Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1900
Views
0
Helpful
4
Replies

Netflow Config

Go to solution
EddieG115
Level 1
Level 1

‎04-15-2019 11:15 AM

Hi all. I am not well versed with this stuff so I apologize for the rudimentary question. I am trying to configure netflow for an interface on a 3850 switch. In my research, it seems you need to specify the interface that you want the flows exported out of. My NetFlow collector is running on a VM. I have about 8 different VM hosts and depending on where the VM lives (this can change because of vmotion) there are different interfaces that could be candidates and it could change. Maybe I am not understanding what I need to do, but does anyone have any suggestions for this? Thank you!

 

Ed

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to EddieG115

‎04-17-2019 07:16 AM

Hi
my source is a vlan actually our MGMT vlan SVI , i just removed anything that was local to the network

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎04-16-2019 04:11 AM

Hi
You can apply it to multiple interfaces if thats what you mean heres an example , the 2 lines under the interface go under any IP interface you want to see a flow from


interface vlan 18
ip flow monitor IBM_nq input
ip flow monitor IBM_nq output

interface vlan 38
ip flow monitor IBM_nq input
ip flow monitor IBM_nq output


flow record FLOW-RECORD
description record to monitor network traffic
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match interface output
collect routing source as
collect routing destination as
collect routing next-hop address ipv4
collect transport tcp flags
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
!
!
flow exporter NetQos
description export Netflow traffic to HQ
destination X.X.X.X
source XXXXXX
output-features
transport udp 2055
template data timeout 300
option interface-table timeout 1000
option exporter-stats timeout 1000
!
!
flow monitor IBM_nq
description Used for ipv4 traffic analysis (Mapped To FLOW-RECORD)
exporter NetQos
statistics packet protocol
record FLOW-RECORD
0 Helpful

Go to solution
EddieG115
Level 1
Level 1
In response to Mark Malone

‎04-17-2019 06:46 AM

Thank you for the reply. I do understand you can apply it to multiple interfaces, but I am referring to the actual export to the collector host. In your example I would think it is the "source" statement in the below section. Can this just be an SVI or does it have to be a physical interface?

flow exporter NetQos
description export Netflow traffic to HQ
destination X.X.X.X
source XXXXXX
output-features
transport udp 2055
template data timeout 300
option interface-table timeout 1000
option exporter-stats timeout 1000

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to EddieG115

‎04-17-2019 07:16 AM

Hi
my source is a vlan actually our MGMT vlan SVI , i just removed anything that was local to the network
0 Helpful

Go to solution
EddieG115
Level 1
Level 1
In response to Mark Malone

‎04-17-2019 07:26 AM

PERFECT That's what I needed. Thank you for your help!
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card