For those of you interested in setting up Cisco Performance reporting via Flexible NetFlow to gain latency insight into your Medianet (E.g. VoIP, Video, etc.), I’ll provide the Flexible NetFlow configuration instructions in this post.

This will allow the Cisco router to export additional characteristics about each flow:

  • Jitter: the variation in delay viewed at a particular point compared with the source. Ideally, this value shouldn’t go above 5ms.
  • Packet loss: loss of datagrams in the connection
  • Transport Event Packet Loss: indicates a loss of an unknown number of a sequential run of packets.
  • Round Trip Time: calculated via measuring the time delta between the SYN and the ACK of the TCP flags.

When finished, you’ll need a NetFlow Collector that can provide reports on these new exports.

Cisco Medianet Report

To start, the router must be running at least Cisco IOS version 15.1.(3)T and you may also need to apply a license (e.g. datak9).   The Flexible NetFlow configuration on one of our routers is as follows:

!
flow record type performance-monitor performancemonitor
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect routing forwarding-status
collect ipv4 dscp
collect ipv4 ttl
collect ipv4 source mask
collect ipv4 destination mask
collect transport packets expected counter
collect transport packets lost counter
collect transport packets lost rate
collect transport round-trip-time
collect transport event packet-loss counter
collect transport rtp jitter mean
collect transport rtp jitter minimum
collect transport rtp jitter maximum
collect interface input
collect interface output
collect counter bytes
collect counter packets
collect timestamp interval
collect application media bytes counter
collect application media bytes rate
collect application media packets counter
collect application media packets rate
collect application media event
collect monitor event
!
flow monitor type performance-monitor performancemonitor
description performance monitor stuff
record performancemonitor
exporter export-to-faqa
!

flow exporter export-to-demo
description flexible NF v9
destination 10.10.10.10
source FastEthernet0/0
transport udp 2055
template data timeout 60
option interface-table
option exporter-stats
option application-table

policy-map type performance-monitor performancemonitor
class class-default
flow monitor performancemonitor
monitor metric rtp
min-sequential 2
max-dropout 2
max-reorder 4
monitor metric ip-cbr
rate layer3 packet 1

interface FastEthernet0/0
description External Non-firewalled net
ip address 10.10.10.1  255.255.255.0
no ip proxy-arp
ip nbar protocol-discovery
duplex auto
speed auto
service-policy type performance-monitor input performancemonitor
service-policy type performance-monitor output performancemonitor
!
interface FastEthernet0/1
description SonicWALL LAN/DMZ link
ip address 10.10.2.1 255.255.255.0
no ip proxy-arp
ip nbar protocol-discovery
duplex auto
speed auto
service-policy type performance-monitor input performancemonitor
service-policy type performance-monitor output performancemonitor
!
interface Serial0/0/0
description T1 WAN to Oxford Networks
ip address 10.10.3.1 255.255.255.0
ip access-group 1 in
ip directed-broadcast
no ip proxy-arp
ip nbar protocol-discovery
no fair-queue
service-module t1 timeslots 1-24
no cdp enable
service-policy type performance-monitor input performancemonitor
service-policy type performance-monitor output performancemonitor

If you have further questions contact us or visit the Cisco web site on media monitoring.  This topic will be covered this summer in our advance NetFlow training course “FlowFest 2011”.

Michael

Michael

Michael is one of the Co-founders and the former product manager for Scrutinizer. He enjoys many outdoor winter sports and often takes videos when he is snowmobiling, ice fishing or sledding with his kids. Cold weather and lots of snow make the best winters as far as he is concerned. Prior to starting Somix and Plixer, Mike worked in technical support at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix which later became Plixer.

Related

Big Data

Sankey Flow Graph

One of the greatest benefits of NetFlow collection for traffic analysis, is we’re provided with the ability to visualize the…