SlideShare a Scribd company logo

25.3.10 packet tracer explore a net flow implementation

Freddy Buenaño
Freddy Buenaño

REDES

Engineering
1 of 12
Download to read offline
© 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 12 www.netacad.com LABORATORIO 25.3.10 Nombre: Rafael Buenaño Semestre: 9no B Packet Tracer - Explore a NetFlow Implementation Objectives Part 1: Observe NetFlow Flow Records - One Direction Part 2: Observe NetFlow Records for a Session that Enters and Leaves the Collector Background / Scenario In this activity, you will use Packet Tracer to create network traffic and observe the corresponding NetFlow flow records in a NetFlow collector. Packet Tracer offers a basic simulation of NetFlow functionality. It is not a replacement for learning NetFlow on physical equipment. Some differences may exist between NetFlow flow records generated by Packet Tracer and by records created by full-featured network equipment. Instructions Part 1: Observe NetFlow Flow Records - One Direction Step 1: Open the NetFlow collector. a. From the NetFlow Collector, click the Desktop tab. Click the Netflow Collector icon. b. Click the On radio button to activate the collector as necessary. Position and size the window so that it is visible from the Packet Tracer topology window. Step 2: Ping the default gateway from PC-1. a. Click PC-1. b. Open the Desktop tab and click the Command Prompt icon. c. Enter the ping command to test connectivity to the default gateway at 10.0.0.1. C:> ping 10.0.0.1 d. After a brief delay, the NetFlow Collector screen will display a pie chart. Note: The first set of pings may not be sent to the NetFlow Collector because the ARP process must first resolve IP and MAC addresses. If after 30 seconds, a pie chart does not appear, ping the default gateway again. e. Click either the pie chart or the legend entry to display the flow record details.
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 12 www.netacad.com f. The flow record will have entries similar to those in the table below. Your timestamps will be different. Entry Value Explanation Traffic contribution 100% (1/1) This is the proportion of all traffic represented by this flow. IPV4 SOURCE ADDRESS 10.0.0.10 This is the source IP address of the flow packets. IPV4 DESTINATION ADDRESS 10.0.0.1 This is the destination IP address of the flow packets. TRNS SOURCE PORT 0 This is the transport layer source port. The value is 0 because this is an ICMP flow. TRNS DESTINATION PORT 0 This is the transport layer destination port. The value is 0 because this is an ICMP flow. IP PROTOCOL 1 This identifies Layer 4 service, typically 1 for ICMP, 6 for TCP, and 17 for UDP. timestamp first 00:47:49.593 This is the timestamp for the beginning of the flow. timestamp last 00:47:52.598 This is the timestamp for the last packet in the flow. tcp flags 0x00 This is the TCP flag value. In this case, no TCP session was involved because the protocol is ICMP. counter bytes 512 This is the number of bytes in the flow. counter packets 4 This is the number of packets in the flow. interface input Gig0/0 This is the interface of the flow exporter that collected the flow in the input direction (into the monitoring device interface).
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 12 www.netacad.com Entry Value Explanation interface output Null This is the interface of the flow exporter that collected the flow in the output direction (out of the monitoring device interface). The value is “Null” because this was a ping to the input interface. In this case, the flow represents the ICMP ping from host 10.0.0.10 to 10.0.0.1. Four ping packets were in the flow. The packets entered interface G0/0 of the exporter. Note: In this activity, the Edge router has been configured as a NetFlow flow exporter. The LAN interface is configured to monitor flows that enter it from the LAN. The serial interface has been configured to collect flows that enter it from the internet. This has been done to simplify this activity. To see traffic that matches a full bi-directional session, the NetFlow exporter would need to be configured to collect flows entering and leaving a network. Step 3: Create additional traffic. a. Click PC-2 > Desktop. b. Open a command prompt and ping the default gateway 10.0.0.1. Question: What do you expect to see in the NetFlow collector flow records? Will the statistics for the existing flow record change, or will a new flow appear in the pie chart?
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 12 www.netacad.com c. Return to PC-1 and repeat the ping to the gateway. Question: How will this traffic be represented? No As a new segment in the pie chart or will it modify the values in the existing flow record?
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 12 www.netacad.com ype your answers here. d. Issue pings from PC-3 and PC-4 to the default gateway address. What should happen to the display in the flow collector? Typ
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 6 of 12 www.netacad.com e your answers here.
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 7 of 12 www.netacad.com Part 2: Observe NetFlow Records for a Session that Enters and Leaves the Collector The NetFlow exporter has been configured to collect flows that exit the LAN and enter the router from the Internet. Step 1: Access the Web Server by IP Address. Before continuing, power cycle the NetFlow Collector to clear the flows. a. Click NetFlow Collector > Physical tab.
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 8 of 12 www.netacad.com b. Click the red power button to turn off the server. Then click it again to turn the server back on. (Note: You may need to scroll over or zoom out.) c. From the NetFlow Collector, click the Desktop tab. d. Click the Netflow Collector icon. Click the “On” radio button to activate the collector. Close the NetFlow Collector window. e. Before you access a web server from PC-1, predict how many flows will there be in the pie chart? Explain. No debe tener division por el reseteo del servidor. From your knowledge of network protocols and NetFlow, predict the values for the web page requests leaving the LAN. Record Field Value Guidelines Source IP address Blank N/A Destination IP address Blank N/A Source Port 1025–5000 (MS Windows default, which is what PT uses. This is an approximate value that is dynamically created. Destination Port Blank N/A Input Interface Blank N/A Output Interface Blank N/A Predict the values for the web page reply entering the NetFlow exporter router from the internet. Record Field Value Guidelines Source IP address Blank N/A Destination IP address Blank N/A Source Port Blank N/A Destination Port 1025-5000 This is whatever value was randomly assigned form the ephemeral port range. Input Interface Blank N/A Output Interface Blank N/A f. Click PC-1 > Desktop. Close the Command Prompt window, if necessary. Click the Web Browser icon. g. In the Web Browser for PC-1, enter 192.0.2.100 and click Go. The Example Website webpage will display. h. After a short delay, a new pie chart will appear in the NetFlow collector. You will see at least two pie segments for the HTTP request and response. You might see a third segment if the ARP cache for PC-1 timed out.
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 9 of 12 www.netacad.com i. Click each HTTP pie segment to display the record and verify your predictions. j. Click the link to the Copyrights page.
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 10 of 12 www.netacad.com Questions: What happened? Explain. (Hint: compare the port number on the host for the flows.) Los puertos de la zonas azul y verde tiene los siguientes puertos
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 11 of 12 www.netacad.com Los puertos de la zonas amarilla y rosa tiene los siguientes puertos Compare the flows. Aside from the obvious timestamp, source and destination IP address, port, and interfaces, differences, what else is different between the request and response flows? Step 2: Access the Web Server by URL. a. Power cycle the NetFlow Collector to clear the flows. b. Turn on the Netflow Collector service. c. Before you access the Web Server by its URL. Question: What do you think you will see in the NetFlow collector display? No habrá ninguna información, ya que el NetFlow Collector se reinicio. d. On PC-1, enter www.example.com in the URL field and press Go. e. After the flows are displayed, inspect each flow record. Question: What values do you see for the IP protocol field of the flow record? What do these values mean? Los campos del protocolo IP se analizaron el valor 6 es para TCP y se utiliza para el tráfico HTTP en el puerto TCP 80. El valor 17 es para el tráfico UDP y lo utiliza la consulta DNS y flujos de respuesta.
Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 12 of 12 www.netacad.com

Recommended

Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
brief intro to Linux device drivers
brief intro to Linux device driversbrief intro to Linux device drivers
brief intro to Linux device driversAlexandre Moreno
 
OpenStack DevStack Install - 1부 (All-in-one)
OpenStack DevStack Install - 1부 (All-in-one)OpenStack DevStack Install - 1부 (All-in-one)
OpenStack DevStack Install - 1부 (All-in-one)Ian Choi
 
Utilisacion del utilitario strssda as400
Utilisacion del utilitario strssda as400Utilisacion del utilitario strssda as400
Utilisacion del utilitario strssda as400jhosuetorresrodriguez
 
PCI Drivers
PCI DriversPCI Drivers
PCI DriversAnil Kumar Pugalia
 
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...Cisco Canada
 
Project calico - introduction
Project calico - introductionProject calico - introduction
Project calico - introductionHazzim Anaya
 
Wiresharkの解析プラグインを作る ssmjp 201409
Wiresharkの解析プラグインを作る ssmjp 201409Wiresharkの解析プラグインを作る ssmjp 201409
Wiresharkの解析プラグインを作る ssmjp 201409稔 小林
 

Recommended

Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
brief intro to Linux device drivers
brief intro to Linux device driversbrief intro to Linux device drivers
brief intro to Linux device driversAlexandre Moreno
 
OpenStack DevStack Install - 1부 (All-in-one)
OpenStack DevStack Install - 1부 (All-in-one)OpenStack DevStack Install - 1부 (All-in-one)
OpenStack DevStack Install - 1부 (All-in-one)Ian Choi
 
Utilisacion del utilitario strssda as400
Utilisacion del utilitario strssda as400Utilisacion del utilitario strssda as400
Utilisacion del utilitario strssda as400jhosuetorresrodriguez
 
PCI Drivers
PCI DriversPCI Drivers
PCI DriversAnil Kumar Pugalia
 
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...Cisco Canada
 
Project calico - introduction
Project calico - introductionProject calico - introduction
Project calico - introductionHazzim Anaya
 
Wiresharkの解析プラグインを作る ssmjp 201409
Wiresharkの解析プラグインを作る ssmjp 201409Wiresharkの解析プラグインを作る ssmjp 201409
Wiresharkの解析プラグインを作る ssmjp 201409稔 小林
 
Unifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPFUnifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPFNetronome
 
SPI Drivers
SPI DriversSPI Drivers
SPI DriversSysPlay eLearning Academy for You
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel ConfigurationNetProtocol Xpert
 
Jagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchJagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchlinuxlab_conf
 
libuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenlibuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenSaúl Ibarra Corretgé
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructorSalem Trabelsi
 
ebpf and IO Visor: The What, how, and what next!
ebpf and IO Visor: The What, how, and what next!ebpf and IO Visor: The What, how, and what next!
ebpf and IO Visor: The What, how, and what next!Affan Syed
 
Linux BPF Superpowers
Linux BPF SuperpowersLinux BPF Superpowers
Linux BPF SuperpowersBrendan Gregg
 
Block Drivers
Block DriversBlock Drivers
Block DriversAnil Kumar Pugalia
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialDalton Valadares
 
Volume Encryption In CloudStack
Volume Encryption In CloudStackVolume Encryption In CloudStack
Volume Encryption In CloudStackShapeBlue
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introductionYi-Hsiu Hsu
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
IPv6 cohabitation et migration - Oussama SALIHI
IPv6 cohabitation et migration - Oussama SALIHIIPv6 cohabitation et migration - Oussama SALIHI
IPv6 cohabitation et migration - Oussama SALIHIgrecma
 
Vivado hls勉強会5(axi4 stream)
Vivado hls勉強会5(axi4 stream)Vivado hls勉強会5(axi4 stream)
Vivado hls勉強会5(axi4 stream)marsee101
 
U-Boot - An universal bootloader
U-Boot - An universal bootloader U-Boot - An universal bootloader
U-Boot - An universal bootloader Emertxe Information Technologies Pvt Ltd
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux KernelKernel TLV
 
Embedded linux network device driver development
Embedded linux network device driver developmentEmbedded linux network device driver development
Embedded linux network device driver developmentAmr Ali (ISTQB CTAL Full, CSM, ITIL Foundation)
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device driversHoucheng Lin
 
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...Salem Trabelsi
 
How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersSolarWinds
 
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPKrzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPPROIDEA
 

More Related Content

What's hot

Unifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPFUnifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPFNetronome
 
Jagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchJagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchlinuxlab_conf
 
libuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenlibuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenSaúl Ibarra Corretgé
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructorSalem Trabelsi
 
ebpf and IO Visor: The What, how, and what next!
ebpf and IO Visor: The What, how, and what next!ebpf and IO Visor: The What, how, and what next!
ebpf and IO Visor: The What, how, and what next!Affan Syed
 
Linux BPF Superpowers
Linux BPF SuperpowersLinux BPF Superpowers
Linux BPF SuperpowersBrendan Gregg
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialDalton Valadares
 
Volume Encryption In CloudStack
Volume Encryption In CloudStackVolume Encryption In CloudStack
Volume Encryption In CloudStackShapeBlue
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introductionYi-Hsiu Hsu
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
IPv6 cohabitation et migration - Oussama SALIHI
IPv6 cohabitation et migration - Oussama SALIHIIPv6 cohabitation et migration - Oussama SALIHI
IPv6 cohabitation et migration - Oussama SALIHIgrecma
 
Vivado hls勉強会5(axi4 stream)
Vivado hls勉強会5(axi4 stream)Vivado hls勉強会5(axi4 stream)
Vivado hls勉強会5(axi4 stream)marsee101
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux KernelKernel TLV
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device driversHoucheng Lin
 
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...Salem Trabelsi
 

What's hot (20)

Unifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPFUnifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPF
 
SPI Drivers
SPI DriversSPI Drivers
SPI Drivers
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel Configuration
 
Jagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchJagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratch
 
libuv, NodeJS and everything in between
libuv, NodeJS and everything in betweenlibuv, NodeJS and everything in between
libuv, NodeJS and everything in between
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
 
ebpf and IO Visor: The What, how, and what next!
ebpf and IO Visor: The What, how, and what next!ebpf and IO Visor: The What, how, and what next!
ebpf and IO Visor: The What, how, and what next!
 
Linux BPF Superpowers
Linux BPF SuperpowersLinux BPF Superpowers
Linux BPF Superpowers
 
Block Drivers
Block DriversBlock Drivers
Block Drivers
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build Tutorial
 
Volume Encryption In CloudStack
Volume Encryption In CloudStackVolume Encryption In CloudStack
Volume Encryption In CloudStack
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introduction
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking Walkthrough
 
IPv6 cohabitation et migration - Oussama SALIHI
IPv6 cohabitation et migration - Oussama SALIHIIPv6 cohabitation et migration - Oussama SALIHI
IPv6 cohabitation et migration - Oussama SALIHI
 
Vivado hls勉強会5(axi4 stream)
Vivado hls勉強会5(axi4 stream)Vivado hls勉強会5(axi4 stream)
Vivado hls勉強会5(axi4 stream)
 
U-Boot - An universal bootloader
U-Boot - An universal bootloader U-Boot - An universal bootloader
U-Boot - An universal bootloader
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
 
Embedded linux network device driver development
Embedded linux network device driver developmentEmbedded linux network device driver development
Embedded linux network device driver development
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
 
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...
5.5.1.2 packet tracer configure ios intrusion prevention system (ips) using...
 

Similar to 25.3.10 packet tracer explore a net flow implementation

How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersSolarWinds
 
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPKrzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPPROIDEA
 
IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...
IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...
IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...IRJET Journal
 
Go with the Flow-v2
Go with the Flow-v2Go with the Flow-v2
Go with the Flow-v2Zobair Khan
 
How to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routersHow to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routersIT Tech
 
Ccna 2 Final V4 1
Ccna 2 Final V4 1Ccna 2 Final V4 1
Ccna 2 Final V4 1stigerj
 
Ccnav5.org ccna 4-v50_practice_final_exam
Ccnav5.org ccna 4-v50_practice_final_examCcnav5.org ccna 4-v50_practice_final_exam
Ccnav5.org ccna 4-v50_practice_final_examĐồng Quốc Vương
 
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...IRJET Journal
 
NetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseNetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseCisco Canada
 
Ccna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 AnswersCcna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 Answersccna4discovery
 
acn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfacn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfQual4
 
Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014Đồng Quốc Vương
 
3.7.10 Lab Use Wireshark to View Network Traffic
3.7.10 Lab Use Wireshark to View Network Traffic3.7.10 Lab Use Wireshark to View Network Traffic
3.7.10 Lab Use Wireshark to View Network TrafficRio Ap
 
Ccna 3 Final V4.0 Answers
Ccna 3 Final V4.0 AnswersCcna 3 Final V4.0 Answers
Ccna 3 Final V4.0 Answersccna4discovery
 
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpecPLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpecPROIDEA
 

Similar to 25.3.10 packet tracer explore a net flow implementation (20)

How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco Routers
 
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPKrzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
 
opnet lab report
opnet lab reportopnet lab report
opnet lab report
 
IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...
IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...
IRJET - Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP...
 
Go with the Flow-v2
Go with the Flow-v2Go with the Flow-v2
Go with the Flow-v2
 
Go with the Flow
Go with the Flow Go with the Flow
Go with the Flow
 
How to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routersHow to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routers
 
Ccna 2 Final V4 1
Ccna 2 Final V4 1Ccna 2 Final V4 1
Ccna 2 Final V4 1
 
Ccnav5.org ccna 4-v50_practice_final_exam
Ccnav5.org ccna 4-v50_practice_final_examCcnav5.org ccna 4-v50_practice_final_exam
Ccnav5.org ccna 4-v50_practice_final_exam
 
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
 
Vpn ug5
Vpn ug5Vpn ug5
Vpn ug5
 
NetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseNetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat Defense
 
ccna 4 final 2012
ccna 4 final 2012ccna 4 final 2012
ccna 4 final 2012
 
Ccna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 AnswersCcna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 Answers
 
acn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfacn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdf
 
Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_7_v5_0_exam_answers_2014
 
rtnetlink
rtnetlinkrtnetlink
rtnetlink
 
3.7.10 Lab Use Wireshark to View Network Traffic
3.7.10 Lab Use Wireshark to View Network Traffic3.7.10 Lab Use Wireshark to View Network Traffic
3.7.10 Lab Use Wireshark to View Network Traffic
 
Ccna 3 Final V4.0 Answers
Ccna 3 Final V4.0 AnswersCcna 3 Final V4.0 Answers
Ccna 3 Final V4.0 Answers
 
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpecPLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
 

More from Freddy Buenaño

27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploit27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploitFreddy Buenaño
 
27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tuple27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tupleFreddy Buenaño
 
27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actor27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actorFreddy Buenaño
 
27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcap27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcapFreddy Buenaño
 
27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorial27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorialFreddy Buenaño
 
27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal format27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal formatFreddy Buenaño
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rulesFreddy Buenaño
 
25.3.11 packet tracer logging from multiple sources
25.3.11 packet tracer logging from multiple sources25.3.11 packet tracer logging from multiple sources
25.3.11 packet tracer logging from multiple sourcesFreddy Buenaño
 

More from Freddy Buenaño (8)

27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploit27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploit
 
27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tuple27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tuple
 
27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actor27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actor
 
27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcap27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcap
 
27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorial27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorial
 
27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal format27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal format
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
 
25.3.11 packet tracer logging from multiple sources
25.3.11 packet tracer logging from multiple sources25.3.11 packet tracer logging from multiple sources
25.3.11 packet tracer logging from multiple sources
 

Recently uploaded

Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxhumanexperienceaaa
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 

Recently uploaded (20)

Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 

25.3.10 packet tracer explore a net flow implementation

  • 1. © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 12 www.netacad.com LABORATORIO 25.3.10 Nombre: Rafael Buenaño Semestre: 9no B Packet Tracer - Explore a NetFlow Implementation Objectives Part 1: Observe NetFlow Flow Records - One Direction Part 2: Observe NetFlow Records for a Session that Enters and Leaves the Collector Background / Scenario In this activity, you will use Packet Tracer to create network traffic and observe the corresponding NetFlow flow records in a NetFlow collector. Packet Tracer offers a basic simulation of NetFlow functionality. It is not a replacement for learning NetFlow on physical equipment. Some differences may exist between NetFlow flow records generated by Packet Tracer and by records created by full-featured network equipment. Instructions Part 1: Observe NetFlow Flow Records - One Direction Step 1: Open the NetFlow collector. a. From the NetFlow Collector, click the Desktop tab. Click the Netflow Collector icon. b. Click the On radio button to activate the collector as necessary. Position and size the window so that it is visible from the Packet Tracer topology window. Step 2: Ping the default gateway from PC-1. a. Click PC-1. b. Open the Desktop tab and click the Command Prompt icon. c. Enter the ping command to test connectivity to the default gateway at 10.0.0.1. C:> ping 10.0.0.1 d. After a brief delay, the NetFlow Collector screen will display a pie chart. Note: The first set of pings may not be sent to the NetFlow Collector because the ARP process must first resolve IP and MAC addresses. If after 30 seconds, a pie chart does not appear, ping the default gateway again. e. Click either the pie chart or the legend entry to display the flow record details.
  • 2. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 12 www.netacad.com f. The flow record will have entries similar to those in the table below. Your timestamps will be different. Entry Value Explanation Traffic contribution 100% (1/1) This is the proportion of all traffic represented by this flow. IPV4 SOURCE ADDRESS 10.0.0.10 This is the source IP address of the flow packets. IPV4 DESTINATION ADDRESS 10.0.0.1 This is the destination IP address of the flow packets. TRNS SOURCE PORT 0 This is the transport layer source port. The value is 0 because this is an ICMP flow. TRNS DESTINATION PORT 0 This is the transport layer destination port. The value is 0 because this is an ICMP flow. IP PROTOCOL 1 This identifies Layer 4 service, typically 1 for ICMP, 6 for TCP, and 17 for UDP. timestamp first 00:47:49.593 This is the timestamp for the beginning of the flow. timestamp last 00:47:52.598 This is the timestamp for the last packet in the flow. tcp flags 0x00 This is the TCP flag value. In this case, no TCP session was involved because the protocol is ICMP. counter bytes 512 This is the number of bytes in the flow. counter packets 4 This is the number of packets in the flow. interface input Gig0/0 This is the interface of the flow exporter that collected the flow in the input direction (into the monitoring device interface).
  • 3. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 12 www.netacad.com Entry Value Explanation interface output Null This is the interface of the flow exporter that collected the flow in the output direction (out of the monitoring device interface). The value is “Null” because this was a ping to the input interface. In this case, the flow represents the ICMP ping from host 10.0.0.10 to 10.0.0.1. Four ping packets were in the flow. The packets entered interface G0/0 of the exporter. Note: In this activity, the Edge router has been configured as a NetFlow flow exporter. The LAN interface is configured to monitor flows that enter it from the LAN. The serial interface has been configured to collect flows that enter it from the internet. This has been done to simplify this activity. To see traffic that matches a full bi-directional session, the NetFlow exporter would need to be configured to collect flows entering and leaving a network. Step 3: Create additional traffic. a. Click PC-2 > Desktop. b. Open a command prompt and ping the default gateway 10.0.0.1. Question: What do you expect to see in the NetFlow collector flow records? Will the statistics for the existing flow record change, or will a new flow appear in the pie chart?
  • 4. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 12 www.netacad.com c. Return to PC-1 and repeat the ping to the gateway. Question: How will this traffic be represented? No As a new segment in the pie chart or will it modify the values in the existing flow record?
  • 5. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 12 www.netacad.com ype your answers here. d. Issue pings from PC-3 and PC-4 to the default gateway address. What should happen to the display in the flow collector? Typ
  • 6. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 6 of 12 www.netacad.com e your answers here.
  • 7. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 7 of 12 www.netacad.com Part 2: Observe NetFlow Records for a Session that Enters and Leaves the Collector The NetFlow exporter has been configured to collect flows that exit the LAN and enter the router from the Internet. Step 1: Access the Web Server by IP Address. Before continuing, power cycle the NetFlow Collector to clear the flows. a. Click NetFlow Collector > Physical tab.
  • 8. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 8 of 12 www.netacad.com b. Click the red power button to turn off the server. Then click it again to turn the server back on. (Note: You may need to scroll over or zoom out.) c. From the NetFlow Collector, click the Desktop tab. d. Click the Netflow Collector icon. Click the “On” radio button to activate the collector. Close the NetFlow Collector window. e. Before you access a web server from PC-1, predict how many flows will there be in the pie chart? Explain. No debe tener division por el reseteo del servidor. From your knowledge of network protocols and NetFlow, predict the values for the web page requests leaving the LAN. Record Field Value Guidelines Source IP address Blank N/A Destination IP address Blank N/A Source Port 1025–5000 (MS Windows default, which is what PT uses. This is an approximate value that is dynamically created. Destination Port Blank N/A Input Interface Blank N/A Output Interface Blank N/A Predict the values for the web page reply entering the NetFlow exporter router from the internet. Record Field Value Guidelines Source IP address Blank N/A Destination IP address Blank N/A Source Port Blank N/A Destination Port 1025-5000 This is whatever value was randomly assigned form the ephemeral port range. Input Interface Blank N/A Output Interface Blank N/A f. Click PC-1 > Desktop. Close the Command Prompt window, if necessary. Click the Web Browser icon. g. In the Web Browser for PC-1, enter 192.0.2.100 and click Go. The Example Website webpage will display. h. After a short delay, a new pie chart will appear in the NetFlow collector. You will see at least two pie segments for the HTTP request and response. You might see a third segment if the ARP cache for PC-1 timed out.
  • 9. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 9 of 12 www.netacad.com i. Click each HTTP pie segment to display the record and verify your predictions. j. Click the link to the Copyrights page.
  • 10. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 10 of 12 www.netacad.com Questions: What happened? Explain. (Hint: compare the port number on the host for the flows.) Los puertos de la zonas azul y verde tiene los siguientes puertos
  • 11. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 11 of 12 www.netacad.com Los puertos de la zonas amarilla y rosa tiene los siguientes puertos Compare the flows. Aside from the obvious timestamp, source and destination IP address, port, and interfaces, differences, what else is different between the request and response flows? Step 2: Access the Web Server by URL. a. Power cycle the NetFlow Collector to clear the flows. b. Turn on the Netflow Collector service. c. Before you access the Web Server by its URL. Question: What do you think you will see in the NetFlow collector display? No habrá ninguna información, ya que el NetFlow Collector se reinicio. d. On PC-1, enter www.example.com in the URL field and press Go. e. After the flows are displayed, inspect each flow record. Question: What values do you see for the IP protocol field of the flow record? What do these values mean? Los campos del protocolo IP se analizaron el valor 6 es para TCP y se utiliza para el tráfico HTTP en el puerto TCP 80. El valor 17 es para el tráfico UDP y lo utiliza la consulta DNS y flujos de respuesta.
  • 12. Packet Tracer - Explore a NetFlow Implementation © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 12 of 12 www.netacad.com