Netflow Export/Cache Filtering

HUBERT RESCH · ‎10-05-2011

Hi, I saw on the C6K5 there is the possibility to define include or exclude filters for the Netflow records which have to be exported.

I am looking for a possibility to achive this with ISR routers (newest SW) as well.

Background: Customer wants to have the Netflow-data of flows which are running over the routers WAN-Link.

Normally no problem , flow ingress and flow egress on the WAN-Link, but we are using GET-VPN for encryption on the WAN-link, so it

does not make sense to enable flow ingress and flow egress on the WAN-link, because doing this we just can see flows with ESP no L4 Port.

What we did is to enable flow ingress and flow egress only on the LAN-Interface, so we get the data we want if there is only one LAN-interface.

If the router has more LAN-Interfaces and if there is traffic between the LAN-Interfaces we receive also flow-records for this traffic.

This recoreds we want to filter to be exported or bettter to be cached.

I didnt find any possibility to achive this on ISR-routers.

Any idea ?

Thx in Advance

Hubert

Jan Nejman · ‎10-05-2011

Hubert,

I'm afraid of that it is not possible on cisco boxes. I understand what you need and it is nice idea.

I think the filtering (in IOS) is only used on exporting flows. At this moment you can only use

filtering on collector side.

Regards,

Jan Nejman

Marius Gunnerud · ‎10-05-2011

It is possible using Flexible NetFlow. Have a look at this link:

--
Please remember to select a correct answer and rate helpful posts