SlideShare a Scribd company logo

Cisco catalyst 3850 net flow configuration

Download as DOC, PDF
3Anetwork com
3Anetwork com

Leading Cisco networking products distributor-3network.com Cisco catalyst 3850 net flow configuration

Technology
1 of 7
Cisco Catalyst 3850 NetFlow Configuration NetFlow Cisco Catalyst 3850 Overview The Cisco Catalyst 3850 supports both ingress and egress FnF on all ports of the switch at line rate. Switch raw scalability is up to 24K cached flows, whereas it is 8K for ingress and 16K for egress per UADP ASIC. The Cisco Catalyst 3850 supports NetFlow Version 9, with IPv4, IPv6, Layer 2 flows, and sampled NetFlow. TCP flags are also exported as part of the flow information. When Cisco Catalyst 3850 switches are stacked together, each individual stack member exports its own flows to the collector. The Cisco Catalyst 3850 supports up to 16 flow monitors with eight different collectors simultaneously per flow monitor. Microflow policing is supported only for wireless clients. The FnF feature on the Cisco Catalyst 3850 is enabled on the IP base version and earlier. The Cisco Catalyst 3850 48-port switch has two UADP ASICs per switch, and the Cisco Catalyst 3850 24-port switch has one UADP ASIC. NetFlow Configuration on Cisco Catalyst 3850 Switch There are three components of FnF configuration: flow record, flow exporter, and flow monitor. Flow Record The NetFlow flow record is made up of primary fields and nonprimary fields. Primary fields are the fields from packet headers that are used for classifying and characterizing the flow. Additional information can be added to the flow record, and this information is contained in nonprimary fields. Match commands as seen in the following are used to define primary fields, while collect commands are used to define the nonprimary fields. Configuring a Flow Record (Ingress) flow record v4 match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface input collect interface output collect transport tcp flags collect counter bytes long collect counter packets long collect timestamp absolute first collect timestamp absolute last 1
collect counter bytes layer2 long Note: “match interface output” cannot be configured in the ingress flow monitor. In order to get the egress interface information, use the “collect interface output” command in an ingress flow record. Similarly, “match interface input” is not supported on an egress flow record; use “collect interface input” as shown in the following: Configuring a Flow Record (Egress) flow record v4out match ipv4 protocol match ipv4 tos match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface output collect interface input collect transport tcp flags collect counter bytes long collect counter packets long collect timestamp absolute first collect timestamp absolute last collect counter bytes layer2 long Exporter/Collector Information There are two primary methods to access NetFlow data: using a CLI with show commands or using an application that receives exported NetFlow information sent periodically by the switch. flow exporter Collector destination 10.1.1.28 dscp 48 transport udp 2055 template data timeout 30 option exporter-stats timeout 30 Flow exporter commands specify the destination IP address of the exporter/collector. DSCP specifies the DSCP value for datagrams sent to the exporter/collector. The next command specifies the L4 port on which the exporter/collector application listens for the NetFlow export packets from the switch. Template commands enable 2
the switch to send the NetFlow template after specified number of seconds to the exporter/collector. The Cisco Catalyst 3850 supports up to eight different exporters/collectors simultaneously per flow monitor. Flow Monitor Flow monitors are the FnF component that is applied to interfaces. Flow monitors consist of a record, cache parameters, and the exporter/collector. The flow monitor cache is automatically created at the time the flow monitor is configured on the first interface. Flow monitor is the container for the following information: ● Flow record ● Flow cache parameters ● Exporter/collector information flow monitor v4 exporter Collector exporter Collector 1 cache timeout active 60 cache timeout inactive 20 record v4 Attaching a Flow Monitor to Supported Port Types Wired Port interface GigabitEthernet1/0/1 description Interface for WIRED CLIENT in CONVERGED VLAN switchport access vlan 10 switchport mode access ip flow monitor v4 input ip flow monitor v4out output load-interval 30 no shutdown ! Wireless WLAN Port wlan SSID 1 SSID client vlan 12 ip flow monitor v4 input ip flow monitor v4out output no shutdown ! VLAN Interface Vlan configuration 500 ip flow monitor v4 input 3
ip flow monitor v4out output ! Configure Simple Network Management Protocol for Exporter snmp-server community public RO snmp-server community private RO Simple Network Management Protocol (SNMP) configurations enable the external collectors to read the configuration related to NetFlow on the switch and collect flows. Flexible NetFlow Outputs To display the flexible NetFlow configuration status for an interface, use the “Show Flow Interface” commands in privileged EXEC mode. To display aggregated flow statistics from a flow monitor cache, use the “Show flow monitor cache format table” command. 4
To display top N destination aggregated flow statistics from a flow monitor cache, use the following command. To display top N source address aggregated flow statistics from a flow monitor cache, use the following command 5
To display the status and statistics for IPv6 flexible NetFlow flow monitor, use the “Show Flow monitor” command in privileged EXEC mode. To display top N IPv6 destination address aggregated flow statistics from a flow monitor cache, use the following command: To display top N source address aggregated flow statistics from a flow monitor cache, use the following command: 6
It is referred from www.cisco.com More Cisco products and Reviews you can visit: http://www.3anetwork.com/blog 3Anetwork.com is a world leading Cisco networking products wholesaler, we wholesale original new Cisco networking equipments, including Cisco Catalyst switches, Cisco routers, Cisco firewalls, Cisco wireless products, Cisco modules and interface cards products at competitive price and ship to worldwide. Our website: http://www.3anetwork.com Telephone: +852-3069-7733 Email: info@3Anetwork.com Address: 23/F Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hongkong 7

Recommended

How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco Routers
SolarWinds
 
How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?
Pankaj Rane
 
How to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routersHow to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routers
IT Tech
 
Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3
IT Tech
 
BGP Protocol Makes the Internet Work
BGP Protocol Makes the Internet WorkBGP Protocol Makes the Internet Work
BGP Protocol Makes the Internet Work
IT Tech
 
Ordering guide for cisco isr g2
Ordering guide for cisco isr g2Ordering guide for cisco isr g2
Ordering guide for cisco isr g2
IT Tech
 
Network protocols
Network protocolsNetwork protocols
Network protocols
IT Tech
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 models
IT Tech
 

Recommended

How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco Routers
SolarWinds
 
How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?
Pankaj Rane
 
How to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routersHow to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routers
IT Tech
 
Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3
IT Tech
 
BGP Protocol Makes the Internet Work
BGP Protocol Makes the Internet WorkBGP Protocol Makes the Internet Work
BGP Protocol Makes the Internet Work
IT Tech
 
Ordering guide for cisco isr g2
Ordering guide for cisco isr g2Ordering guide for cisco isr g2
Ordering guide for cisco isr g2
IT Tech
 
Network protocols
Network protocolsNetwork protocols
Network protocols
IT Tech
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 models
IT Tech
 
Nagios
NagiosNagios
Nagios
charlielefebvre14
 
5. mrtg in nagios1 0
5. mrtg in nagios1 05. mrtg in nagios1 0
5. mrtg in nagios1 0
aqpjuan
 
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardwareComputer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
Shripal Oswal
 
GTU PHP Project Training Guidelines
GTU PHP Project Training GuidelinesGTU PHP Project Training Guidelines
GTU PHP Project Training Guidelines
TOPS Technologies
 
Nagios nrpe
Nagios nrpeNagios nrpe
Nagios nrpe
sharad chhetri
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
NetFlow Analyzer
 
Licensing on Cisco 2960, 3560X and 3750X...
Licensing on Cisco 2960, 3560X and 3750X...Licensing on Cisco 2960, 3560X and 3750X...
Licensing on Cisco 2960, 3560X and 3750X...
IT Tech
 
Central management of network and call services
Central management of network and call servicesCentral management of network and call services
Central management of network and call services
Nazmul Hossain Rakib
 
Line cards that are available for cisco catalyst 4500 series switches
Line cards that are available for cisco catalyst 4500 series switchesLine cards that are available for cisco catalyst 4500 series switches
Line cards that are available for cisco catalyst 4500 series switches
IT Tech
 
Packet Tracer: SNMP, Netflow, Sys-log
Packet Tracer: SNMP, Netflow, Sys-logPacket Tracer: SNMP, Netflow, Sys-log
Packet Tracer: SNMP, Netflow, Sys-log
Rafat Khandaker
 
Netflow slides
Netflow slidesNetflow slides
Netflow slides
Jose Manuel Vega Monroy
 
Cisco sfp modules
Cisco sfp modulesCisco sfp modules
Cisco sfp modules
3Anetwork com
 
Cisco 3900 and cisco 2900 series routers
Cisco 3900 and cisco 2900 series routersCisco 3900 and cisco 2900 series routers
Cisco 3900 and cisco 2900 series routers
3Anetwork com
 
Cisco catalyst 2960 x series
Cisco catalyst 2960 x seriesCisco catalyst 2960 x series
Cisco catalyst 2960 x series
3Anetwork com
 
Cisco catalyst 3750 x series switches
Cisco catalyst 3750 x series switchesCisco catalyst 3750 x series switches
Cisco catalyst 3750 x series switches
3Anetwork com
 
Cisco switches for small business
Cisco switches for small businessCisco switches for small business
Cisco switches for small business
3Anetwork com
 
How to recover the password for cisco 2900 integrated services router
How to recover the password for cisco 2900 integrated services routerHow to recover the password for cisco 2900 integrated services router
How to recover the password for cisco 2900 integrated services router
3Anetwork com
 
Cisco 4 and 8-port gigabit ethernet ehwi cs
Cisco 4 and 8-port gigabit ethernet ehwi csCisco 4 and 8-port gigabit ethernet ehwi cs
Cisco 4 and 8-port gigabit ethernet ehwi cs
3Anetwork com
 
Configuring the cisco switch with the cli based setup program
Configuring the cisco switch with the cli based setup programConfiguring the cisco switch with the cli based setup program
Configuring the cisco switch with the cli based setup program
3Anetwork com
 
Cisco 2960 basic configuration – vlan configuration
Cisco 2960 basic configuration – vlan configurationCisco 2960 basic configuration – vlan configuration
Cisco 2960 basic configuration – vlan configuration
3Anetwork com
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
3Anetwork com
 
Cisco catalyst 3850 series switches datasheet
Cisco catalyst 3850 series switches datasheetCisco catalyst 3850 series switches datasheet
Cisco catalyst 3850 series switches datasheet
3Anetwork com
 

More Related Content

Viewers also liked

5. mrtg in nagios1 0
5. mrtg in nagios1 05. mrtg in nagios1 0
5. mrtg in nagios1 0
aqpjuan
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
NetFlow Analyzer
 

Viewers also liked (11)

Nagios
NagiosNagios
Nagios
 
5. mrtg in nagios1 0
5. mrtg in nagios1 05. mrtg in nagios1 0
5. mrtg in nagios1 0
 
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardwareComputer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
 
GTU PHP Project Training Guidelines
GTU PHP Project Training GuidelinesGTU PHP Project Training Guidelines
GTU PHP Project Training Guidelines
 
Nagios nrpe
Nagios nrpeNagios nrpe
Nagios nrpe
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
 
Licensing on Cisco 2960, 3560X and 3750X...
Licensing on Cisco 2960, 3560X and 3750X...Licensing on Cisco 2960, 3560X and 3750X...
Licensing on Cisco 2960, 3560X and 3750X...
 
Central management of network and call services
Central management of network and call servicesCentral management of network and call services
Central management of network and call services
 
Line cards that are available for cisco catalyst 4500 series switches
Line cards that are available for cisco catalyst 4500 series switchesLine cards that are available for cisco catalyst 4500 series switches
Line cards that are available for cisco catalyst 4500 series switches
 
Packet Tracer: SNMP, Netflow, Sys-log
Packet Tracer: SNMP, Netflow, Sys-logPacket Tracer: SNMP, Netflow, Sys-log
Packet Tracer: SNMP, Netflow, Sys-log
 
Netflow slides
Netflow slidesNetflow slides
Netflow slides
 

More from 3Anetwork com

Cisco catalyst 2960 x series
Cisco catalyst 2960 x seriesCisco catalyst 2960 x series
Cisco catalyst 2960 x series
3Anetwork com
 
Cisco catalyst 3850 series switches datasheet
Cisco catalyst 3850 series switches datasheetCisco catalyst 3850 series switches datasheet
Cisco catalyst 3850 series switches datasheet
3Anetwork com
 

More from 3Anetwork com (20)

Cisco sfp modules
Cisco sfp modulesCisco sfp modules
Cisco sfp modules
 
Cisco 3900 and cisco 2900 series routers
Cisco 3900 and cisco 2900 series routersCisco 3900 and cisco 2900 series routers
Cisco 3900 and cisco 2900 series routers
 
Cisco catalyst 2960 x series
Cisco catalyst 2960 x seriesCisco catalyst 2960 x series
Cisco catalyst 2960 x series
 
Cisco catalyst 3750 x series switches
Cisco catalyst 3750 x series switchesCisco catalyst 3750 x series switches
Cisco catalyst 3750 x series switches
 
Cisco switches for small business
Cisco switches for small businessCisco switches for small business
Cisco switches for small business
 
How to recover the password for cisco 2900 integrated services router
How to recover the password for cisco 2900 integrated services routerHow to recover the password for cisco 2900 integrated services router
How to recover the password for cisco 2900 integrated services router
 
Cisco 4 and 8-port gigabit ethernet ehwi cs
Cisco 4 and 8-port gigabit ethernet ehwi csCisco 4 and 8-port gigabit ethernet ehwi cs
Cisco 4 and 8-port gigabit ethernet ehwi cs
 
Configuring the cisco switch with the cli based setup program
Configuring the cisco switch with the cli based setup programConfiguring the cisco switch with the cli based setup program
Configuring the cisco switch with the cli based setup program
 
Cisco 2960 basic configuration – vlan configuration
Cisco 2960 basic configuration – vlan configurationCisco 2960 basic configuration – vlan configuration
Cisco 2960 basic configuration – vlan configuration
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
 
Cisco catalyst 3850 series switches datasheet
Cisco catalyst 3850 series switches datasheetCisco catalyst 3850 series switches datasheet
Cisco catalyst 3850 series switches datasheet
 
Cisco catalyst 2960 series switches overview
Cisco catalyst 2960 series switches overviewCisco catalyst 2960 series switches overview
Cisco catalyst 2960 series switches overview
 
Enterprise Network Manager: the Router-On-A-stick
Enterprise Network Manager: the Router-On-A-stickEnterprise Network Manager: the Router-On-A-stick
Enterprise Network Manager: the Router-On-A-stick
 
Cisco Catalyst 2960-X Datasheet
Cisco Catalyst 2960-X DatasheetCisco Catalyst 2960-X Datasheet
Cisco Catalyst 2960-X Datasheet
 
How to configure a catalyst 3750 x
How to configure a catalyst 3750 xHow to configure a catalyst 3750 x
How to configure a catalyst 3750 x
 
Hubs vs switches vs routers
Hubs vs switches vs routersHubs vs switches vs routers
Hubs vs switches vs routers
 
Installing and removing sfp and sfp+ transceiver modules
Installing and removing sfp and sfp+ transceiver modulesInstalling and removing sfp and sfp+ transceiver modules
Installing and removing sfp and sfp+ transceiver modules
 
Dmvpn with configuration example
Dmvpn with configuration exampleDmvpn with configuration example
Dmvpn with configuration example
 
Cisco unified access from vision to reality
Cisco unified access from vision to realityCisco unified access from vision to reality
Cisco unified access from vision to reality
 
How to use time domain reflectometer (tdr)
How to use time domain reflectometer (tdr)How to use time domain reflectometer (tdr)
How to use time domain reflectometer (tdr)
 

Recently uploaded

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Cisco catalyst 3850 net flow configuration

  • 1. Cisco Catalyst 3850 NetFlow Configuration NetFlow Cisco Catalyst 3850 Overview The Cisco Catalyst 3850 supports both ingress and egress FnF on all ports of the switch at line rate. Switch raw scalability is up to 24K cached flows, whereas it is 8K for ingress and 16K for egress per UADP ASIC. The Cisco Catalyst 3850 supports NetFlow Version 9, with IPv4, IPv6, Layer 2 flows, and sampled NetFlow. TCP flags are also exported as part of the flow information. When Cisco Catalyst 3850 switches are stacked together, each individual stack member exports its own flows to the collector. The Cisco Catalyst 3850 supports up to 16 flow monitors with eight different collectors simultaneously per flow monitor. Microflow policing is supported only for wireless clients. The FnF feature on the Cisco Catalyst 3850 is enabled on the IP base version and earlier. The Cisco Catalyst 3850 48-port switch has two UADP ASICs per switch, and the Cisco Catalyst 3850 24-port switch has one UADP ASIC. NetFlow Configuration on Cisco Catalyst 3850 Switch There are three components of FnF configuration: flow record, flow exporter, and flow monitor. Flow Record The NetFlow flow record is made up of primary fields and nonprimary fields. Primary fields are the fields from packet headers that are used for classifying and characterizing the flow. Additional information can be added to the flow record, and this information is contained in nonprimary fields. Match commands as seen in the following are used to define primary fields, while collect commands are used to define the nonprimary fields. Configuring a Flow Record (Ingress) flow record v4 match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface input collect interface output collect transport tcp flags collect counter bytes long collect counter packets long collect timestamp absolute first collect timestamp absolute last 1
  • 2. collect counter bytes layer2 long Note: “match interface output” cannot be configured in the ingress flow monitor. In order to get the egress interface information, use the “collect interface output” command in an ingress flow record. Similarly, “match interface input” is not supported on an egress flow record; use “collect interface input” as shown in the following: Configuring a Flow Record (Egress) flow record v4out match ipv4 protocol match ipv4 tos match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface output collect interface input collect transport tcp flags collect counter bytes long collect counter packets long collect timestamp absolute first collect timestamp absolute last collect counter bytes layer2 long Exporter/Collector Information There are two primary methods to access NetFlow data: using a CLI with show commands or using an application that receives exported NetFlow information sent periodically by the switch. flow exporter Collector destination 10.1.1.28 dscp 48 transport udp 2055 template data timeout 30 option exporter-stats timeout 30 Flow exporter commands specify the destination IP address of the exporter/collector. DSCP specifies the DSCP value for datagrams sent to the exporter/collector. The next command specifies the L4 port on which the exporter/collector application listens for the NetFlow export packets from the switch. Template commands enable 2
  • 3. the switch to send the NetFlow template after specified number of seconds to the exporter/collector. The Cisco Catalyst 3850 supports up to eight different exporters/collectors simultaneously per flow monitor. Flow Monitor Flow monitors are the FnF component that is applied to interfaces. Flow monitors consist of a record, cache parameters, and the exporter/collector. The flow monitor cache is automatically created at the time the flow monitor is configured on the first interface. Flow monitor is the container for the following information: ● Flow record ● Flow cache parameters ● Exporter/collector information flow monitor v4 exporter Collector exporter Collector 1 cache timeout active 60 cache timeout inactive 20 record v4 Attaching a Flow Monitor to Supported Port Types Wired Port interface GigabitEthernet1/0/1 description Interface for WIRED CLIENT in CONVERGED VLAN switchport access vlan 10 switchport mode access ip flow monitor v4 input ip flow monitor v4out output load-interval 30 no shutdown ! Wireless WLAN Port wlan SSID 1 SSID client vlan 12 ip flow monitor v4 input ip flow monitor v4out output no shutdown ! VLAN Interface Vlan configuration 500 ip flow monitor v4 input 3
  • 4. ip flow monitor v4out output ! Configure Simple Network Management Protocol for Exporter snmp-server community public RO snmp-server community private RO Simple Network Management Protocol (SNMP) configurations enable the external collectors to read the configuration related to NetFlow on the switch and collect flows. Flexible NetFlow Outputs To display the flexible NetFlow configuration status for an interface, use the “Show Flow Interface” commands in privileged EXEC mode. To display aggregated flow statistics from a flow monitor cache, use the “Show flow monitor cache format table” command. 4
  • 5. To display top N destination aggregated flow statistics from a flow monitor cache, use the following command. To display top N source address aggregated flow statistics from a flow monitor cache, use the following command 5
  • 6. To display the status and statistics for IPv6 flexible NetFlow flow monitor, use the “Show Flow monitor” command in privileged EXEC mode. To display top N IPv6 destination address aggregated flow statistics from a flow monitor cache, use the following command: To display top N source address aggregated flow statistics from a flow monitor cache, use the following command: 6
  • 7. It is referred from www.cisco.com More Cisco products and Reviews you can visit: http://www.3anetwork.com/blog 3Anetwork.com is a world leading Cisco networking products wholesaler, we wholesale original new Cisco networking equipments, including Cisco Catalyst switches, Cisco routers, Cisco firewalls, Cisco wireless products, Cisco modules and interface cards products at competitive price and ship to worldwide. Our website: http://www.3anetwork.com Telephone: +852-3069-7733 Email: info@3Anetwork.com Address: 23/F Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hongkong 7