11-3 NetFlow Switching

  • NetFlow switching is a "flow-based" switching architecture that builds cache information about different flows of traffic, that is used to make switching decisions.

  • Because switching information is based on traffic flows, it allows for detailed tracking of conversations occurring through the network. It can be used for billing, departmental charge-backs, enterprise accounting, or other information-based strategies.

  • Because of the method used in building cache information, control features such as policy routing and access control lists are handled much more efficiently .

  • NetFlow information can be exported to a management application for accounting purposes.

  • NetFlow is compatible with all other switching modes, including CEF.

Configuration

  1. (Required) Enable NetFlow switching on the interface:

     (interface)  ip route-cache flow  
  2. (Optional) Enable NetFlow data export:

     (global)  ip flow-export   ip-address udp-port  [  version 1   version 5  [  origin-as   peer-as  ]] 

    This command allows you to export flow information to a network management application for accounting purposes. The ip-address argument allows you to specify the management device. The udp-port argument specifies which UDP port the information will be sent on. You can choose version 1 or version 5 formats for the flow information. The origin-as and peer-as options allow you to specify that AS information be included with the flow information (if you're using version 5).

  3. (Optional) Specify the number of cache entries to be maintained :

     (global)  ip flow-cache entries   number  

    The number option is a range between 1024 and 524288 entries. The default is 65536.

    NOTE

    Normally, the size of the NetFlow cache will meet your needs. However, you can change the number of entries maintained in the cache to meet the needs of your NetFlow traffic rates. The default is 64 KB flow cache entries. Each cache entry is about 64 bytes. A cache with 65,536 entries would use about 4 MB of DRAM. Each time a new flow is added as an entry, a free flow is taken from the queue, and the number of free flows is checked. If only a few free flows remain , NetFlow attempts to age 30 flows using an accelerated timeout. If only one free flow remains, NetFlow automatically ages 30 flows, regardless of their age. The intent is to ensure that free-flow entries are always available.

  4. (Optional) Configure distributed and NetFlow switching:

     (VIP interface)  ip route-cache distributed  (VIP interface)  ip route-cache flow  

    Versatile Interface Processors (VIPs) allow switching to be performed at the card level without passing across the system bus. The ip route-cache distributed command lets VIP processors perform distributed switching. This command combined with the ip route-cache flow command allows the router to perform NetFlow switching at the interface level.

Example

This example configures NetFlow switching on all the interfaces on the router. It also configures data export to the address 172.16.1.1 on port 127 using version 1 and changes the flow size to 131172.

  ip flow-export 172.16.1.1 127 version 1   ip flow-cache entries 131172   Interface ethernet 0/0   ip address 10.1.1.1 255.255.255.0   ip route-cache flow   interface serial 1/0   ip address 192.168.255.1 255.255.255.252   ip route-cache flow  


Cisco Field Manual[c] Router Configuration
Cisco Field Manual[c] Router Configuration
ISBN: 1587050242
EAN: N/A
Year: 2005
Pages: 185

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net