Difference between revisions of "Cisco NetFlow Version 5.0 Setup"
From Observer GigaFlow Support | VIAVI Solutions Inc.
Kevin Wilkie (Talk | contribs) (Created page with "'''Netflow Version 5''' is the most popular and one of the simplest versions of netflow to enable. Its popular due to its almost ubiquitous support on Cisco routers as well as...") |
|||
(3 intermediate revisions by one user not shown) | |||
Line 1: | Line 1: | ||
+ | [[Category:NetFlow]] | ||
+ | [[Category:Technical Notes]] | ||
'''Netflow Version 5''' is the most popular and one of the simplest versions of netflow to enable. | '''Netflow Version 5''' is the most popular and one of the simplest versions of netflow to enable. | ||
Its popular due to its almost ubiquitous support on Cisco routers as well as the fact that it is also the most efficient in terms of bandwidth usage. | Its popular due to its almost ubiquitous support on Cisco routers as well as the fact that it is also the most efficient in terms of bandwidth usage. |
Latest revision as of 11:46, 23 November 2018
Netflow Version 5 is the most popular and one of the simplest versions of netflow to enable. Its popular due to its almost ubiquitous support on Cisco routers as well as the fact that it is also the most efficient in terms of bandwidth usage.
To enable netflow you must first enable the global set of commands:
- ip flow-export destination ip_address port
- ip flow-export source interface
- ip flow-export version 5 [peer-as | origin-as]
- ip flow-cache timeout active 1
- ip flow-cache timeout inactive 15
- snmp-server ifindex persist
Then enable netflow on all layer 3 interfaces you wish to monitor: On older devices use:
- ip route-cache flow
Newer devices would use
- ip flow ingress
There is also the "ip flow egress" command. This would be used under special circumstances where the above commands can't be applied or you want to capture the Netflow after traffic has been marked.