Sample Third-Party Configurations
This section has several third-party configuration examples that show you how to enable NetFlow export to the NetExpress or NetProfiler. Refer to vendor documentation specific to your device and version software. Commands complete various actions, depending upon device software version.
This section includes the following tasks:
Configuring VMware ESXi 5.5 Using vSphere
The following example uses VMware vSphere to configure an ESXi v5.5 distributed vSwitch to export flow data.
To configure flow on the ESXi 5.5 distributed vSwitch through vSphere
1. Log in to the vSphere Client and select the Networking inventory view.
2. Right-click the vSphere distributed switch in the inventory pane, and select Edit Settings.
3. Select the NetFlow tab.
4. Specify the IP address and port of the NetFlow collector.
5. Specify the vSphere distributed switch (VDS) IP address.
With an IP address to the vSphere distributed switch, the NetFlow collector can interact with the vSphere distributed switch as a single switch rather than interacting with a separate, unrelated switch for each associated host.
6. (Optional) Use the up and down menu arrows to set the Active flow export time-out and Idle flow export time-out.
7. (Optional) Use the up and down menu arrows to set the Sampling rate.
The sampling rate determines what portion of data NetFlow collects, with the sampling rate number determining how often NetFlow collects the packets. A collector with a sampling rate of 2 collects data from every other packet. A collector with a sampling rate of 5 collects data from every fifth packet.
8. (Optional) Select Process internal flows to collect data only on network activity between virtual machines on the same host.
9. Click OK.
Configuring Cisco 6500 Series Switches Running Native Cisco IOS CLI
The following example uses the native Cisco IOS CLI to configure the SUP and MSFC modules of a 6500 series switch. The following commands generally work with Cisco IOS Release12.2 or later, except where specified. For further information, refer to the documentation for your Cisco IOS software release.
To configure the SUP and MSFC modules of a 6500 series switch
1. At the switch level (SUP2), enter the following commands to turn on NetFlow and set version, flow mask, and timing:
Router(config)# mls netflow
Router(config)# mls nde sender version 5
Router(config)# mls flow ip interface-full
Router(config)# mls nde interface
Router(config)# mls aging normal 32
Router(config)# mls aging long 64
2. At the routing module (MSFC), enter the following commands to set the device source interface, version, destination, and timeouts:
Router(config)# ip flow-export source loopback 0
Router(config)# ip flow-export version 9
Router(config)# ip flow-export destination <flow-gateway-or-netexpress_ip> <udp-port-number>
Router(config)# ip flow-cache timeout inactive 15 (this might be the default depending upon code version)
Router(config)# ip flow-cache timeout active 1
If you are running Cisco IOS Release 12.2(18) or later, use NetFlow v9. If NetFlow v9 is not available, use NetFlow v5.
If you are running Cisco IOS Release12.3(14) or later and are exporting NetFlow v9, you can include export of the TTL, enabling the NetProfiler and NetExpress to show network segment diagrams:
Router(config)# ip flow-capture ttl
If you are running Cisco IOS Release 12.3(14) or later, running NetFlow v9, and have hardware that supports export of NBAR Layer-7 information, include the following command:
Router(config)# ip flow-capture nbar
3. To enable NetFlow on your interfaces, enter the following commands, where applicable, for each interface or interface grouping where you require NetFlow accounting (three types of interfaces):
interface <type> <slot>/<port>
For example:
Router(config)# interface fastethernet 0/1
Router(config-if)# ip route-cache flow
or
interface vlan <vlan-id>
For example:
Router(config)# interface vlan 3
Router(config-if)# ip route-cache flow
or
interface port-channel <channel-id>
For example:
Router(config)# interface port-channel 3
Router(config-if)# ip route-cache flow
4. Optionally, if you want to export Layer-2 switched flows (and your switch supports Layer-2 NetFlow export), enter the following command for the set of VLANs where you want the Layer-2 flows exported:
Router(config)# ip flow export layer2-switched vlan <vlan-list>
Configuring Cisco 6500 Series Switches in Hybrid Mode
The following example configures the SUP and MSFC modules of a Cisco 6500 series switch running in the hybrid mode.
To configure the SUP and MSFC modules of a 6500 series switch in hybrid mode
1. At the switch level (SUP), enter the following commands to enable NetFlow data export (NDE) and to set destination of flow, timers, and full flow:
Router(config)# set mls nde enable
Router(config)# set mls nde enable <flow-gateway-or-netexpress_ip> <udp-port-number>
Router(config)# set mls agingtime 16
Router(config)# set mls agingtime fast 32 0
Router(config)# set mls agingtime long-duration 64
Router(config)# set mls flow full
2. At the routing module (MSFC), enter the following command to configure NDE and set the destination of flow:
Router(config)# ip flow-export <ip-address> <udp-port> <version>
3. At the interface level, enter the following commands to enable NetFlow on each interface on which you want to collect statistics and set timers:
Router(config)# interface <type> <slot>/<port-adapter>
For example:
Router(config)# interface fastethernet 0/1
Router(config-if)# ip route-cache flow
Router(config)# ip flow-cache timeout active 1
Router(config)# ip flow-cache timeout inactive 15
Configuring Cisco 7500 Series Router
The following example uses the Cisco IOS CLI to configure a Cisco 7500 series router.
To configure a Cisco 7500 series router using the Cisco IOS CLI
1. Enter the following commands to configure NDE:
Router# configure terminal
Router(config)# ip flow-export <flow-gateway-or-netexpress_ip> <udp-port-number> <version>
2. Enter the following command to enable NetFlow at the interface level on each interface on which you want to collect statistics:
Router(config)# interface <type> <slot>/<port-adapter>
For example:
Router(config)# interface fastethernet 0/1
For 7500:
Router(config-if)# ip route-cache flow
3. Enter the following commands to set the NetFlow timers:
Router(config)# ip flow-cache timeout active 1
Router(config)# ip flow-cache timeout inactive 15
Configuring Cisco 7600 Series Router
The following example uses the Cisco IOS CLI to configure a Cisco 7600 series router.
To configure a Cisco 7600 series router using the Cisco IOS CLI
1. Enter the following commands to configure NetFlow Data Export (NDE):
Router(config)# ip flow-export <flow-gateway-or-netexpress_ip> <udp-port-number>
Router(config)# ip flow-export <version>
Router(config)# mls nde sender <version>
2. Enter the following command to enable NetFlow at the interface level on each interface on which you want to collect statistics:
interface <type> <slot>/<port-adapter>
For example:
Router(config)# interface fastethernet 0/1
Router(config-if)# ip flow ingress
3. Enter the following commands to set the NetFlow timers:
Router(config)# ip flow-cache timeout active 1
Router(config)# ip flow-cache timeout inactive 15
Configuring Cisco 3560 and 3750 Flexible NetFlow
The following example shows an example Flexible NetFlow configuration for the Cisco 3750 and 3560 series switches with NetFlow service module C3KX-SM-10G.
To configure Flexible NetFlow for a Cisco 3750 or 3560 switch
1. Enter the following commands to create the flow record:
Switch# flow record cascade-record
Switch# match ipv4 tos
Switch# match ipv4 protocol
Switch# match ipv4 source address
Switch# match ipv4 destination address
Switch# match ipv4 ttl
Switch# match transport source-port
Switch# match transport destination-port
Switch# collect counter bytes
Switch# collect counter packets
Switch# collect timestamp sys-uptime first
Switch# collect timestamp sys-uptime last
2. Enter the following commands to create the flow exporter and monitor:
Switch# flow exporter Cascade
Switch# destination <ip address of flow-gateway or netexpress>
Switch# transport udp <ip address of flow-gateway or netexpress>
Switch# flow monitor Cascade
Switch# record Cascade-record
Switch# exporter Cascade
Switch# cache timeout active 60
Switch# cache timeout inactive 15
3. Enter the following commands to enable export on a specific port:
Switch# interface TenGigabitEthernet1/1/1
Switch# ip flow monitor Cascade input
Switch# ip flow monitor Cascade output
Configuring the Cisco Nexus 7000 Flexible NetFlow
The following example uses Cisco Nexus OS 5.2.1 to configure NetFlow export. You must complete the set of commands in Step 5 for each Layer-3 interface.
To configure a NetFlow export using a Cisco Nexus 7000 Flexible NetFlow
1. Enter the following commands to configure a record to include all necessary fields for the NetProfiler, NetExpress, or Flow Gateway:
Switch# configure terminal
Switch(config)# flow record cascade-record
Switch(config-flow-record)# match interface input
Switch(config-flow-record)# match interface output
Switch(config-flow-record)# match ipv4 source address
Switch(config-flow-record)# match ipv4 destination address
Switch(config-flow-record)# match protocol
Switch(config-flow-record)# match transport source-port
Switch(config-flow-record)# match transport destination-port
Switch(config-flow-record)# collect flow direction
Switch(config-flow-record)# collect ipv4 tos
Switch(config-flow-record)# collect ipv4 ttl max
Switch(config-flow-record)# collect transport tcp flags
Switch(config-flow-record)# collect counter bytes
Switch(config-flow-record)# collect counter packets
Switch(config-flow-record)# collect routing next-hop address ipv4
Switch(config-flow-record)# collect timestamp sys-uptime first
Switch(config-flow-record)# collect timestamp sys-uptime last
2. At the global level, enter the following commands to configure required timeout settings:
Switch# configure terminal
Switch(config)# feature netflow
Switch(config-netflow)# flow timeout active 60
Switch(config-netflow)# flow timeout inactive 15
Switch(config-netflow)# flow timeout session
3. Enter the following commands to configure NetFlow export:
Switch# configure terminal
Switch(config)# flow exporter cascade-export
Switch(config-flow-exporter)# destination <ip address of flow-gateway or netexpress>
Switch(config-flow-exporter)# source ethernet 2/1
Switch(config-flow-exporter)# transport udp 2055
Switch(config-flow-exporter)# version 9
4. Enter the following commands to configure flow monitor:
Switch# configure terminal
Switch(config)# flow monitor cascade-monitor
Switch(config-flow-monitor)# record netflow ipv4 cascade-record
Switch(config-flow-monitor)# exporter cascade-export
5. Enter the following commands to apply a flow monitor to a VLAN or interface (one time for each Layer-3 interface):
Switch# configure terminal
Switch(config)# vlan 30
Switch(config-vlan)# ip flow monitor cascade-monitor input
Configuring NetFlow Export for Cisco Nexus 1000V
Configuring NetFlow export of the Cisco 1000V is similar to the physical Nexus switches running NX-OS (for example, Cisco Nexus 7000), with some variation in commands. The primary difference is that the Riverbed recommended configuration parameters are for the Cisco Nexus 7000 TTL export. Use the template shown in this example (TTL export is not an option on the Cisco Nexus 1000V).
To configure NetFlow export for a Cisco Nexus 1000V
1. Enter the following commands to configure NetFlow Exporter and timing parameters:
n1000v# configure terminal
n1000v(config)# flow exporter cascade-export
n1000v(config-flow-exporter)# destination <ip address of flow-gateway or netexpress>
n1000v(config-flow-exporter)# source mgmt 0
n1000v(config-flow-exporter)# transport udp 2055
n1000v(config-flow-exporter)# version 9
n1000v(config-flow-exporter-version-9)# option exporter-stats timeout 60
n1000v(config-flow-exporter-version-9)# template data timeout 1200
n1000v(config-flow-exporter-version-9)# option interface-table timeout 3600
2. Enter the following commands to configure flow monitor:
n1000v(config)# flow monitor cascade-monitor
n1000v(config-flow-monitor)# record netflow-original
n1000v(config-flow-monitor)# exporter cascade-export
n1000v(config-flow-monitor)# timeout active 60
n1000v(config-flow-monitor)# timeout inactive 15
3. Enter the following commands to apply the flow monitor to either each virtual interface or each port profile:
• For an interface:
n1000v(config)# interface vethernet 2
n1000v(config-if)# ip flow monitor cascade-monitor input
n1000v(config-if)# ip flow monitor cascade-monitor output
• For a port profile (the port profile must be configured with other appropriate parameters and inherited on the appropriate interfaces or port groups):
n1000v(config)# port-profile type vethernet <profile-name>
n1000v(config-port-prof)# ip flow monitor cascade-monitor input
n1000v(config-port-prof)# ip flow monitor cascade-monitor output
Configuring IPFIX for Avaya (Nortel) 8300 and 8600
The following example uses Nortel ERS 8300 and ERS 8600 to configure flow export. You use similar commands to configure other Nortel routers.
To configure IPFIX for Avaya (Nortel) 8300 and 8600
1. Enter the following command to enable IPFIX globally:
ERS# config ip ipfix state enable
2. Enter the following command to enable IPFIX at a port level, for each port where you want each export:
ERS# config ip ipfix port 5/2, 5/3, 5/4, 5/5, 5/6 all-traffic enable
3. Enter the following commands to set the timing parameters for the SteelCentral compatibility (active time-out is in minutes, export interval in seconds):
ERS# config ip ipfix active-timeout 1
ERS# config ip ipfix aging-interval 15
ERS# config ip ipfix export-interval 60
Depending on your router and software version, you might need to specify slot numbers in the previous commands. The following example shows the commands with slot numbers:
ERS# config ip ipfix slot 5 active-timeout 1
ERS# config ip ipfix slot 5 aging-interval 15
ERS# config ip ipfix slot 5 export-interval 60
4. Enter the following commands to enable export and to export to the NetExpress and Flow Gateway:
ERS# config ip ipfix exporter-state enable
ERS# config ip ipfix collector add <ip address of flow-gateway or netexpress> dest-port <listening of flow-gateway or netexpress> enable true
or
ERS# config ip ipfix slot 5 exporter-state enable
ERS# config ip ipfix slot 5 collector add <ip address of flow-gateway or netexpress> dest-port <listening of flow-gateway or netexpress> enable true
Configuring sFlow for HP Procurve 3500, 5400, and 6200
The following example uses Procurve 3500, 5400, and 6200 to configure flow export. You use similar commands to configure other HP Procurve devices.
To configure sFlow for HP Procurve 3500, 5400, and 6200
1. Enter configuration mode to configure the NetExpress or Flow Gateway as a flow destination:
ProCurve# configure
ProCurve(config)# sflow 1 destination <ip address of flow-gateway or netexpress> dest-port <listening of flow-gateway or netexpress>
In this example, 1 is the sFlow instance. If this instance ID is already in use, then enter either 2 or 3 in the previous and the following commands.
2. Enter the following command to activate sampling:
ProCurve(config)# sflow 1 sampling all 500
The example shows a sampling rate of one out of every 500 packets. Riverbed recommends that you set the sampling rate to the lowest value recommended by HP; the lowest value recommended depends on device and link speed. In the example, all results use this HP-recommended sampling rate for all ports.
3. Enter the following commands to activate polling:
ProCurve(config)# sflow 1 polling all 60
In the example, all results are using this polling rate for all ports, and 60 indicates the polling and export interval.
4. Enter the following command to save the configuration:
ProCurve(config)# write memory