Difference between revisions of "Cisco"
From Observer GigaFlow Support | VIAVI Solutions Inc.
Kevin Wilkie (Talk | contribs) |
Kevin Wilkie (Talk | contribs) |
||
| Line 3: | Line 3: | ||
| − | To enable netflow you must first enable the global set of commands | + | To enable netflow you must first enable the global set of commands: |
:ip flow-export destination '''ip_address''' '''port''' | :ip flow-export destination '''ip_address''' '''port''' | ||
:ip flow-export source '''interface''' | :ip flow-export source '''interface''' | ||
| Line 11: | Line 11: | ||
:snmp-server ifindex persist | :snmp-server ifindex persist | ||
| − | Then enable netflow on | + | Then enable netflow on all layer 3 interfaces you wish to monitor: |
| + | On older devices use: | ||
| + | :ip route-cache flow | ||
| + | Newer devices would use | ||
| + | :ip flow ingress | ||
| + | |||
| + | There is also the "ip flow egress" command. This would be used under special circumstances where the above commands can't be applied or you want to capture the Netflow after traffic has been parked. | ||
Revision as of 11:09, 30 September 2016
Netflow Version 5 is the most popular and one of the simplest versions of netflow to enable. Its popular due to its almost ubiquitous support on Cisco routers as well as the fact that it is also the most efficient in terms of bandwidth usage.
To enable netflow you must first enable the global set of commands:
- ip flow-export destination ip_address port
- ip flow-export source interface
- ip flow-export version 5 [peer-as | origin-as]
- ip flow-cache timeout active 1
- ip flow-cache timeout inactive 15
- snmp-server ifindex persist
Then enable netflow on all layer 3 interfaces you wish to monitor: On older devices use:
- ip route-cache flow
Newer devices would use
- ip flow ingress
There is also the "ip flow egress" command. This would be used under special circumstances where the above commands can't be applied or you want to capture the Netflow after traffic has been parked.
