Netflow

Cisco Nov 23, 2024

Version 5: limited to IPv4 flows

Version 9: template-based, IPv4, IPv6, MPLS, BGP.

Netflow 5 Configuration

ip flow-export version 5
ip flow-export destination 10.10.10.100 2055
ip flow-export source Loopback0
ip flow-cache timeout active 10
ip flow-cache timeout inactive 25
ip flow-top-talkers
	top 10
	
interface vlan 100
  ip flow ingress
  ip flow egress
	
show ip cache flow
show ip flow top-talkers
show ip flow export

Flexible Netflow Configuration

Flow Records - the definitions of what you want to capture

flow record MYRECORD
  match ipv4 destination address
  match ipv4 tos
  collect interface output
  collect counter bytes
  collect counter packets

Flow Exporter - used to send the traffic to a remote system

flow exporter MYEXPORTER
  destination 10.10.10.100
  source Loopback0
  transport udp 2055
  export-protocol netflow-v9

Flow Monitor - applied to the interface to actually monitor traffic

flow monitor MYMOITOR
  record MYRECORD
  exporter MYEXPORTER

interface vlan 100
  ip flow monitor MYMONITOR input
	
ip flow-export version 9

Flow Sampler - used to limit the load on the router gathering data

Recommended for you

Cisco

VACL - VLAN Access-List

a month ago • 1 min read

Cisco

MGCP - Media Gateway Control Protocol

a month ago • 1 min read

Cisco

SIP - Session Initiation Protocol

a month ago • 1 min read

VACL - VLAN Access-List

MGCP - Media Gateway Control Protocol

SIP - Session Initiation Protocol

RTP - Real-Time Transport Protocol

Netflow

Netflow 5 Configuration

Flexible Netflow Configuration

Tags

Craig Garnham

Recommended for you

VACL - VLAN Access-List

MGCP - Media Gateway Control Protocol

SIP - Session Initiation Protocol