How To Enable NetFlow

Document created by Stuart_Weenig on Apr 14, 2014Last modified by Stuart_Weenig on Aug 5, 2016
Version 6Show Document
  • View in full screen mode

This document details how to enable NetFlow/IPFIX/sFlow/jFlow on many different manufacturers and models of devices.

Alcatel

OS9000 Series

Hardware required: Alcatel OS9000 series Switch OS Version: 6.1.1.704.R01 or greater

Commands

Global Configuration:

sflow agent ip [loopback IP address] sflow receiver [number] name [name of instance] address [harvester IP address] upd-port 9995 packet-size 1400 version 5 timeout 0

On each Port:

sflow sampler [number] [portNumber] receiver [number] rate 1 sample-hdr-size 64 sflow poller [number] [portNumber] receiver [number] interval 60

NOTE: For port configuration, the rate value defines the rate at which sampling has to be done. Using a value of 1 means each packet will be sampled. Some switches may not be able to handle a sampling rate of 1, so higher numbers should be used. Be cautious about the rate you select so you do not overwhelm the port or switch. NOTE: In the above steps, the number value is any arbitrary number that acts as an ID for the sflow configuration. Using a number value of 1 is recommended. sFlow Debug Commands:

show sflow [receiver | sampler | poller | agent]

Displays information regarding the current sFlow configuration.

Example

sflow agent ip 10.0.0.1 sflow receiver 1  name vnoc-sflow-reportanalyzer  address 192.168.1.1 udp-port 9995  version 5  sflow sampler 1 port 1/1 receiver 1 rate 1000  sflow sampler 1 port 1/2 receiver 1 rate 1000  sflow poller 1 port 1/1 receiver 1 interval 5  sflow poller 1 port 1/2 receiver 1 interval 5

NOTE: If rate is not specified default value is 0. See TEC592535

 

Brocade

FastIron Switches

Hardware Required: FSX, FESX, FGS, FLS, FWS, FCX series FastIron switches Software Version: 7.2.00 or greater

Commands:

Global configuration:

sflow enable sflow destination [IPofHarvester] 9995 sflow polling-interval 60

On each Interface:

sflow-forwarding

NOTE: By default a sampling rate of 1/512 packets is used. This can be changed by specifying the sampling rate on each interface with the command

sflow sample [SampleRate]

sFlow version 5 is used by default. Online Information: http://www.brocade.com/forms/getFile?p=documents/product_manuals/B_FastIron/FastIron_07202_ConfigGuide.pdf.

Cisco

Other Models

Hardware Required: Cisco 800*, 1000, 1600, 1720, 1800*, 2500, 2600, 2801*, 3600, 3725*, 3825*, 4700, 7200, AS5800, RSP7000, uBR7200, 10000^ IOS Version: 12.0T or greater; *Requires IOS 12.3T or greater; ^Requires IOS 12.2S or greater

Commands:

In global configuration:

ip flow-export source loopback [#] ip flow-export version 5 ip flow-cache timeout active 1 ip flow-export destination [harvesterIP] 9995 snmp-server ifindex persist

For each interface (except sub-interfaces as this command will automatically apply to any subinterface):

ip route-cache flow 

Or for each interface and sub-interface

ip flow egress or ip flow ingress

NOTE: To obtain ToS statistics, you should use ip flow egress in place of ip flow ingress when allowed. NetFlow Debug Commands:

show ip flow export

Displays general netflow statistics for the data export

show ip cache flow

Displays detailed netflow statistics

show snmp mib ifmib ifindex

Displays the router's interfaces and index numbers assigned by the router's snmp agent

3850

Commands:

Global configuration:

flow record branch  description netflow for branch-office  match ipv4 protocol  match ipv4 source address  match ipv4 destination address  match transport source-port  match transport destination-port  match interface input  collect transport tcp flags  collect interface output  collect counter bytes long  collect counter packets long  collect timestamp absolute first  collect counter bytes layer2 long ! ! flow exporter branch  description for branch-office  destination  source Loopback0  dscp 46  template data timeout 60  option interface-table ! ! flow monitor branch  description netflow for branch-office  exporter branch  cache timeout active 60  record branch ! ! sampler branch  description netflow for branch-office  mode random 1 out-of 1024

For each interface:

ip flow monitor branch sampler branch input ip flow monitor branch sampler branch output

4000/4500

Hardware Required: Supervisor IV engine with a Netflow Services daughter card (WS-F4531) IOS Version: 12.1(19)EW or greater

Commands:

ip cef  ip flow-export destination [address] 9995  ip flow-export version 5  ip flow-export source [interface]  ip flow-cache timeout active 1  ip route-cache flow infer-fields   The above is for NetFlow 5.  Cisco changed to a Nexus style IOS XE 3.x using Flexible NetFlow. This is the link to the Configuration Guide every IOS version.http://www.cisco.com/en/US/products/hw/switches/ps4324/products_installation_and_configuration_guides_list.htmlNote: With the current IOS the Catalyst 4500 series switch supports ingress flow statistics only and does not support Flexible Netflow on egress traffic.

You will not enter the ip route-cache flow command on each interface. NOTE: NetFlow is not necessary to be configured on loopback interfaces as no routed traffic should be passing on that interface type. Unsupported NetFlow Global Configuration Commands:

ip flow-aggregation cache  ip flow-cache entries  ip flow-export

4507

Hardware Required:NOT VERIFIED

Commands:

flow record r1  match ipv4 protocol  match ipv4 source address  match ipv4 destination address  match transport source-port  match transport destination-port  match interface input  collect interface output  collect counter bytes  collect counter packets   flow exporter e1  destination  source GigabitEthernet2/29  transport udp 9995   flow monitor m1  record r1  exporter e1  cache timeout inactive 30  cache timeout active 1   interface GigabitEthernet2/29  switchport mode access  ip flow monitor m1 input

6500

Hardware Required: Sup. II or 720 engine IOS Version: 12.1(13)E3 or greater (MSFC) CATOS Version: 7.6.1 or greater (PFC)

Hybrid or Native w RA

Sup Engines w RA

Commands:

Native Mode Global configuration:

ip flow-export source loopback [#]  ip flow-export version 5  ip flow-cache timeout active 1  ip flow-export destination [harvesterIP] 9995  snmp-server ifindex persist  mls nde sender version 5  mls flow ip interface-full  mls nde interface  mls aging long 64  mls aging fast time 16  mls aging normal 64 

Determine which Interface level command set to use based on IOS version IOS 12.2: For each interface (except sub-interfaces as this command will automatically apply to any subinterface):

ip route-cache flow 

IOS 12.3 or Greater: For each interface and sub-interface

ip flow egress OR ip flow ingress

If you are using ReporterAnalyzer 8.3 or greater, we recommend enabling both ip flow egress AND ip flow ingress on each interface and sub-interface. Hybrid Mode You must configure IOS using the Native commands above. Use the commands below for the CATOS side. In global configuration:

set mls flow full  set mls nde [harvesterIP] 9995  set mls nde version 5  set mls nde enable  set mls agingtime long 64  set mls agingtime fast 16 0 

To enable bridged statistics:

set mls bridged-flow-statistics enable *

*For Sup720 Hybrid with PFC3B or PFC3BXL, use the following commands instead of set mls bridged-flow-statistics enable (PFC3A does not support these commands):

set mls netflow-entry-create enable   set mls netflow-per-interface enable 

In PFC3A mode, NetFlow collects statistics only for routed traffic. With other PFCs, you can configure NetFlow to collect statistics for both routed and bridged traffic.
NetFlow Debug Commands:

show ip flow export

Displays general netflow statistics for the data export

show ip cache flow

Displays detailed netflow statistics

show snmp mib ifmib ifindex

Displays the router's interfaces and index numbers assigned by the router's snmp agent

7600

Hardware Required:** Sup. II or 720 engine IOS Version: 12.2S or greater (MSFC) CATOS Version: 7.6.1 or greater (PFC)

Hybrid or Native w RA

Sup Engines w RA

Commands:

Native Mode Global configuration:

ip flow-export source loopback [#]  ip flow-export version 5  ip flow-cache timeout active 1  ip flow-export destination [harvesterIP] 9995  snmp-server ifindex persist  mls nde sender version 5  mls flow ip interface-full  mls nde interface  mls aging long 64  mls aging fast time 16  mls aging normal 64 

Determine which Interface level command set to use based on IOS version IOS 12.2: For each interface (except sub-interfaces as this command will automatically apply to any subinterface):

ip route-cache flow 

IOS 12.3 or Greater: For each interface and sub-interface

ip flow egress OR ip flow ingress

If you are using ReporterAnalyzer 8.3 or greater, we recommend enabling both ip flow egress AND ip flow ingress on each interface and sub-interface. Hybrid Mode You must configure IOS using the Native commands above. Use the commands below for the CATOS side. In global configuration:

set mls flow full  set mls nde [harvesterIP] 9995  set mls nde version 5  set mls nde enable  set mls agingtime long 64  set mls agingtime fast 16 0 

To enable VRF-aware NetFlow1:

flow hardware mpls-vpn ip [vrf-id]

To enable bridged statistics:

set mls bridged-flow-statistics enable *

*For Sup720 Hybrid with PFC3B or PFC3BXL, use the following commands instead of set mls bridged-flow-statistics enable (PFC3A does not support these commands):

set mls netflow-entry-create enable   set mls netflow-per-interface enable 

In PFC3A mode, NetFlow collects statistics only for routed traffic. With other PFCs, you can configure NetFlow to collect statistics for both routed and bridged traffic. More Information
NetFlow Debug Commands:

show ip flow export

Displays general netflow statistics for the data export

show ip cache flow

Displays detailed netflow statistics

show snmp mib ifmib ifindex

Displays the router's interfaces and index numbers assigned by the router's snmp agent
Online Information on VRF-aware NetFlow: http://www.cisco.com/en/US/docs/ios/12_2sr/12_2srb/feature/guide/nfvrfsrb.html#wp1054900

ASA 5500

Hardware Required:** ASA 5500 NX-OS Version: 8.1(2) or greater Cisco's NX-OS NetFlow Configuration Cisco's implementation of NetFlow on the ASA Firewall line of products differs than the configuration of NetFlow using NX-OS, XR IOS, and IOS. The use of ACL's and existing policy maps is required.

Commands:

Global Configuration:

flow-export destination inside [IPofHarvester] 9995 flow-export delay flow-create 30 flow-export template timeout-rate 5

Disable SysLog Messages (Optional):

logging flow-export syslogs disable

Create ACL for traffic to capture and apply it to a class map:

access-list [NameofACL] extended permit ip any any   class-map [NameofClassMap] match access-list [NameofACL]

Policy Map definition (you can use the global policy or an already existing policy rather than creating a new one):

policy-map [PolicyMapName] class [NameofClass] flow-export event-type all destination [IPofHarvester]  service-policy [PolicyMapName] global

NetFlow Debug Commands:

show flow-export counters

Displays runtime counters for NetFlow including statistics and errors.

clear flow-export counters

Clears all runtime counters to zero. Online Information: Official Cisco ASA 5500 NetFlow Configuraiton Guide

ASA 5580

Hardware Required: ASA 5580 NX-OS Version: 8.1(2) or greater Cisco's NX-OS NetFlow Configuration Cisco's implementation of NetFlow on the ASA Firewall line of products differs than the configuration of NetFlow using NX-OS, XR IOS, and IOS. The use of ACL's and existing policy maps is required.

Commands:

Global Configuration:

flow-export enable flow-export destination inside [IPofHarvester] 9995 flow-export template timeout-rate 5

Disable SysLog Messages (Optional):

logging flow-export syslogs disable

NetFlow Debug Commands:

show running-config flow-export

Displays the status of flow exports. Online Information: Official Cisco ASA 5580 NetFlow Configuraiton Guide

 

Nexus 1000V

Hardware Required: Nexus 1000V NX-OS Version: 4.0 or greater Cisco's NX-OS NetFlow Configuration Cisco's new NX-OS contains a completely different set of CLI commands versus the widely known IOS platform. With NX-OS, Netflow configuraiton is created by multiple mappings and record formats. These mappings and records are split into various types listed below. When moving from one section to the other, you should make sure you exit back to configuration mode form the sub-mode you are in. IMPORTANT: You must use NetFlow v9 in order for reporting to work in ReporterAnalyzer. Version 5 will not produce proper reporting.

Commands:

Create Flow Record - not necessary unless you are customizing information sent to NFA, use predefined netflow-original record in most cases:

flow record [nameOfFlowRecord] match ipv4 source address match ipv4 destination address

Create Flow Exporter - required:

flow exporter [nameOfExporter] destination [IPofHarvester] source [interfaceName] transport udp 9995 version 9 template data timeout 300

Create Flow Monitor (required, links Flow Exporter to Flow Record):

flow monitor [nameOfMonitor] exporter [nameOfExporter] record netflow-original cache timeout active 60 cache size 4096

For each Interface:

ip flow monitor [nameOfMonitor] input OR output

If you are using ReporterAnalyzer 8.3 or greater, we recommend enabling both ip flow egress AND ip flow ingress on each interface and sub-interface. NOTE: NetFlow is not necessary to be configured on loopback interfaces as no routed traffic should be passing on that interface type. NetFlow Debug Commands:

show flow [exporter | interface | monitor | record | timeout]

Displays general netflow statistics for the selected option Online Information: Official Cisco Nexus 1000V Series NX-OS NetFlow Configuration Guide

Nexus 7000

Hardware Required: Nexus 7000 family NX-OS Version: 4.0(2) or greater Cisco's NX-OS NetFlow Configuration Cisco's new NX-OS contains a completely different set of CLI commands versus the widely known IOS platform. With NX-OS, Netflow configuration is created by multiple mappings and record formats. These mappings and records are split into various types listed below. When moving from one section to the other, you should make sure you exit back to configuration mode form the sub-mode you are in. IMPORTANT: VLAN interfaces that have DHCP relay enabled cannot supply inbound (ingress) NetFlow on Nexus 7000 switches. Cisco Bug ID: CSCtf36357. IMPORTANT: You must use NetFlow v9 in order for reporting to work in ReporterAnalyzer. Version 5 will not produce proper reporting.

Commands:

In global configuration:

feature netflow flow timeout active 60 flow timeout inactive 59 flow timeout fast 64 threshold 30

Create Flow Record (only if not using the default flow record type):

flow record [nameOfFlowRecord] match ip protocol match ip tos match transport source-port match transport destination-port match ipv4 source address match ipv4 destination address match input interface match output interface collect routing source as collect routing destination as collect routing next-hop address ipv4 collect transport tcp flags collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last

Create Flow Exporter:

flow exporter [nameOfExporter] destination [IPofHarvester] source [interfaceName] transport udp 9995 version 9 option exporter-stats timeout 60

NOTE: If using version 9 netflow, include the following command:

template data timeout 300

Create Flow Monitor (references Flow Exporter):

flow monitor [nameOfMonitor] exporter [nameOfExporter] record netflow-original

For each Interface:

ip flow monitor [nameOfMonitor] input OR output

If you are using ReporterAnalyzer 8.3 or greater, we recommend enabling both ip flow egress AND ip flow ingress on each interface and sub-interface. To enable Bridged Netflow on a VLAN(s):

ip flow monitor [nameOfMonitor] input OR output

If you are using ReporterAnalyzer 8.3 or greater, we recommend enabling both ip flow egress AND ip flow ingress on each interface and sub-interface. NOTE: You can enter a VLAN range prior to entering the command above (i.e. vlan 1 - 3967 instead of each vlan separately) NOTE: NetFlow is not necessary to be configured on loopback interfaces as no routed traffic should be passing on that interface type. NetFlow Debug Commands:

show flow [exporter | interface | monitor | record | timeout]

Displays general netflow statistics for the selected option

show hardware flow utilization module [module]

Displays information about Netflow utilization in hardware

show hardware flow ip

Displays the flow records currently in memory (cache). Online Information: Official Cisco Nexus 7000 Series NX-OS NetFlow Configuration Guide

 

XR 12000

Hardware Required: XR 12000 Router IOS XR Version: XR 3.4.0 (3.5.0+ required for MPLS NetFlow accounting)

Commands:

In global configuration:

flow exporter-map [exporter name] destination [IPAddressOfHarvester] source [interfaceName] transport udp 9995 version v9 options interface-table timeout 60 options sampler-table timeout 60 template timeout 5 template data timeout 5 template options timeout 5   end (to get out of exporter-map configuration)   sampler-map [sampler name] random 1 out-of 2   end (to get out of sampler configuration)   flow monitor-map [map name] record ipv4 exporter [exporter name] cache timeout active 60   end (to get out of monitor map configuration)

For each interface:

flow ipv4 monitor [map name] sampler [sampler-name] ingress

If MPLS switching of IP traffic is enabled and being performed by the router, the following command must be enabled in MPLS LDP configuraiton mode for traffic to match the exporter-map:

default-route

NOTE: Cisco IOS XR software supports export format Version 9 only. NOTE: NetFlow is not necessary to be configured on loopback interfaces as no routed traffic should be passing on that interface type. NetFlow Debug Commands:

show flow exporter-map [exporterName]

Displays exporter map data

show sampler-map

Displays sampler map data

show flow monitor-map

Displays flow monitor map data Online Information on Cisco IOS XR NetFlow

 

CSR1000

Example AVC NBAR2 Cisco configuration from a CSR1000:

 

flow record nfa-record
      match ipv4 tos
      match ipv4 ttl
      match ipv4 protocol
      match ipv4 source address
      match ipv4 destination address
      match transport source-port
      match transport destination-port
      match interface input
      match interface output
      match application name
      collect counter bytes
      collect counter packets
      collect timestamp sys-uptime first
      collect timestamp sys-uptime last

 

flow exporter nfa-exp
      destination [IP-ADDRESS of NFA]
      source GigabitEthernet1
      transport udp 9995
      template data timeout 60

 

flow monitor nfa-monitor
      exporter nfa-exp
      cache timeout inactive 60
      cache timeout active 60
      record nfa-record

 

interface GigabitEthernet2
      description Connection to BRANCH3 LAN
      ip flow monitor nfa-monitor input
      ip flow monitor nfa-monitor output

 

Device Support

Hardware PlatformIOS Release Version + Other RequirementsSupports NetFlow
ASA Firewall-0
80012.3T1
100012.0T1
160012.0T1
170012.0T1
172012.0T1
180012.3T1
250012.0T1
260012.0T1
280012.3T1
280112.3T1
2900-0
2950-0
2950LRE-0
3500-0
3550-0
3560-0
360012.0T1
366012.0T1
372512.3T1
374512.0S1
3750-0
380012.3T1
382512.3T1
400012.1(19) Supervisor IV engine NetFlow daughter card WS-F45311
450012.1(19) Supervisor IV engine NetFlow daughter card WS-F45311
470012.0T1
650012.1(13)E1
720012.0T1
730012.2S1
750012.0T1
760012.2S1
1000012.2S1
1200012.0(14)1
AS 530012.0T1
AS 580012.0T1
BPx 865012.0T1
MGX 8800 RMP12.0T1
RSP 700012.0T1
RSP 720012.0T1
RSM12.0T1
uBR 720012.0T1
uBR 750012.0T1
NX-OS 1000V4.01
NX-OS 70004.0(2)1
XR 120003.41

Tips & Tricks

Enterasys

Matrix N-Series

Hardware Required: Matrix N-Series with 256MB or greater memory option installed Software Version: 5.31.17 or greater

Commands:

In global configuration:

set netflow export-interval 1 set netflow export-destination [harvesterIP] 9995 set netflow port [port name or link aggregator name] enable set netflow port [ethernet module].[port name or list] enable set netflow cache enable 

NetFlow Debug Commands:

show netflow statistics

Displays all netflow statistics for the data export

show netflow configuration

Displays your current netflow configuration Online Information for Matrix N-Series NetFlow Configuration

 

X-Pedition SmartSwitch

 

Hardware Required: X-Pedition SmartSwitch Router Software Version: 9.0 or greater

Commands:

In global configuration:

netflow set interval 1  netflow set memory 8000  netflow set ports all-ports  netflow set priority low  netflow set collector [harvesterIP] flow-destination-port 9995 netflow enable 

NetFlow Debug Commands:

netflow show all

Displays all netflow statistics for the data export

netflow show configuration

Displays your current netflow configuration

HP

3500, 5400, & 6200

Hardware Required: 3500, 5400, 6200 Software Version: 12.1 or greater

Commands:

In global configuration:

sflow [sFlowReceiverInstance] destination [harvesterIP] 9995  sflow [sFlowReceiverInstance] polling [ethernet] [portNumber, portNumber, ...] 60 sflow [sFlowReceiverInstance] sampling [ethernet] [portNumber, portNumber, ...] 50

Example:

sflow 1 destination 192.168.5.200 9995  sflow 1 polling 2,3,4 60  sflow 1 sampling 2,3,4 50 

Online Information

 

9300 & 9400

Hardware Required: 9300, 9400 Software Version: 2.3 or greater

Commands:

In global configuration:

int e [start port] to [end port]  sflow forwarding  sflow destination [harvesterIP] 9995  sflow sample [sampling rate]  sflow polling-interval [polling rate]  sflow enable 

Example:

int e 1/1 to 4/48  sflow forwarding  sflow destination 10.1.2.5 9995  sflow sample 128  sflow polling-interval 30  sflow enable 

Online Information

Other Models

Hardware Required: 2800, 2810, 2900, 3400, 4200, 5300, and 5300 WESM Software Version:

Commands:

In global configuration:

setmib sFlowRcvrAddress.1 -o [harvesterIP in HEX]  setmib sFlowRcvrPort.1 -i 9995 setmib sFlowRcvrOwner.1 -D [NameOfReceiver] sFlowRcvrTimeout.1 –i [timeout] setmib 1.3.6.1.4.1.14706.1.1.5.1.4.11.1.3.6.1.2.1.2.2.1.1.[IFIndexOfInterface].1 -i 128 setmib 1.3.6.1.4.1.14706.1.1.5.1.3.11.1.3.6.1.2.1.2.2.1.1.[IFIndexOfInterface].1 -i 1 

NOTE: Timeout is how long to sample for in seconds. It is a countdown to stop sampling the data. Once the timeout value hits 0 you will no longer see data. You should set this value to the highest possible.

Juniper

J Series

Related documentation.

M Series

Notes: These commands are untested and unsupported by NetQoS Hardware Required: M-Series M10i Software Version: JunOS 8.3R3.4

Commands:

There are 2 ways to enable jFlow based on configuration mode. Use the commands below for the appropriate mode you are in. Traditional JunOS:

forwarding-options {     sampling {         input {             family inet {                 rate [sampling rate];             }         }         output {             cflowd [IPofHarvester] {                 port 9995;                 source-address [SourceAddress];                 version 5;             }             flow-active-timeout 60;         }     }     family inet {         filter {             input [filter name];         }     } }   firewall {     family inet {     filter [filter name] {         term sample {             then {                 sample;                 accept;             }         }     }    Example: forwarding-options {     sampling {         input {             family inet {                 rate 100;             }         }         output {             cflowd 192.168.0.2 {                 port 9995;                 source-address 192.168.5.1;                 version 5;             }             flow-active-timeout 60;         }     }     family inet {         filter {             input JFlow-test;         }     } }   firewall {     family inet {     filter JFlow-test {         term sample {             then {                 sample;                 accept;             }         }     } 

New Command Format Mode:

set forwarding-options sampling input family inet rate [sampling rate] set forwarding-options sampling output cflowd [IPofHarvester] port 9995 set forwarding-options sampling output cflowd [IPofHarvester] source-address [SourceAddress] set forwarding-options sampling output cflowd [IPofHarvester] version 5 set forwarding-options sampling output flow-active-timeout 60 set firewall filter [filter name] term sample then sample set firewall filter [filter name] term sample then accept set forwarding-options family inet filter input [filter name]

Example:

set forwarding-options sampling input family inet rate 100 set forwarding-options sampling output cflowd 10.x.x.x port 9995 set forwarding-options sampling output cflowd 10.x.x.x source-address 192.x.x.x set forwarding-options sampling output cflowd 10.x.x.x version 5 set forwarding-options sampling output flow-active-timeout 60 set firewall filter JFlow-test term sample then sample set firewall filter JFlow-test term sample then accept set forwarding-options family inet filter input JFlow-test

E Series

Notes: These commands are untested and unsupported by NetQoS

Hardware Required: E-Series ERX-1440, ERX-1410, ERX-710, ERX-705, ERX-310

Software Version: JunOS 6.0 Sampling Explained Packet sampling occurs individually for each processor. Because the router distributes packets over multiple processors, sampling occurs when each processor reaches the specified packet interval. Setting a sampling interveral to a small value can cause performance problems with the router, and may even crash it. You should contact Juniper for the best setting based on the router's traffic volume. In general, a setting less than 100 can be dangerous.

Commands:

Global Configuration Mode:

ip flow statistics ip flow-sampling-mod packet-interval [number of packets to obtain 1 sample] ip flow-cache timeout active 1 ip flow-cache timeout inactive 60 ip flow-export source [interface] ip flow-export [IP of Harvester] 9995 version 5 peer-as

On each interface:

ip route-cache flow sampled

Nortel

5500

Hardware Required: 5500 PassPort Switch Software Version: 5.0 or greater

Commands:

In global configuration:

ip ipfix enable ip ipfix slot [slotNumber] aging-interval 60 export-interval 60 template-refresh-interval 600 ip ipfix collector 1 [harvesterIP]

On each Port:

ip ipfix port [portNumber,portNumber,...]

On each Interface:

ip ipfix enable

IPFIX Debug Commands:

show ip ipfix table 1

Displays IPFIX flows Official Nortel IPFIX Configuration Guide More Information from NetQoS: Nortel 5500 PassPort Switch Configuraiton Guide with IPFIX Information and alternate configuration methods.

8600

Hardware Required: 8600 PassPort Switch Software Version: 5.1 or greater

Commands:

In global configuration:

config ip ipfix state enable config ip ipfix slot [slotNumber] active-timeout 30 aging-interval 60 export-interval 60 exporter-state enable template-refresh 800 config ip ipfix slot [slotNumber] collector add [harvesterIP] protocol udp dest-port 9995 exporter-ip [PassPortSwitchIPAddress] protocol-version ipfix enable true

On each Port:

config ip ipfix port [slotNumber/portNumber] all-traffic enable

IPFIX Debug Commands:

show ip ipfix flows [slotNumber]

Displays all IPFIX statistics on the designated slot

show ip ipfix collector-info [slotNumber]

Displays collector information

show ip ipfix interface [portNumber]

Shows IPFIX interface information for each port Official Nortel IPFIX Configuration Guide More Information from NetQoS: Nortel 5500 PassPort Switch Configuraiton Guide with IPFIX Information and alternate configuration methods.

 

3COM

SG300

Hardware Required:****Software Version:

Commands:

4550G

Hardware Required:****Software Version:

Commands:

1 person found this helpful

Attachments

    Outcomes