NetFlow configuration for Vyatta router

One of our customers wanted to know the configuration for NetFlow for the Vyatta router. For the benefit of many others who may need it, here it is:

Please configure NetFlow on your Vyatta router as mentioned below:

set system flow-accounting interface <interface name> // This command should be issued for each interface you want to monitor

set system flow-accounting netflow server <Server IP > port 9996 // Specifies a NetFlow collector to which to export Netflow data

set system flow-accounting netflow sampling-rate rate // Specifies the rate at which packets are sampled for statistics.

set system flow-accounting netflow version 9 // Specifies the Netflow format that data will be exported in.

set system flow-accounting netflow timeout expiry-interval 60 // Specifies the interval at which Netflow data will be sent to a Netflow collector.

set system flow-accounting netflow timeout max-active-life life // Use the set form of this command to set the global flow timeout.

set system flow-accounting netflow timeout flow-generic timeout // This parameter defines the amount of time the system continues to wait for data from a generic IP flow before considering the flow complete.

set system flow-accounting netflow timeout tcp-fin timeout
set system flow-accounting netflow timeout tcp-generic timeout
set system flow-accounting netflow timeout tcp-rst timeout
set system flow-accounting netflow timeout icmp timeout
set system flow-accounting netflow timeout udp timeout

Configuration

system {

       flow-accounting {

           interface <ifname> {   // Please apply this on all active interface

       netflow {
          version 9                        # Can use 5 or 9
          engine-id <u32>           # 0-255
          server <Collector IP> {
                port 9996                # user configurable

              }

              timeout {

                expiry-interval 60
                flow-generic 3600
                icmp 300
                max-active-life 604800
                tcp-fin 300
                tcp-generic 3600
                tcp-rst 120
                udp 300
            }
         }

          }

     }

sFlow configuration

system {

    flow-accounting {

         sflow {
        agentid <u32>
        server 192.168.1.1 {          
            port 9996           
        }
    }

Do get more information on Vyatta Netflow from here.

Hope the configuration helps. Happy monitoring !!!!!!!!

You can download the 30 day trial of ManageEngine NetFlow Analyzer from here.

Praveen Manohar
NetFlow Analyzer Technical Team


Download | Interactive Demo  | Twitter | Customers