Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
11422
Views
9
Helpful
4
Comments

Understanding IPv6 net-flow

Sivagami Narayanan
Level 1
Level 1

‎04-30-2012 05:35 AM - edited ‎03-01-2019 04:48 PM

 

 

Introduction

Cisco IOS netflow provide network administrators with information concerning IP flows within their data networks such as network traffic accounting, usage-based network  billing, network planning, security, Denial of Service monitoring  capabilities, and network monitoring. It provides valuable information and exported NetFlow data can be used for a variety of  purposes like  network management and planning, enterprise  accounting, and Internet Service Provider (ISP)  billing, data warehousing, combating Denial of Service (DoS) attacks,  and data mining for marketing purpose. Net-flow for IPv6 provides basic funcationality of net-flow without affecting the IPv4 net-flow performance. This document provides summary steps on how to configure the ipv6 netflow on Cisco IOS.

 

Note: The below configuration steps are tested in 12.4 IOS release. To configure IPv6 NetFlow in IOS 12.4(20)T and above refer to

IPv6 Flexible Netflow Configuration Example

 

How to enable Ipv6 netflow

Summary Steps:

In Configuration mode:

 

1. ipv6 flow-export version 9

 

This command enables the exporting of information in NetFlow cache entries.

 

2. ipv6 flow-export destination ip-address udp-port

 

This command enable the exporting of information in NetFlow cache entries to a specific address or port.

 

3. ipv6 flow-export template {refresh-rate packet-refresh-rate | timeout timeout-value}

 

Configuring this command in the global configuration mode, enable the exporting of information in NetFlow cache entries,

 

For example:

 

ipv6 flow-export template refresh-rate 100 means NetFlow cache is refreshed after 100 packets are collected.

 

In otherwords, the refresh-rate specifies the number of export packets that are sent before the options and flow templates are resent. The value ranges from 1 to 600. and the default value is 20.

 

 

ipv6 flow-export template timeout-rate 60 means the flow and options is resent after every 60 minutes

 

The timeout-rate specifies the interval (in minutes) that the  router waits after sending the templates (flow and options) before  sending them again. The value ranges from 1 to 3600 and the default value is 30.

 

 

4. ipv6 flow-export template options {export-stats | refresh-rate packet-refresh-rate | timeout timeout-value}

 

This command configures templates for IPv6 cache exports.

 

Configuring this command enables the  export-stats, refresh-rate and timeout-rate keywords for configuring Version 9 export options.

 

In Interface mode:

 

  1. ipv6 flow {ingress | egress}

 

This command enables accounting of  IPv6 packets arriving on an interface configured for 6PE

 

Configuring ipv6 flow ingress enables IPv6 flow capture on incoming packets.

Configuring ipv6 flow egress enables IPv6 flow capture on outgoing packets.

 

Managing NetFlow for IPv6 Statistics

 

The following show commands can be used to display the cache content and cache statistics

 

  • show ipv6 flow cache

This command displays the cache content. Sample output is shown as below:

shipv6flowcache.gif

  • show ipv6 flow export.

This command displays the export statistics.Sample output is shown below.

shipv6flowexport.gif

 

 

Related Information

NetFlow Version 9 Flow-Record Format

Cisco IOS Netflow

IPv6 - Frequently Asked Questions (FAQ)

Comments
John.Ladwig
Level 1
Level 1
‎06-21-2012 08:17 AM

What version(s) of IOS are thee instruction valid for?

15.1M doesn't recognize this command set.

Sivagami Narayanan
Level 1
Level 1
‎06-27-2012 09:21 AM

Hi John,

This configuration is supported till 12.4 IOS. Kindly refer to the IPv6 Flexible Netflow Configuration for configuring NetFlow for 12.4(20)T and above.

Thank you for visiting Ciso Support Community!

Thanks

Sivagami.N

Don Jacob
Level 1
Level 1
‎12-03-2012 05:55 AM

Is there an option to export NetFlow data to IPv6 address? ie. ip flow export destination "ipv6 address".

Regards,

Don Thomas

Gian Paolo
Level 1
Level 1
‎02-23-2013 09:32 AM

Hi Sivagami,

what happens if the export destination is configured only for the aggregation cache but not for the main cache?

ipv6 flow-export source Loopback0

ipv6 flow-aggregation cache destination-prefix

export version 9

export destination 1.1.1.1 1111

sh ipv6 flow export

Flow export v9 is disabled for main cache

  Version 9 flow records

  Cache for destination-prefix aggregation:

  VRF ID : Default

    Destination(1)  6.6.44.100 (9876)

Are aggregate flow entries sent to the destination or is the main cache export required too?

Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card