Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2306
Views
10
Helpful
5
Replies

"ip flow ingress" or "ip flow egress" in Cat3850 or Cat9300

Go to solution
bensonlei
Level 1
Level 1

‎02-23-2021 12:24 AM

Hi, Guys,

 

I am far away from such configuration.

Any document or article about the these configuration in Cat3850 and Cat9300 ?

 

I would like to enable the netflow in the latest switches, in order to check/inspect network traffic within the devices in real-time; any advice or recommendation ?

 

Many many thanks

 

 

1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to bensonlei

‎02-23-2021 06:26 AM

Hello @bensonlei ,

Netflow has been always used up to now in this way:

the network device(s) export flow data to a collector .

On the collector you can perform different types of analysis consolidation of data.

From a security point of view you may be interested on the TOP N talkers among hosts and  so on.

 

Running a collector on the switch itself using recent features like IOx or IOS XE guestshell might be difficult as there is also a need to store data on a hard  disk.

 

In other words netflow has been deployed in this distributed way and it is not so "real time" as you may think.

 

I would suggest you to explore the options of the CLI that can provide the TOPN talkrs from the cache

 

Hope to help

Giuseppe

View solution in original post

0 Helpful
5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎02-23-2021 12:31 AM

here is a good example to start with IOS XE (both 3850 and 9300 )

 

https://support.solarwinds.com/SuccessCenter/s/article/NetFlow-Configuration-Example-Cisco-3850-IOS-XE?language=en_US

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
bensonlei
Level 1
Level 1
In response to balaji.bandi

‎02-23-2021 01:15 AM

Hi BB,

 

Is this configuration for only exporting netflow data to Solarwinds ?

 

I would like to find the netflow configuration for inspecting netflow traffic in siwtches themselves, any recommendation ?

 

Thanks

Benson LEI

 

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to bensonlei

‎02-23-2021 03:14 AM

as i understand you want to have this exported inside switch. ? Cat 9300 you can have app deployment (is this consider here ?)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to bensonlei

‎02-23-2021 06:26 AM

Hello @bensonlei ,

Netflow has been always used up to now in this way:

the network device(s) export flow data to a collector .

On the collector you can perform different types of analysis consolidation of data.

From a security point of view you may be interested on the TOP N talkers among hosts and  so on.

 

Running a collector on the switch itself using recent features like IOx or IOS XE guestshell might be difficult as there is also a need to store data on a hard  disk.

 

In other words netflow has been deployed in this distributed way and it is not so "real time" as you may think.

 

I would suggest you to explore the options of the CLI that can provide the TOPN talkrs from the cache

 

Hope to help

Giuseppe

0 Helpful

Go to solution
bensonlei
Level 1
Level 1
In response to Giuseppe Larosa

‎02-24-2021 07:13 PM - edited ‎02-24-2021 08:28 PM

Hi, Giuseppe,

 

Great thanks for your update information.

 

But what a pity, we donot have a netflow device....only be able to inspect the traffic and ip within the device.

 

By the way, if it is possible to write an EEM script to capture the TOPN talkers in some scheduled periods, any recommendation ?

 

Cheers

Benson LEI

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card