|
|
(17 intermediate revisions by the same user not shown) |
Line 1: |
Line 1: |
|
| |
|
| = <span style="font-size:large;"><span style="font-family:verdana,geneva,sans-serif;">Introduction</span></span> = | | == Introduction == |
|
| |
|
| <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">OptiView XG is NOT a NetFlow collector, but it is possible to have OptiView poll a Cisco routers for network flow based statistics. The results (top-n) are available under Device Details or in Application Infrastrcture Tests. In order to do this, routers in your network must be configured correctly.</span></span>
| | {{#invoke:Message box|ambox |type=notice|text=This TruView feature is only supported on Cisco routers.}} |
|
| |
|
| = <span style="font-size:large;"><span style="font-family: verdana, geneva, sans-serif;">Solution</span></span> =
| | OptiView XG is NOT a NetFlow collector, but it is possible to have OptiView poll a Cisco router for IP flow based network statistics. The results (top-n) are available on the OptiView under Device Details or in Application Infrastrcture Tests. In order to do this, routers in your network must be configured correctly. |
|
| |
|
| <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">This example has been tested with a CISCO router model 1911 running IOS version 15.0. For more information about the commands used in this script, read the router's IOS specific manual. Before we start we consider SNMP read-only access to the router is already configured and the community has sufficient viewing rights.</span></span>
| | |
|
| |
|
| | | |
|
| |
|
| === <span style="font-size:medium;"><span style="font-family: verdana, geneva, sans-serif;">Global Configuration Mode</span></span> === | | == Solution == |
| | |
| <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">Add the following commands to the global configuration section of the router.</span></span>
| |
|
| |
|
| <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">''Note: you MUST ''</span></span><span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">''enable flow exports in order to populate the flow top-talker lists. Substitute <SourceInterface> and <DestinationAddress> with the appropriate values.''</span></span>
| | This configuration example has been tested with a CISCO router model 1911 running IOS version 15. For more information about the commands used in this script, read the router's IOS specific manual. We consider SNMP read-only access to the router already being properly configured and the community has sufficient view rights on the relevant MIBs. |
|
| |
|
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">conf t</span></span>
| | === Global Configuration Mode === |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-cache timeout active 1</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-cache timeout inactive 14</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export source <SourceInterface></span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export version 9</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export destination <DestinationAddress> 2055</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-top-talkers</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-top-applications</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">top 100</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">sort-by bytes</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">cache-timeout 300000</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">exit</span></span>
| |
| *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">wr mem</span></span>
| |
|
| |
|
|
| | You must enable flow exports in order to get the top counter tables populated. |
|
| |
|
| === <span style="font-size:medium;"><span style="font-family:verdana,geneva,sans-serif;">Interface Configuration Mode</span></span> ===
| | Enter Global Configuration Mode on the router and add the following commands to the configuration. Substitute <SourceInterface> and <DestinationAddress> with the appropriate values. |
|
| |
|
| ''<span style="font-family:verdana,geneva,sans-serif;">Note: This is a common yet not unique way to enable NetFlow exports On interfaces. Please read your router's IOS specific manual for more information on how to configure NetFlow on a per interface basis.</span>''
| | conf t |
| | ip flow-cache timeout active 1 |
| | ip flow-cache timeout inactive 14 |
| | ip flow-export source <SourceInterface> |
| | ip flow-export version 9 |
| | ip flow-export destination <DestinationAddress> 2055 |
| | ip flow-top-talkers |
| | top 100 |
| | sort-by bytes |
| | cache-timeout 300000 |
| | exit |
| | exit |
| | ip flow-top-applications |
| | top 100 |
| | sort-by bytes |
| | cache-timeout 300000 |
| | exit |
| | wr mem |
|
| |
|
| <span style="font-family:verdana,geneva,sans-serif;">Add the following command to the interface configuration section of all interfaces carrying traffic. There are at least two interfaces that carry traffic, one facing the network, one facing the site. They may be physical interfaces or virtual interfaces like sub-interfaces, dialers and tunnels. </span>
| | === Interface Configuration Mode === |
|
| |
|
| *<span style="font-family:courier new,courier,monospace;">conf t</span>
| | This is a common yet not unique way to enable NetFlow exports for interfaces. Please read your router's IOS specific manual for more information on how to configure NetFlow on a per interface basis. |
| *<span style="font-family:courier new,courier,monospace;">interface <InterfaceName></span>
| |
| *<span style="font-family:courier new,courier,monospace;">ip flow egress</span>
| |
| *<span style="font-family:courier new,courier,monospace;">exit</span>
| |
| *<span style="font-family:courier new,courier,monospace;">wr mem</span>
| |
|
| |
|
|
| | Add the following command to the interface configuration section of all interfaces carrying traffic. There are at least two interfaces that carry traffic, one facing the network and one facing the site. These can be physical or virtual interfaces like sub -, dialer - and tunnel interfaces. |
|
| |
|
| | conf t |
| | interface <InterfaceName> |
| | ip flow egress |
| | exit |
| | wr mem |
|
| |
|
| === <span style="font-family:verdana,geneva,sans-serif;"><span style="font-size:medium;">Debug</span></span> === | | === Debug === |
|
| |
|
| *<span style="font-size: small; font-family: verdana, geneva, sans-serif;">Use the IOS command sh ip flow export and check if any flows are exported</span>
| | Still in priviledges mode, use the following commands to verify flow exports and population of the top counters |
| *<span style="font-family:verdana,geneva,sans-serif;"><span style="font-size:small;">Use the IOS command sh ip flow top-talkers and check if the top-100 talkers is populated</span></span>
| |
| *<span style="font-family:verdana,geneva,sans-serif;"><span style="font-size:small;">Use the IOS command sh ip flow top-applications and check if the top-100 applications is populated </span></span>
| |
|
| |
|
| <br/>
| | sh ip flow export |
| | sh ip flow top-talkers |
| | sh ip flow top-applications |
Introduction
OptiView XG is NOT a NetFlow collector, but it is possible to have OptiView poll a Cisco router for IP flow based network statistics. The results (top-n) are available on the OptiView under Device Details or in Application Infrastrcture Tests. In order to do this, routers in your network must be configured correctly.
Solution
This configuration example has been tested with a CISCO router model 1911 running IOS version 15. For more information about the commands used in this script, read the router's IOS specific manual. We consider SNMP read-only access to the router already being properly configured and the community has sufficient view rights on the relevant MIBs.
Global Configuration Mode
You must enable flow exports in order to get the top counter tables populated.
Enter Global Configuration Mode on the router and add the following commands to the configuration. Substitute <SourceInterface> and <DestinationAddress> with the appropriate values.
conf t
ip flow-cache timeout active 1
ip flow-cache timeout inactive 14
ip flow-export source <SourceInterface>
ip flow-export version 9
ip flow-export destination <DestinationAddress> 2055
ip flow-top-talkers
top 100
sort-by bytes
cache-timeout 300000
exit
exit
ip flow-top-applications
top 100
sort-by bytes
cache-timeout 300000
exit
wr mem
Interface Configuration Mode
This is a common yet not unique way to enable NetFlow exports for interfaces. Please read your router's IOS specific manual for more information on how to configure NetFlow on a per interface basis.
Add the following command to the interface configuration section of all interfaces carrying traffic. There are at least two interfaces that carry traffic, one facing the network and one facing the site. These can be physical or virtual interfaces like sub -, dialer - and tunnel interfaces.
conf t
interface <InterfaceName>
ip flow egress
exit
wr mem
Debug
Still in priviledges mode, use the following commands to verify flow exports and population of the top counters
sh ip flow export
sh ip flow top-talkers
sh ip flow top-applications