Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Configuring Nexus Devices

Owned by Customer Success & Engineering (Unlicensed)
May 07, 2018
2 min read

Below describes six steps to setup V9 netflow on nexus devices. It uses nexus 7000 as an example  but should be applicable in general


Step 1: To enable the Netflow Feature on the Nexus 7000, use the command:

tac7000(config)# feature netflow

Step 2: To configure a “Flow Record” use ‘netflow-original’ as follows:


tac7000# show flow record netflow-original
Flow record netflow-original:

Description: Traditional IPv4 input NetFlow with origin ASs

No. of users: 1

Template ID: 261

Fields:

     match ipv4 source address

     match ipv4 destination address

     match ip protocol

     match ip tos

     match transport source-port

     match transport destination-port

     match interface input

     match interface output

     match flow direction

     collect routing next-hop address ipv4

     collect transport tcp flags

     collect counter bytes

     collect counter packets

     collect timestamp sys-uptime first

     collect timestamp sys-uptime last


 

Step 3: To set-up a flow exporter or scrutinizer, use commands:


tac7000# conf t
tac7000(config)# flow exporter scrutinizer
tac7 000(config-flow-exporter)# description export netflow to scrutinizer
tac7000(config-flow-exporter)# destination CCEIP
tac7000(config-flow-exporter)# export Version 9
tac7000(config-flow-exporter)# transport udp 9995
tac7000(config-flow-exporter)# source vlan613

 

*You can replace Version 9 with 5 depending on your system.

Notice above that we specified:

  • The name "scrutinizer."
  • A description "export netflow to scrutinizer."
  • The destination (i.e. the IP address of Scrutinizer).
  • The version of NetFlow (i.e. v9).
  • The UDP port it will receive on
  • The interface the flows need to exit to reach the NetFlow collector (aka Scrutinizer).

 

Step 4: To bind the record to the exporter or “Monitortac7000,” use commands::

 

tac7000(config)# flow monitor Monitortac7000
tac7000(config-flow-monitor)# exporter scrutinizer
tac7000(config-flow-monitor)# record netflow-original
tac7000(config)#

 

 This binds the record ‘netflow-original’ to the exporter ‘scrutinizer’ and the name of this flow monitor is called ‘Monitortac7000.’


Step 5: To apply flow monitor ‘Monitorac7000’ to each interface, use commands:


tac7000(config)# interface Vlan612
tac7000(config-if)# ip flow monitor Monitortac7000 input
tac7000(config-if)# exit
tac7000(config)# interface Vlan613
tac7000(config-if)# ip flow monitor Monitortac7000 input
tac7000(config-if)# exit
tac7000(config)# interface Vlan614
tac7000(config-if)# ip flow monitor Monitortac7000 input
tac7000(config-if)# exit
tac7000(config)# interface Vlan615
tac7000(config-if)# ip flow monitor Monitortac7000 input
tac7000(config-if)# exit
tac7000(config)# interface Vlan616
tac7000(config-if)# ip flow monitor Monitortac7000 input

tac7000(config)# copy running-config startup-config
tac7000(config)# exit

 

Above   example  input (ie ingress) is configured input captured flows on every interface

.   For further details refer  http://www.bradreese.com/blog/plixer-4-8-2010.htm

Seceon Inc. All rights reserved. https://www.seceon.com