We’ve been discussing Cisco AVC NetFlow reporting a lot lately, but what if you’re not yet at the latest Cisco IOS revisions? If you have IOS 15.1(3), but not 15.1(4), no worries, Cisco Performance Monitoring NetFlow reporting can still provide some valuable performance metrics reporting for you.
The minimum revision requirement for performance monitor phase 1 is Cisco IOS version 15.1(3)T. Phase 1 provides data for reporting on jitter, packet loss, round trip times, NBAR reporting, and more.
Here’s an example of the rich NetFlow reporting available with Performance Monitor Phase 1.
Not only do you get some really great network performance reporting, but you can also get basic flow accounting information for your NetFlow reporting (bandwidth monitoring, conversations, top talkers, etc.). I came upon this while working with a prospective customer, Lee, helping him with his router’s NetFlow configurations.
Performance Monitoring NetFlow configuration
So without further ado, let’s jump into the Flexible NetFlow configuration required for that advanced reporting.
We started with the NetFlow configuration example given in the Cisco Performance Reporting on your Medianet blog and expanded on it to include the basic flow accounting information that Lee required.
By adding an additional flow record, and with a little tweaking here and there, Lee was then able to meet his own requirements and very graciously shared his configuration with us.
I’ve included the full Performance Monitoring NetFlow configuration below, with Lee’s additions for basic Flow Accounting in red.
********************************************************************
Update from Lee:
“One caveat that I have found is: in order to get the “match protocol cisco-phone” command to work in the “realtime” class-map, the router has to have a Data license.
This can be turned on with this command:
Router(config-if)# license boot module c2900 technology-package datak9″
********************************************************************
ip cef ! flow record type performance-monitor TCP match ipv4 protocol match ipv4 source address match ipv4 source prefix match ipv4 destination address match ipv4 destination prefix match transport source-port match transport destination-port collect routing forwarding-status collect ipv4 dscp collect ipv4 ttl collect ipv4 source mask collect ipv4 destination mask collect transport round-trip-time collect transport event packet-loss counter collect interface input collect interface output collect counter bytes collect counter packets collect counter bytes rate collect timestamp interval collect application media bytes counter collect application media packets rate collect application media event collect monitor event ! ! flow record type performance-monitor RTP match ipv4 protocol match ipv4 source address match ipv4 source prefix match ipv4 destination address match ipv4 destination prefix match transport source-port match transport destination-port match transport rtp ssrc collect routing forwarding-status collect ipv4 dscp collect ipv4 ttl collect ipv4 source mask collect ipv4 destination mask collect transport packets expected counter collect transport packets lost counter collect transport packets lost rate collect transport event packet-loss counter collect transport rtp jitter mean collect transport rtp jitter minimum collect transport rtp jitter maximum collect interface input collect interface output collect counter bytes collect counter packets collect counter bytes rate collect timestamp interval collect application media bytes counter collect application media bytes rate collect application media packets counter collect application media packets rate collect application media event collect monitor event ! ! flow record FNF match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface input match interface output match flow direction collect routing source as collect routing destination as collect routing next-hop address ipv4 collect ipv4 source prefix collect ipv4 destination prefix collect transport tcp flags collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last ! ! flow exporter SCRUTINIZER description FLEXIBLE NF V9 destination [ Scrutinizer's IP] source [Interface] transport udp 2055 template data timeout 60 option interface-table option exporter-stats option application-table ! ! flow monitor type performance-monitor RTP description RTP stats record RTP exporter SCRUTINIZER ! ! flow monitor type performance-monitor TCP description TCP stats record TCP exporter SCRUTINIZER ! ! flow monitor FNF exporter SCRUTINIZER cache timeout active 60 record FNF ! class-map match-any TCP-class match access-group 100 ! class-map match-any realtime match protocol rtp audio match protocol rtp video match protocol cisco-phone ! policy-map type performance-monitor RTPMON class realtime flow monitor RTP monitor parameters interval duration 10 flows 100 class TCP-class flow monitor TCP monitor parameters flows 1000 ! access-list 100 permit tcp any any ! !Interface configuration ip flow monitor FNF input ip flow monitor FNF output service-policy type performance-monitor input RTPMON service-policy type performance-monitor output RTPMON
If you’d like to discuss this further, please contact us directly at 207-324-8805 x3 and we can show you how to get the most out of Cisco Performance NetFlow reporting.
