Cisco Sup 2T NetFlow configuration

Ever since Flexible NetFlow was introduced by Cisco, they started supporting this advanced NetFlow export on most of the routers and switches. This Flexible NetFlow is really flexible such that user can define their own custom record to be exported as NetFlow packets. Cisco Performance Monitoring like Medianet can only be exported as Flexible NetFlow. The traditional NetFlow export with predefined has its own limitation and it is not as flexible as Flexible NetFlow. Cisco started supporting Flexible NetFlow on most of the IOS trains and Switches like Cisco 4500 (Sup7E), the devices that are not included in the Flexible NetFlow list is Cisco 6500 and 7600 series devices. These devices serve as a core distribution channel and always by critical monitoring entity when it comes bandwidth monitoring. These devices with Supervisor 720 supports traditional NetFlow export and NetFlow commands has to be applied on “mls” and “msfc” to get proper bandwidth utilization. With new Supervisor 2T on Cisco 6500 and 7600 device supports Flexible NetFlow export which is exactly similar to Flexible NetFlow export on the Cisco routers.

Flexible NetFlow configuration

Flexible NetFlow configuration is somewhat different from traditional NetFlow export as it needs multiple entities like:

Flow exporter
Flow record
Flow monitor
Attaching the monitor to an interface

Flow exporter configuration

Flow exporter is the one that defines the export source and destination which receives the NetFlow packets.

flow exporter ManageEngine

destination

transport udp 9996

data template timeout 60

Flow record configuration

Flow record configuration defines the fields exported via NetFlow protocol. The Supervisor 2T does not have option to enable default NetFlow records. We need to define the flow records manually as shown below:

flow record ManageEngine

match ipv4 tos

match ipv4 protocol

match ipv4 source address

match ipv4 destination address

match transport source-port

match transport destination-port

match interface input

match flow sampler

collect routing source as

collect routing destination as

collect routing next-hop address ipv4

collect ipv4 source mask

collect ipv4 destination mask

collect transport tcp flags

collect counter bytes

collect counter packets

collect timestamp sys-uptime first

collect timestamp sys-uptime last

Flow monitor configuration

Flow monitor is the one that defines the exporter and record which has to be sent to analyzing software.

flow monitor ManageEngine

record ManageEngine

record exporter

exporter ManageEngine

cache timeout active 60

cache timeout inactive 15

Associating the monitor with an interface for NetFlow accounting

The flow monitor has to attached to every physical or logical interfaces to capture the traffic and export NetFlow packets.

Interface Vlan100

ip flow monitor ManageEngine input

I hope the configuration steps for enabling Flexible NetFlow on Supervisor 2T is helpful. If you're feeling bored applying all these command through CLI, then you want to take advantage of our NetFlow configurator.