I’ve posted in the past about when to use egress NetFlow. I’ve generally felt that there are primarily 3 reasons to enable NetFlow with egress flows. There are other reasons, but here are my top 3:
- WAN Compression
- Exporting on one interface
Today I want to talk about a 4th reason to enable egress flows: MPLS. Why do you need egress NetFlow with MPLS? The Cisco documentation says it best:
<< BEGIN >>
One common application of the MPLS egress NetFlow accounting feature allows you to capture the MPLS virtual private network (VPN) IP flows that are traveling from one site of a VPN to another site of the same VPN through the service provider backbone.
Formerly, you captured flows only for IP packets on the ingress interface of a router. You could not capture flows for MPLS encapsulated frames, which were switched through Cisco Express Forwarding (CEF) from the input port. Therefore, in an MPLS VPN environment you captured flow information as packets were received from a customer edge (CE) router and forwarded to the backbone. However, you could not capture flow information as packets were transmitted to a CE router because those packets were received as MPLS frames.
The MPLS egress NetFlow accounting feature lets you capture the flows on the outgoing interfaces.
The PE routers export the captured flows to the configured collector devices in the provider network. The NetFlow Analyzer or the VPN solution center (VPN-SC) application collects this information and computes and displays site-to-site VPN traffic statistics.
<< END >>
If you need to enable MPLS Egress NetFlow, there are some prerequisites:
The network must support the following Cisco IOS features before you enable the MPLS egress NetFlow accounting feature:
- Multiprotocol label switching (MPLS)
- IP Cisco Express Forwarding (CEF)
- The NetFlow collector must be able to handle a mixture of ingress and egress flows enabled on different interfaces of the same router. Only best at NetFlow solutions can do this.
In IOS config mode, simply go to the targeted interface and type in:
Router(config-if)# mpls netflow egress
If you are interested in reporting on MPLS tags, send me a packet capture and I’ll make sure the reports get created. I’ve been known to cut deals to make things happen. 🙂