How to Configure Cisco 6500 Sup2T NetFlow

In this blog I will be discussing how to configure Cisco 6500 Sup2T NetFlow. The Cisco 6500 Supervisor Engine 2T exports Flexible NetFlow, so your old Cisco 6509 NetFlow configuration will no longer be compatible with this setup.

How to Configure Cisco 6500 Sup2T NetFlow

This Flexible NetFlow configuration guide is for Cisco IOS release 15. Cisco’s Flexible NetFlow counts CEF-switched packets only. Process-switched transit packets and locally generated traffic are not counted.

There are four main components involved in configuring Flexible NetFlow; setting up a NetFlow Record, a Flow Exporter, a Flow Monitor, and then applying the Flow Monitor.

Configure the NetFlow Record

When configuring Cisco 6500 Sup2T Flexible NetFlow you have the option to use a predefined NetFlow record, or you can build one of your own. A predefined NetFlow record emulates NetFlow v9 and is quick to configure. If you configure your own NetFlow record you can benefit by getting additional information such as Cisco Medianet Performance Monitoring, Cisco NetFlow NBAR (Network Based Application Recognition), and MAC addresses.

In this example we will use a predefined NetFlow record called NetFlow-original. If you would like to create your own record, here are some configuration examples for customizing NetFlow record.

Configure the NetFlow Flow Exporter

A flow exporter is used to tell the Cisco 6500 Sup2T where to send the NetFlow data. In the example below, you will need to change the destination IP address, and possibly the source interface.

!
configure terminal
flow exporter scrutinizer
description Exports to Scrutinizer
destination 10.1.1.1
source loopback0
template data timeout 60
transport udp 2055
end
!


Configure the NetFlow Flow Monitor

A flow monitor creates a NetFlow cache that the device will use for collecting flow data. The flow monitor also ties together the NetFlow record and the flow exporter. With Cisco 6500 Sup2T NetFlow the NetFlow cache has been significantly increased to help resolve some of the older Cisco 6500 NetFlow problems.

!
configure terminal
flow monitor netflow-original
description This flow monitor uses the NetFlow original record and exports to Scrutinizer
record netflow-original
cache timeout active 60
exporter scrutinizer
end
!


Applying a Flow Monitor to an Interface

The final step is to apply the Cisco 6500 Sup2T NetFlow flow monitor to the interfaces that you need to monitor. Repeat this step as necessary.

!
configure terminal
interface ethernet 0/0
ip flow monitor netflow-original input
end
!

Reporting on Cisco 6500 Sup2T NetFlow

If you’re looking for a scalable NetFlow collector to handle all the Cisco 6500 Sup2T NetFlow contact us and we would be glad to give you a free demo.