How do you configure NetFlow on a Cisco XR 12000 or Cisco ASR Series router?  I have been asked this question lately so I thought I would share this with you today.

The NetFlow infrastructure is based on the configuration and use of the following maps:

  • Exporter Map
  • Sampler Map
  • Flow Monitor Map

Exporter Map:

To configure the Exporter map, you need to define the destination (flow collector), the source interface, the port used for exporting, the version of NetFlow, and the timeout rates.

router(config)# flow exporter-map SCRUTINIZER-EM
router(config-fem)# destination 10.1.1.5
router(config-fem)# source gi0/0
router(config-fem)# transport udp 2055
router(config-fem)# version v9
 router(config-fem)# template data timeout 60
router(config-fem)# options interface-table timeout 60
 router(config-fem)# exit

Sampler Map:

The Sampler map defines the sample rate, default for the ASR series is 10000, no default for the XR 12000, but recommended sample value is 10000 for optimal performance.

router(config)# sampler-map SCRUTINIZER-SM
 router(config-sm)# random 1 out-of 10000
 router(config)# exit

Flow Monitor Map:

The Flow Monitor map defines the cache timeout values and associates the exporter map with this map.

router(config)# flow monitor-map SCRUTINIZER-FMM
 router(config-fmm)# record ipv4
 router(config-fmm)# exporter SCRUTINIZER-EM
router(config-fmm)# cache timeout active 60
router(config-fmm)# cache timeout inactive 15
 router(config-fmm)# exit

 

Apply the maps to the interfaces

Now that you have your maps defined, you need to apply the Flow Monitor and Sampler maps to each of your active interfaces:

router(config)# interface Gi0/0
router(config-if)# flow ipv4 monitor SCRUTINIZER-FMM sampler SCRUTINIZER-SM ingress
router(config-if)# exit

For more information on these commands, see NetFlow Commands on Cisco ASR 9000 Series Router and NetFlow Commands on Cisco IOS XR Software.

And once you have the NetFlow configuration completed, you can analyze the data with NetFlow reporting using your favorite NetFlow Analysis tool.

I hope this was helpful.  Are there other NetFlow capable devices that you need help with the configuration?  Please let us know!

 

Joanne Ghidoni

Joanne Ghidoni

Joanne is a Software Quality Assurance Engineer at Plixer. She has also held positions as Technical Support Engineer and Sales Engineer since joining Plixer in 2005. Prior to joining Plixer, Joanne has had numerous positions in the IT field, including data entry, computer operator, PC coordinator and support, mainframe programmer, and also Technical Support and web programmer at Cabletron Systems. In her spare time, Joanne enjoys traveling, always seeking out new and interesting places to visit.

Related

Big Data

Sankey Flow Graph

One of the greatest benefits of NetFlow collection for traffic analysis, is we’re provided with the ability to visualize the…