Blog :: Configuration :: Network Operations :: Security Operations

How to configure VMware vSphere ESX v5.1 IPFIX Support

Now that VMware vSphere ESX v5.1 supports IPFIX you may be wondering how to configure it; in fact, today I’m going to show you just that in a couple easy steps. VMware IPFIX support is a very exciting feature that will help with performance monitoring and can make virtual network management a lot easier to accomplish. Monitoring virtual servers has never been easier!

How to configure IPFIX for VMware vSphere ESX v5.1:

First, edit the settings of the distributed switch by right clicking on your virtual switch; then click on the 4th tab over labeled “NetFlow”.

dvSwitch IPFIX configuration

IPFIX on Distributed Switches can be enabled at the port group level, at an individual port level or at the uplink level.

If you configure IPFIX export here first, be sure to ENABLE NetFlow at the port group level, at an individual port level or at the uplink level.

The NetFlow configuration screen shows the different parameters that can be controlled during the setup.

1.      The Collector Settings of IP address and Port should be configured according to the information collected about the collector tool installed in your environment.

2.      The Advanced Settings parameters allow you to control the timeout and sampling rate for the flows. To change the amount of information that is collected for a flow, you can change the sampling rate. For example, a sampling rate of 2 indicates that the Virtual Distributed Switch (VDS) will collect data from every other packet. You can also modify the Idle flow export timeout values.

3.      The VDS IP address configuration is useful when you want to see all flow information in the collector tool as part of one VDS IP address and not as a separate host management network IP address.

If the VDS IP address is left blank each virtual machine will appear as a separate exporter at the collector.

VMware vSphere IPFIX

When configuring IPFIX at the port level, administrators should select the NetFlow override tab, which will make sure that flows are monitored even if the port group–level IPFIX is disabled.

Optional:

You can also monitor only internal flows of the virtual infrastructure by checking “Process Internal flows only” box.

You will now have IPFIX enabled on your vSphere distributed switch and will be enjoying the information it provides for virtual machine monitoring. Do you have any questions or comments? Feel free to leave them below.

Nov 1st, 2013 Update: VMware vswitch IPFIX Support