Catalyst 4500 series switches with Supervisor Engine 7-E and Cisco IOS XE Software Release 3.1.0 SG supports Flexible NetFlow. Hence we thought of sharing the configuration information with you.
The configuration of Flexible NetFlow in these switches is similar to the other regular Flexible NetFlow. Same 4 steps:
1) Creating Exporter
2) Creating Record
3) Creating Monitor
4) Associate the monitor to the interface.
However, supervisor 7-E does not support predefined records like traditional routers (record neflow ipv4 original-input). Hence it is compulsory that we should create a record.
You can configure the switch as mentioned below:
Exporter creation:
flow exporter NFAexporter // where to send the flow records
destination 192.168.1.1
Record creation:
flow record NFArecord // specifies the fields in the packet
match datalink destination-vlan-id
match ipv4 version
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface output physical snmp
match interface input physical snmp
collect interface input snmp
collect interface output snmp
collect counter flows
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
Monitor creation:
flow monitor NFAmonitor // here you can also specify how many unique flows records to collect
record NFArecord
exporter NFAexporter
cache timeout active 1
cache timeout inactive 30
cache entries 1000
Associate the monitor to the interface
interface GigabitEthernet 0/1
ip flow monitor NFAmonitor input
interface channel-group 1
ip flow monitor NFAmonitor layer2-switched input // flow records collected even for bridged traffic.
Note: Selection of Layer 2 and Layer 3 packet fields in a single flow record definition is not allowed.
Once NetFlow is configured and flows reach the NetFlow Analyzer server the router will be auto detected and reports are generated.
You can download the 30 day trial of ManageEngine NetFlow Analyzer from here .
Reach us on Facebook at NetFlow Analyzer TAC
Catch up with the latest updates in the industry, through our LinkedIn community Bandwidth Monitoring and Traffic Analysis for Enterprises
Praveen Manohar
NetFlow Analyzer Technical Team
Download | Interactive Demo | Twitter | Customers
Is there a way to change from version 9 to 7?
All,
BIG Note – Cisco 4500 VSS mode with IOS (cat4500e-UNIVERSALK9-M), Version 03.06.01.E RELEASE SOFTWARE (fc3) , has a know bug which cause the standby router to crash when issuing NetFlow commands!!!
see attached link:
https://tools.cisco.com/bugsearch/bug/CSCuo71145/?reffering_site=dumpcr
In later versions of the IOS, many of the sub-commands to the ‘flow record’ command listed above, are no longer available, including:
match interface output physical snmp
match interface input physical snmp
collect interface input snmp
collect interface output snmp
collect counter flows
Do we need to use different commands in their place?
Please let us know the IOS version you are using. Also, it is not mandatory to use all those commands.
You can use the flow record given below:
flow record NFArecord
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect interface output
collect counter bytes
collect counter packets