Manufacturer:  VMware

Model(s):  SD-WAN

Version(s):  5.1

URL:  https://docs.vmware.com/en/VMware-SD-WAN/5.1/VMware-SD-WAN-Administration-Guide/GUID-6B05A10E-1056-4995-AB62-6621EBAA83C4.html

Notes:

  • VMware supports IPFIX version 10 to export IP flow information to a collector.
  • Netflow records that are exported by SD-WAN Edge aggregate the source port. This means that data of different flows that have same source and destination IPs, same destination port, but different source ports will be aggregated.
  • The SD-WAN Orchestrator allows you to configure Netflow collectors and filters as network services at the profile, edge, and segment level.
  • You can configure a maximum of two collectors per segment and eight collectors per profile and edge. Also, you can configure a maximum of 16 filters per collector.

Configuration steps

  1. From the SD-WAN Orchestrator, go to ConfigureNetwork Services.  The Services page appears.
  2. To configure a collector, go to the Netflow Settings area and click the New button at the right side of the Collector table. The Add New Collector dialog box appears.
  3. In the Collector Name text box, enter a unique name for the collector.
  4. In the Collector IPtext box, enter the IP address of the collector.
  5. In the Collector Port text box, enter the 4739.
  6. Click Save Changes.
    Under Network Services, the newly added collector appears in the Collector table.
  1. SD-WAN Orchestrator allows filtering of traffic flow records by source IP, destination IP, and application ID associated with the flow. To configure a filter, go to the Netflow Settings area and click the New button at the right side of the Filter table. The Add New Filter dialog box appears.
  2. In the Filter Name text box, enter a unique name for the filter.
  3. Under the Match section, click Any to use any of the source IP or destination IP or application associated with the flow as the match criteria for Netflow filtering.
  4. Under the Action area, select Allow as the filter action for the traffic flow, and click OK.
    Under Network Services, the newly added filter appears in the Filter table.
  1. From the SD-WAN Orchestrator, go to ConfigureProfiles.
    The Configuration Profiles page appears.
  1. Select a profile you want to configure Netflow settings and click the icon under the Device
    The Device Setting page for the selected profile appears.
  1. From the Configure Segment drop-down menu, select a profile segment to configure Netflow settings.
  2. Go to the Netflow Settings area and configure the following details.
    1. Select the Netflow Enabled check box.
      SD-WAN Orchestrator supports IP Flow Information Export (IPFIX) protocol version 10.
    2. From the Collector drop-down menu, select an existing Netflow collector to export IPFIX information directly from SD-WAN Edge.
  1. From the Filterdrop-down menu, select an existing Netflow filter for the traffic flows from SD-WAN Edge.
  2. Select the Allow All check box corresponding to a collector to allow all segment flows to that collector.
  3. Under Intervals, configure the following Netflow export intervals:
  1. Flow Stats– Export interval for flow stats template, which exports flow statistics to the collector. The allowable export interval range is from 60 seconds to 300 seconds. Plixer recommends setting this value to 60 seconds.
  2. FlowLink Stats– Export interval for flow link stats template, which exports flow statistics per link to the collector. The allowable export interval range is from 60 seconds to 300 seconds. Plixer recommends setting this value to 60 seconds.
  3. VRF Table– Export interval for VRF option template, which exports segment related information to collector. The allowable export interval range is from 60 seconds to 300 seconds. Plixer recommends setting this value to 60 seconds.
  4. Application Table– Export interval for Application option template, which exports application information to the collector. The allowable export interval range is from 60 seconds to 300 seconds. Plixer recommends setting this value to 60 seconds.
  5. Interface Table– Export interval for Interface option template, which exports interface information to collector. The allowable export interval range is from 60 seconds to 300 seconds. Plixer recommends setting this value to 60 seconds.
  6. Link Table – Export interval for Link option template, which exports link information to the collector. The allowable export interval range is from 60 seconds to 300 seconds. Plixer recommends setting this value to 60 seconds.
  7. Tunnel Stats – Export interval for tunnel stats template. The allowable export interval range is from 60 seconds to 300 seconds. Plixer recommends setting this value to 60 seconds.
  1. Click Save Changes.