Nexus 7000 NetFlow Support

Lately in support we have been getting a lot of questions on how to configure Cisco Nexus 7000 switches for NetFlow. The Nexus 7000-M series supports full and sampled NetFlow while the 7000-F series only supports sampled. So now you might be asking, “what is the difference in the two and which one should I use”.

Sampled NetFlow/Full NetFlow

Sampled NetFlow allows you to collect NetFlow statistics on a subset of the data that is coming into the interface. An example would be to collect 1 in 100 packets. The benefit of this, of course, is less overall load on the device and faster switching, since most of the data will not have to be processed for NetFlow. So now you may be asking yourself, “that sounds great but there has to be some kind of a downside”; there is.  The problem we run into with sampled NetFlow is that, since we are taking a sample of the data, we are not going to see a lot of the crucial information in our NetFlow monitoring tool since it might not make it into the sample, but it is, however, better than not sending any NetFlow. I will go through a Nexus 7000 configuration below. Make note that you only need to create and apply the sampler if using Sampled NetFlow.

Create Flow Record

First we want to create our flow record which we will call “Test”:

switch# conf t
switch(config)# feature netflow
switch(config)# flow record Test
switch(config-flow-record)# match ip protocol
switch(config-flow-record)# match tos protocol
switch(config-flow-record)# match ipv4 source address
switch(config-flow-record)# match ipv4 destination address
switch(config-flow-record)# match transport destination-port
switch(config-flow-record)# match transport source-port
switch(config-flow-record)# match datalink mac source address input
switch(config-flow-record)# match datalink mac destination address input
switch(config-flow-record)# collect transport tcp flags
switch(config-flow-record)# collect interface input
switch(config-flow-record)# collect interface output

Create Flow Exporter:

For this example we will call our flow exporter “ExporterTest”:

switch# conf t
switch(config)# flow exporter ExporterTest
switch(config-flow-exporter)# description export netflow to collector
switch(config-flow-exporter)# destination 10.1.3.138
switch(config-flow-exporter)# export Version 9
switch(config-flow-exporter)# transport udp 2055
switch(config-flow-exporter)# source loopback 0

We will also call our flow monitor “MonitorTest” and apply our flow record “Test”:

switch(config)# flow monitor MonitorTest
switch(config-flow-monitor)# exporter ExporterTest
switch(config-flow-monitor)# record Test
switch(config)#exit

Create Sampler: (Only needed if using Sampled Netflow)

Now we need to create our Sampler which will be used if exporting Sample NetFlow (needs to be configured if using a Nexus 7000-F series):

switch(config)# sampler SampleTest
switch(config-flow-sampler)# mode 1 out-of 100
switch(config-flow-sampler)# exit
switch(config)#

Apply flow monitor to interfaces:

Now we will need to apply the flow monitor and sampler if needed to our interfaces:

switch (config)# interface Vlan###
switch(config-if)# ip flow monitor MonitorTest input SampleTest
switch(config-if) exit

Save:

Now we just need to save the running config:

switch(config)# copy running-config startup-config
switch(config)# exit

There you have it! You now should be exporting NetFlow on your Nexus 7000-M/F Series switch. If you run into any issues or have any questions on configuring NetFlow feel free to contact us in support.