Catalyst 4500 series switches with Supervisor Engine 7-E and Cisco IOS XE Software Release 3.1.0 SG supports Flexible NetFlow. Hence we thought of sharing the configuration information with you.

The configuration of Flexible NetFlow in these switches is similar to the other regular Flexible NetFlow. Same 4 steps:
1)    Creating Exporter
2)    Creating Record
3)    Creating Monitor
4)    Associate the monitor to the interface.

However, supervisor 7-E does not support predefined records like traditional routers (record neflow ipv4 original-input). Hence it is compulsory that we should create a record.

You can configure the switch as mentioned below:

Exporter creation:

flow exporter NFAexporter // where to send the flow records
destination 192.168.1.1

Record creation:

flow record NFArecord // specifies the fields in the packet
  match datalink destination-vlan-id
  match ipv4 version
  match ipv4 tos
  match ipv4 protocol
  match ipv4 source address
  match ipv4 destination address
  match transport source-port
  match transport destination-port
  match interface output physical snmp
  match interface input physical snmp
  collect interface input snmp
  collect interface output snmp
  collect counter flows
  collect counter bytes
  collect counter packets
  collect timestamp sys-uptime first
  collect timestamp sys-uptime last

Monitor creation:

flow monitor NFAmonitor // here you can also specify how many unique flows records to collect
    record NFArecord
    exporter NFAexporter
    cache timeout active 1
    cache timeout inactive 30
    cache entries 1000

Associate the monitor to the interface

interface GigabitEthernet 0/1
     ip flow monitor NFAmonitor input

interface channel-group 1
    ip flow monitor NFAmonitor layer2-switched input // flow records collected even for bridged traffic.
  
Note: Selection of Layer 2 and Layer 3 packet fields in a single flow record definition is not allowed.

Once NetFlow is configured and flows reach the NetFlow Analyzer server the router will be auto detected and reports are generated.

You can download the 30 day trial of ManageEngine NetFlow Analyzer from here

Reach us on Facebook at NetFlow Analyzer TAC

Catch up with the latest updates in the industry, through our LinkedIn community Bandwidth Monitoring and Traffic Analysis for Enterprises


Praveen Manohar

NetFlow Analyzer Technical Team

Download  |  Interactive Demo   | Twitter  | Customers

  1. Sammy

    Is there a way to change from version 9 to 7?

  2. Dominik

    In later versions of the IOS, many of the sub-commands to the ‘flow record’ command listed above, are no longer available, including:

    match interface output physical snmp
    match interface input physical snmp
    collect interface input snmp
    collect interface output snmp
    collect counter flows

    Do we need to use different commands in their place?

    • Praveen Manohar

      Please let us know the IOS version you are using. Also, it is not mandatory to use all those commands.

      You can use the flow record given below:
      flow record NFArecord
      match ipv4 tos
      match ipv4 protocol
      match ipv4 source address
      match ipv4 destination address
      match transport source-port
      match transport destination-port
      match interface input
      collect interface output
      collect counter bytes
      collect counter packets