Enable netflow statistics on a Cisco router: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 2: | Line 2: | ||
= <span style="font-size:large;"><span style="font-family:verdana,geneva,sans-serif;">Introduction</span></span> = | = <span style="font-size:large;"><span style="font-family:verdana,geneva,sans-serif;">Introduction</span></span> = | ||
<span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">OptiView XG is NOT a NetFlow collector, but it is possible to | <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">OptiView XG is NOT a NetFlow collector, but it is possible to have OptiView poll a Cisco routers for network flow based statistics. The results (top-n) are available under Device Details or in Application Infrastrcture Tests. In order to do this, routers in your network must be configured correctly.</span></span> | ||
= <span style="font-size:large;"><span style="font-family: verdana, geneva, sans-serif;">Solution</span></span> = | = <span style="font-size:large;"><span style="font-family: verdana, geneva, sans-serif;">Solution</span></span> = | ||
<span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">This example has been tested with a CISCO router model 1911 running IOS version 15. For more information about the commands used in this script, | <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">This example has been tested with a CISCO router model 1911 running IOS version 15.0. For more information about the commands used in this script, read the router's IOS specific manual. Before we start we consider SNMP read-only access to the router is already configured and the community has sufficient viewing rights.</span></span> | ||
=== <span style="font-size:medium;"><span style="font-family: verdana, geneva, sans-serif;">Global Configuration Mode</span></span> === | === <span style="font-size:medium;"><span style="font-family: verdana, geneva, sans-serif;">Global Configuration Mode</span></span> === | ||
<span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">Add the following commands to the global configuration section of the router | <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">Add the following commands to the global configuration section of the router.</span></span> | ||
<span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">''Note: | <span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">''Note: you MUST ''</span></span><span style="font-size:small;"><span style="font-family:verdana,geneva,sans-serif;">''enable flow exports in order to populate the flow top-talker lists. Substitute <SourceInterface> and <DestinationAddress> with the appropriate values.''</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">conf t</span></span> | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">conf t</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-cache timeout active 1</span></span> | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-cache timeout active 1</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-cache timeout inactive 14</span></span> | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-cache timeout inactive 14</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export source | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export source <SourceInterface></span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export version 9</span></span> | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export version 9</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export destination | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-export destination <DestinationAddress> 2055</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-top-talkers</span></span> | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip flow-top-talkers</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">ip-flow-top-applications</span></span> | |||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">top 100</span></span> | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">top 100</span></span> | ||
*<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">sort-by bytes</span></span> | *<span style="font-size:small;"><span style="font-family:courier new,courier,monospace;">sort-by bytes</span></span> | ||
Revision as of 20:26, 15 October 2016
Introduction
OptiView XG is NOT a NetFlow collector, but it is possible to have OptiView poll a Cisco routers for network flow based statistics. The results (top-n) are available under Device Details or in Application Infrastrcture Tests. In order to do this, routers in your network must be configured correctly.
Solution
This example has been tested with a CISCO router model 1911 running IOS version 15.0. For more information about the commands used in this script, read the router's IOS specific manual. Before we start we consider SNMP read-only access to the router is already configured and the community has sufficient viewing rights.
Global Configuration Mode
Add the following commands to the global configuration section of the router.
Note: you MUST enable flow exports in order to populate the flow top-talker lists. Substitute <SourceInterface> and <DestinationAddress> with the appropriate values.
- conf t
- ip flow-cache timeout active 1
- ip flow-cache timeout inactive 14
- ip flow-export source <SourceInterface>
- ip flow-export version 9
- ip flow-export destination <DestinationAddress> 2055
- ip flow-top-talkers
- ip-flow-top-applications
- top 100
- sort-by bytes
- cache-timeout 300000
- exit
- wr mem
Interface Configuration Mode
Note: This is a general applicable but not the only way for enabling NetFlow exports per interface. Please read your Cisco documentation for more information on how to configure NetFlow.
Add the following command to the interface configuration section of all interfaces carrying traffic. There are at least two interfaces that carry traffic, one facing the network, one facing the site. These may be physical interfaces or virtual interfaces like sub-interfaces, dialers or tunnels.
- conf t
- interface <interface name>
- ip flow egress
- exit
- wr mem
Debug
- Use the IOS command sh ip flow export and check if any flows are exported
- Use the IOS command sh ip flow top-talkersand check if the top-talker list is populated