Setup netflow
x.x.x.x = your netflow collector eg solarwinds etc.
flow exporter NETFLOW-EXP-TO-ORION
destination x.x.x.x
source vlan1
transport udp 2055
Setup what you want to record
flow record NETFLOW-RECORD-IN
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match flow direction
collect interface output
collect counter bytes long
collect counter packets long
flow record NETFLOW-RECORD-OUT
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface output
match flow direction
collect interface input
collect counter bytes long
collect counter packets long
Setup the monitors
flow monitor NETFLOW-MON-OUT
exporter NETFLOW-EXP-TO-ORION
cache timeout inactive 10
cache timeout active 60
record NETFLOW-RECORD-OUT
flow monitor NETFLOW-MON-IN
exporter NETFLOW-EXP-TO-ORION
cache timeout inactive 10
cache timeout active 60
record NETFLOW-RECORD-IN
Enable the monitors on the interfaces
Enable under the interfaces you want to collect netflow data from usually these will be uplinks, links to other sites etc
interface GigabitEthernet2/0/36
ip flow monitor NETFLOW-MON-IN input
ip flow monitor NETFLOW-MON-OUT output
Don't forget to write your config.
You might need to check firewall rules between the two hosts.
Allow a few minutes for the data to populate in the collector.
No comments:
Post a Comment