Netflow cisco IOS

From Teknologisk videncenter
Jump to: navigation, search

Netflow versoin 5

router#enable
Password:*****
router#configure terminal
router-2621(config)#interface FastEthernet 0/1
router-2621(config-if)#ip route-cache flow
router-2621(config-if)#exit 
router-2621(config)#ip flow-export destination 192.168.9.101 9996
router-2621(config)#ip flow-export source FastEthernet 0/1
router-2621(config)#ip flow-export version 5
router-2621(config)#ip flow-cache timeout active 1
router-2621(config)#ip flow-cache timeout inactive 15
router-2621(config)#snmp-server ifindex persist
router-2621(config)#^Z
router#write
router#show ip flow export
router#show ip cache flow

Paessler on Cisco IOS

!
! Step 1: Enabling NetFlow
!
! Note: For PRTG we need NetFlow versions 5 or 9,
!       no other NetFlow version is supported currently
!
<input>ip flow-export version 5</input>
! or
! ip flow-export version 9
!
! Note: we recommend these values for the timeouts
!
! timeout active value is in minutes
<input>ip flow-cache timeout active 5</input>
!
! timeout inactive value is in seconds
<input>ip flow-cache timeout inactive 10</input> 
!
! Step 2: Setting the target address for NetFlow Packets:
!
! Replace 10.0.0.200 with the IP address of your machine running PRTG
! Replace 9991 with another port number of your choice if desired
!
<input>ip flow-export destination 10.0.0.200 9991</input>
!
! Step 3: You can optionally send all NetFlow packets to one other machine, too
!
<input>ip flow-export destination 10.0.0.201 9991</input>
!
! Step 4: Create a "NetFlow Sensor" in PRTG (V7 or later) and enter the port number set above
!
! That's it

Netflow version 9

Example 

flow record NF1
 match datalink mac source address input
 match datalink mac destination address input
 match ipv4 tos
 match ipv4 ttl
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 collect interface input
 collect interface output
 collect counter bytes
 collect counter packets
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last
!
!
flow exporter NF1_EXPORT
 destination 192.168.1.98
 source GigabitEthernet8
 transport udp 2055
!
!
flow monitor NF1
 exporter NF1_EXPORT
 cache timeout active 60
 statistics packet protocol
 statistics packet size
 record NF1
!
interface GigabitEthernet8
 ip address 192.168.1.84 255.255.255.0
 ip flow monitor NF1 input
 ip flow monitor NF1 output
 ip nat outside

Links

Retrieved from "http://mars.merhot.dk/w/index.php?title=Netflow_cisco_IOS&oldid=40536"