NetFlow is a Cisco developed network protocol for collecting IP traffic details as it enters or exits an interface. In this lesson, we will learn, how to configure Netflow on Cisco IOS XR devices. Netflow configuration divided into 3 main components. These are-
- Exporter Map
- Sampler Map
- Flow Monitor Map
First of all, let’s discuss about limitation of netflow on Cisco IOS XR 6.2.x. These are-
- Only netflow version 9 is allowed.
- Do not use management interface for exporting netflow packet.
- A source interface must need to be assigned.
- You can not use sub-interface to export netflow.
Exporter Map:
An exporter-map contains transport layer information and network details for the Netflow export packet. You also can define netflow version here.
flow exporter-map ExpMap destination 10.10.10.10 source gigabitEthernet 0/0/0/0 transport udp 9995 version v9
Here, we define exporter-map and we name it ExpMap. Our netflow server IP is 10.10.10.10 and UDP port 9995. And, we are using source interface gigabitEthernet 0/0/0/0.
Sampler Map:
The sampler-map helps us to define on which rate we are going to count.
sampler-map SamMap random 1 out-of 100
Here, we analyze 1 packet out of 100. Please note that, physical and sub interfaces must need to be under the same sampler map.
Flow Monitor Map:
Monitor map will be assigned into the interface. It contains exporter map and record map.
flow monitor-map MonMap record ipv4 exporter ExpMap
Apply to Interface:
Finally, we need to apply monitor map and sampler map into our monitoring interface. Here we are applying our netflow in gigabitEthernet 0/0/0/4 for inbound traffic.
interface gigabitEthernet 0/0/0/4 flow ipv4 monitor MonMap sampler SamMap ingress
