In this blog I want to talk about enabling NetFlow on a VMware ESX. Netflow support has now been added to vSphere 5; by configuring your virtual switch to send NetFlow statistics to a netflow Analyzer you gain visibility into your virtual infrastructure. To be more specific, you will be able to monitor:
- VM to VM traffic on the same host
- VM to VM traffic on different hosts
- VM to devices outside the virtual environment.
The Netflow Analyzer is a passive application, it listens to incoming flows and captures them for analysis, therefore a NetFlow collector IP address and a listening port must be specified.
In order for the NetFlow and sFlow Analyzer to properly report on NetFlow traffic, you also need to set Active flow export timeout to 60 seconds.
A sampling rate of zero means that every NetFlow packet will be sent to the collector. Just keep in mind that this can be very resource intensive. A value greater than zero will enable sampling.
And finally the VDS IP address is the IP address of your distributed virtual switch, this is what the NetFlow Traffic Analyzer will identify as the flow source. In cisco routers it corresponds to the “ip flow-export source” command.
In “Running vMotion on multiple network adaptors”, Eric Sloof briefly explains how to set up NetFlow in vSphere 5. (You can skip to minute 10:20 if you are not interested in watching the entire video.)
Please feel free to share your experience. I hope you enjoyed this blog.
Related
Cisco Firepower FTD NetFlow configuration
I am often exposed to new network devices and the ways that they support and configure flow-monitoring technologies. So I…