Netflow

Cisco Nov 23, 2024

Version 5: limited to IPv4 flows

Version 9: template-based, IPv4, IPv6, MPLS, BGP.

Netflow 5 Configuration

ip flow-export version 5
ip flow-export destination 10.10.10.100 2055
ip flow-export source Loopback0
ip flow-cache timeout active 10
ip flow-cache timeout inactive 25
ip flow-top-talkers
	top 10
	
interface vlan 100
	ip flow ingress
	ip flow egress
	
show ip cache flow
show ip flow top-talkers
show ip flow export

Flexible Netflow Configuration

Flow Records - the definitions of what you want to capture

flow record MYRECORD
	match ipv4 destination address
	match ipv4 tos
	collect interface output
	collect counter bytes
	collect counter packets

Flow Exporter - used to send the traffic to a remote system

flow exporter MYEXPORTER
	destination 10.10.10.100
	source Loopback0
	transport udp 2055
	export-protocol netflow-v9

Flow Monitor - applied to the interface to actually monitor traffic

flow monitor MYMOITOR
	record MYRECORD
	exporter MYEXPORTER

interface vlan 100
	ip flow monitor MYMONITOR input
	
ip flow-export version 9

Flow Sampler - used to limit the load on the router gathering data

Recommended for you

Cisco

Cisco PPPoE Server

7 days ago • 1 min read

Devices

Cisco PVDM3-128

7 days ago • 1 min read

Devices

Cisco 2504 WLC

7 days ago • 1 min read

Cisco PPPoE Server

Cisco PVDM3-128

Cisco 2504 WLC

ZTE DSL Cable Pinout

Netflow

Netflow 5 Configuration

Flexible Netflow Configuration

Tags

Craig Garnham

Recommended for you

Cisco PPPoE Server

Cisco PVDM3-128

Cisco 2504 WLC