Configure NetFlow v9 for Cisco 4500 Sup7e

Posted in NetFlow, NetFlow Analyzer on June 8th, 2011 by Joanne
Configure NetFlow v9 for Cisco 4500 Sup7e

Cisco Catalyst 4500 Supervisor Engine 7-E

The Cisco Catalyst 4500E is one of the latest kids on the block, so the age old question in our world is, “How do you configure NetFlow on this?”

Well, I was fortunate enough to be able to work with one of Cisco’s engineers on working the kinks out of the configuration, and getting the following working Flexible NetFlow configuration:

 

--------------------------------------------------------
flow record r1
     match ipv4 protocol
     match ipv4 source address
     match ipv4 destination address
     match transport source-port
     match transport destination-port
     match interface input
     collect routing forwarding-status
     collect transport tcp flags
     collect interface output
     collect counter bytes long
     collect counter packets long
     collect timestamp sys-uptime first
     collect timestamp sys-uptime last
!
!
flow exporter e1
     destination 10.10.20.2
     source VLAN1
     transport udp 9996
     template data timeout 60
!
!
flow exporter e2
     destination 10.10.30.2
     source VLAN1
     transport udp 9996
     template data timeout 60
!
!
flow monitor m1
     record r1
     exporter e1
     exporter e2
     cache timeout inactive 30
     cache timeout active 60
     cache entries 1000

--------------------------
vlan configuration 301
    ip flow monitor m1 input

or 

interface x/x
  ip flow monitor m1 input

--------------------------------------------------------

The Flow Record includes the key fields that you will be exporting — the ‘match’ statements, and the non-key fields in the flow record — the ‘collect’ statements.

The fields included in this Flow Record example are the basic fields to export to and report by a NetFlow collector and analyzer tool.  More information on other fields that can be added can be found on this Cisco 4500 FNF configuration page.

The Flow Exporter defines where and how to export to your NetFlow Collector.  As always with Flexible NetFlow, you can export flows to multiple collectors.  In our example, we have two Flow Exporters, ‘flow exporter e1′ and ‘flow exporter e2′.

The definitions in the Flow Exporter include ‘destination’ which is the IP Address of your NetFlow collector, ‘source’ which is the interface exporting the flows from the 4500, ‘transport’ (optional) which defines which udp port you are exporting to and the collector is listening on, and ‘template data timeout’ defines the frequency that flow templates are exported.

Flow Monitor brings the flow records and flow exporters together and adds your timeout values.  This provides for one command to set per interface.

Which brings us to the interface level, and at this level, you enter the configuration mode for the interface, and then add the ‘ip flow monitor m1 input’ command to enable FNF for that interface.

Once this configuration is completed, and your NetFlow collector is receiving flows from the 4500, your reporting options are endless.

 

Best in Class NetFlow reporting

 

Do you own Cisco 4500E’s and are you exporting FNF?  We would love to hear your comments.


Joanne Ghidoni
Sr. Solutions Engineer

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.
Tags: , , , ,

5 Responses to “Configure NetFlow v9 for Cisco 4500 Sup7e”

  1. NetFlow Support: Cisco 45xx-E, 2960, 3560, 3750 - NetFlow & sFlow Network Monitoring - Systrax Says:

    [...] Several months ago I blogged about configuring the Cisco 4500 Sup7e for NetFlow v9 and have since had calls asking how to configure a 4510 or 4503.  Hmmmmmm…… I had blogged about that, but hadn’t included all the models it applied to.  So if you have any of these devices:  Cisco 4503-E, 4506-E, 4507-E, or 4510R+E, you should check out my blog on Cisco 45xx-E NetFlow configuration. [...]

  2. Configure NetFlow v9 for Cisco 4500 Sup7e Part 2 - NetFlow & sFlow Network Monitoring - Systrax Says:

    [...] 2 Posted in Flexible NetFlow, NetFlow on November 2nd, 2011 by Jo-G Expanding on part 1 of the Configure NetFlow v9 for Cisco 4500 Sup7e blog, today I’ll be exploring what changes are needed to the Flexible NetFlow configuration [...]

  3. Jeremy Mann Says:

    4506-E does not support netflow, the flow commands don’t run

  4. Jo-G Says:

    Hi Jeremy,

    Do you have Supervisor Engine 7E for your 4506? If so, and these commands still don’t work, either contact us at 207-324-8805 or contact Cisco for assistance.

    – Joanne

  5. Jimmy Wendler Says:

    I was setting up a 4500 with a sup-7E today and I noticed that this device does not support the “collect interface output” command. If this is in your configuration you cannot export flows so make sure you remember to take this out. Because it will be missing the egress interface only inbound reports will work with this configuration. For more information about the NetFlow setup for a 4500 with the sup-7e check out the following link:
    http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/3.1.1SG/configuration/guide/fnf.html

Leave a Reply

You must be logged in to post a comment.