14 april 2014

How To Configure a Cisco Router to Export NetFlow Data


Following is a brief how-to video with Josh Stephens, Head Geek at SolarWinds on configuring a Cisco router to export NetFlow data. If you're not familiar with NetFlow, check out this Geek Guide to NetFlow at SolarWinds to get started.

Josh Stephens: Hi there. Josh Stephens here, Head Geek at SolarWinds, and today I'm going to show you how to configure a Cisco router to export NetFlow data.
Now, NetFlow is a really cool technology and we've talked about it a few times before. If you're not familiar with NetFlow, a good place to go would be to go to SolarWinds.com/geek, and you'll find lots of videos and tutorials where we talk about this technology. Another really cool place to go is Thwack.com, which is our online community or social networking site for network engineers.
Now, once you've decided to deploy this technology, you need to configure your routers and switches so they'll export the data to your network management system like Orion NetFlow Traffic Analyzer.
To do that, you can use the SolarWinds NetFlow Configurator, which is a free tool offered at SolarWinds.com. But there are some situations where that application won't work for you, for instance, if you don't have SNMP access to your routers. So I'm going to show you how to do it the manual way.
Now, the first thing you'll want to do is open a command prompt and telnet to your routers. So what I'm going to do now is log-in and then I'd go into privileged mode or, as many of us call it, enable mode. Now, once I've done that, I can then begin to make configuration changes.
So I'm going to configure from terminal, and I'm going to Internet to command IP flow, export source, fast ethernet... Did I spell that right? 0/0... What I'm telling the router here is, when it exports the NetFlow data, to source that traffic from my fast ethernet 0/0 interface.
The next thing I'd want to do is tell it I want to export version five NetFlow data. Now, SolarWinds applications, like again the Orion NetFlow Traffic Analyzer, support multiple versions of NetFlow, including version five and version nine, which are the most popular two versions. But typically, people like to use version five to get started. Download the fully-functional FREE TRIAL of Orion NetFlow Traffic Analyzer (NTA) here.
Then I want to tell it where to send the data. This is the IP address of the network management system you have collecting the data, whether it's using Orion or even the new, cool, real-time NetFlow Traffic Analyzer from SolarWinds.com. Either way, you want to enter the IP address of this device and the port. Now, the port is the UDP port number that... That application is listening on for this NetFlow traffic.
Once you've done that, you've configured the router to now support NetFlow and start exporting. But you have to tell it which interfaces you're interested in analyzing the traffic on. So now I'm going into interface fast ethernet 0/0 and all I have to do is tell it I want to send IP flow, egress and ingress. What that means is I want it to monitor traffic both inbound and outbound on that interface.
I also want to go in and enable IP... Sorry, I kind of forgot the name of that command. Route cache flow, very important there... Once I'm done, I'm done, that's all I have to do. You can now start seeing this data within Orion. And of course, the last thing you should do before you edit your router is to admit those changes to memory.
So again, Josh Stephens here, Head Geek at SolarWinds, and that's how you configure a Cisco router to export NetFlow. Thanks a lot, have a great day. Bye.

Geen opmerkingen:

Een reactie plaatsen

Opmerking: alleen leden van deze blog kunnen een reactie plaatsen.