport destination-port collect counter bytes long collect counter packets long collect timestamp sys-uptime first collect timestamp sys-uptime last collect ip version sampler testsampler mode 1 out-of 65536 flow monitor pw record pw exporter pw interface Ethernet2/9 ip flow monitor pw input sampler testsampler


Verifying the NetFlow Configuration

To display the NetFlow configuration, perform one of the following tasks:

Command

Purpose

Command

Purpose

show flow exporter [name]

Displays information about NetFlow flow exporters and statistics. You can enter up to 63 alphanumeric characters for the flow exporter name.

show flow interface [interface-type slot/port]

Displays information about NetFlow interfaces.

show flow record [name]

Displays information about NetFlow flow records. You can enter up to 63 alphanumeric characters for the flow record name.

show flow record netflow layer2-switched input

Displays information about the Layer 2 NetFlow configuration.

show flow timeout

Displays information about NetFlow timeouts.

show sampler [name]

Displays information about NetFlow samplers.

You can enter up to 63 alphanumeric characters for the sampler name.

show hardware ip flow

Displays information about NetFlow hardware IP flows.

show running-config netflow

Displays the NetFlow configuration that is currently on your device.



Reference

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/system_management/7x/b_5600_System_Mgmt_Config_7x/configuring_netflow.html#task_BECBC10EB3F34790BEAE2836530D2D22

Cisco Nexus 9000 Series

Configuration NetFlow

This example shows how to configure a NetFlow exporter configuration for IPv4:

  1. To enable the NetFlow feature



    configure terminal

    feature netflow

    end

  2. To create a flow record

    configure terminal

    flow record vrni-record

    match ipv4 protocol

    match ipv4 source address

    match ipv4 destination address

    match transport source-port

    match transport destination-port

    match interface input

    collect transport tcp flags

    collect counter bytes

    collect counter packets

    collect timestamp sys-uptime first

    collect timestamp sys-uptime last

    End

  3. To create a flow exporter

    configure terminal

    flow exporter vrni-exporter

    destination <PROXY_IP>

    transport udp 2055

    version 9

    source <INTERFACE_NAME>

    end

  4. To create the flow monitor for each interface

    configure terminal

    flow monitor vrni-monitor

    record vrni-record

    exporter vrni-exporter

    end

  5. To configure timeouts

    configure terminal

    cache timeout inactive 30

    cache timeout active 60

    end

  6. To configure the flow monitor for each interface on the ingress mode and the egress mode or at least the ingress mode

    configure terminal

    interface <INTERFACE_NAME>

    ip flow monitor vrni-monitor input

    end

Verifying the NetFlow Configuration

To display the NetFlow configuration, perform one of the following tasks:



Command

Purpose

Command

Purpose

show flow cache [ipv4 | ipv6 | ce]

Displays information about NetFlow IP flows.

show flow exporter [name]

Displays information about NetFlow flow exporters and statistics. You can enter up to 63 alphanumeric characters for the flow exporter name.

show flow interface [interface-type slot/port]

Displays information about NetFlow interfaces.

show flow record [name]

Displays information about NetFlow flow records. You can enter up to 63 alphanumeric characters for the flow record name.

show flow record netflow layer2-switched input

Displays information about the Layer 2 NetFlow configuration.

show running-config netflow

Displays the NetFlow configuration that is currently on your device.

Reference

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/system_management/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_System_Management_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_System_Management_Configuration_Guide_7x_chapter_011100.html

https://docs.vmware.com/en/VMware-vRealize-Network-Insight/Cloud/com.vmware.vrni.using.doc/GUID-F2BC0864-F84B-4CAF-9027-FDDC8FBBF3B8.html



Seceon Inc. All rights reserved. https://www.seceon.com