The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document contains information about and instructions for configuring sampling to reduce the CPU overhead of analyzing traffic with Flexible NetFlow.
NetFlow is a Cisco technology that provides statistics on packets flowing through a router. NetFlow is the standard for acquiring IP operational data from IP networks. NetFlow provides data to support network and security monitoring, network planning, traffic analysis, and IP accounting.
Flexible NetFlow improves on original NetFlow by adding the capability to customize the traffic analysis parameters for your specific requirements. Flexible NetFlow faciltates the creation of more complex configurations for traffic analysis and data export through the use of reusable configuration components.
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn . An account on Cisco.com is not required.
The networking device must be running a Cisco release release that supports Flexible NetFlow.
The networking device must be configured for IPv6 routing.
One of the following must be enabled on your router and on any interfaces on which you want to enable Flexible NetFlow: Cisco Express Forwarding IPv6 or distributed Cisco Express Forwarding IPv6.
You have configured a flow record, flow monitor, flow exporter, and flow sampler.
This feature expands the ipv6 flow monitor command to include a layer2-bridged keyword that enables you to configure Flexible Netflow to monitor IPv6 Layer 2 bridged traffic on both Switched Virtual Interfaces (SVIs) and VLANs, with or without flow samplers.
Only the keywords and arguments required for the Flexible NetFlow commands used in these tasks are explained in these tasks. For information about the other keywords and arguments available for these Flexible NetFlow commands, refer to the Cisco IOS Flexible NetFlow Command Reference .
To configure a flow record, flow monitor, and exporter to monitor IPv6 Layer 2 bridged traffic, perform this task.
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable Example: |
Enables privileged EXEC mode.
|
| Step 2 |
configure terminal Example: |
Enters global configuration mode. |
| Step 3 |
flow record name Example: |
Configures a flow record to monitor IPv6 bridged Layer 2 traffic and enters Flexible NetFlow flow record configuration mode. |
| Step 4 |
match datalink source-vlan-id Example: |
Configures the source VLAN ID as a key field. |
| Step 5 |
match flow cts destination group Example: |
Configures the flow CTS destination group as a key field. |
| Step 6 |
match flow cts source group Example: |
Configures the flow CTS source group as a key field. |
| Step 7 |
match flow direction Example: |
Configures the flow direction as a key field. |
| Step 8 |
match interface input Example: |
Configures the input interface as a key field. |
| Step 9 |
match interface input physical Example: |
Configures the physical input interface as a key field. |
| Step 10 |
match interface output Example: |
Configures the output interface as a key field. |
| Step 11 |
match ipv4 destination address Example: |
Configures the IPv4 destination address as a key field. |
| Step 12 |
match ipv4 dscp Example: |
Configures the IPv4 DSCP as a key field. |
| Step 13 |
match ipv4 precedence Example: |
Configures the IPv4 precedence as a key field. |
| Step 14 |
match ipv4 protocol Example: |
Configures the IPv4 protocol as a key field. |
| Step 15 |
match ipv4 source address Example: |
Configures the IPv4 source address as a key field. |
| Step 16 |
match ipv4 tos Example: |
Configures the IPv4 TOS as a key field. |
| Step 17 |
match transport destination-port Example: |
Configures the transport destination port as a key field. |
| Step 18 |
match transport source-port Example: |
Configures the transport source port as a key field. |
| Step 19 |
collect counter bytes Example: |
Collects the total number of bytes. |
| Step 20 |
collect counter packets Example: |
Collects the total number of packets. |
| Step 21 |
collect interface output Example: |
Collects the output interface. |
| Step 22 |
collect interface input Example: |
Collects the input interface. |
| Step 23 |
collect ipv4 destination mask Example: |
Collects the Ipv4 destination mask. |
| Step 24 |
collect ipv4 destination prefix Example: |
Collects the Ipv4 destination prefix. |
| Step 25 |
collect ipv4 source mask Example: |
Collects the Ipv4 source mask. |
| Step 26 |
collect ipv4 source prefix Example: |
Collects the Ipv4 source prefix. |
| Step 27 |
collect timestamp sys-uptime first Example: |
Collects the first timestamp of the system uptime. |
| Step 28 |
collect timestamp sys-uptime last Example: |
Collects the last timestamp of the system uptime. |
| Step 29 |
collect transport tcp flags Example: |
Collects the TCP transport flags. |
| Step 30 |
exit Example: |
Exits Flexible NetFlow flow record configuration mode. |
| Step 31 |
flow exporter exporter-name Example: |
Creates an FNF flow exporter and enters Flexible NetFlow flow exporter configuration mode. |
| Step 32 |
export-protocol netflow-v9 Example: |
Configures NetFlow Version 9 export as the export protocol. |
| Step 33 |
destination ip-address Example: |
Configures the IP address of the workstation to which you want to send the NetFlow information. |
| Step 34 |
exit Example: |
Exits Flexible NetFlow flow exporter configuration mode. |
| Step 35 |
flow monitor name Example: |
Configures a flow monitor for IPv6 bridged traffic and enters Flexible NetFlow flow monitor configuration mode. |
| Step 36 |
record record-name Example: |
Specifies the name of a user-defined flow record that was previously configured. |
| Step 37 |
exporter exporter-name Example: |
Specifies the name of a flow exporter that was previously configured. |
| Step 38 |
end Example: |
Exits Flexible NetFlow flow monitor configuration mode and returns to privileged EXEC mode. |
To configure Flexible Netlflow to monitor IPv6 Layer 2 Bridged Traffic on a SVI, perform this task:
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable Example: |
Enables privileged EXEC mode.
|
| Step 2 |
configure terminal Example: |
Enters global configuration mode. |
| Step 3 |
interface vlan number Example: |
Configures an interface type and enters interface configuration mode. |
| Step 4 |
ipv6 flow monitor monitor-name [sampler monitor-name ] layer2-bridged input Example: |
Applies the monitor to the interface. |
| Step 5 |
end Example: |
Exits interface configuration mode and returns to privileged EXEC mode. |
To configure Flexible Netlflow to monitor IPv6 Layer 2 Bridged Traffic on a VLAN, perform this task:
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable Example: |
Enables privileged EXEC mode.
|
| Step 2 |
configure terminal Example: |
Enters global configuration mode. |
| Step 3 |
interface vlan number Example: |
Configures a VLAN and enters VLAN configuration mode. |
| Step 4 |
ipv6 flow monitor monitor-name [sampler monitor-name ] layer2-bridged input Example: |
Applies the monitor to the VLAN. |
| Step 5 |
end Example: |
Exits VLAN configuration mode and returns to privileged EXEC mode. |
You can configure Flexible Netflow to monitor IPv6 Layer 2 bridged traffic on both Switched Virtual Interfaces (SVIs) and VALNs, with or without flow samplers.
The following example is designed to monitor IPv6 Layer 2 bridged traffic on an SVI. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitor command.
This sample starts in global configuration mode:
!
!
flow record bridged-flow-record
description bridged flow record
match ipv6 destination address
match ipv6 source address
match interface input
collect counter bytes long
collect counter packets long
exit
!
flow monitor bridged-flow-monitor
description bridged flow monitor
record bridged-flow-record
exit
!
interface vlan 100
ipv6 flow monitor bridged-flow-monitor layer2-bridged input
exit
!The following example is designed to monitor IPv6 Layer 2 bridged traffic on a VLAN. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitor command.
This sample starts in global configuration mode:
!
!
flow record bridged-flow-record
description bridged flow record
match ipv6 destination address
match ipv6 source address
match interface input
collect counter bytes long
collect counter packets long
exit
!
flow monitor bridged-flow-monitor
description bridged flow monitor
record bridged-flow-record
exit
!
vlan configuration 100
ipv6 flow monitor bridged-flow-monitor layer2-bridged input
exit
!The following example is designed to monitor IPv6 Layer 2 bridged traffic on an SVI using a sampler. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitor command.
This sample starts in global configuration mode:
!
!
flow record bridged-flow-record
description bridged flow record
match ipv6 destination address
match ipv6 source address
match interface input
collect counter bytes long
collect counter packets long
exit
!
flow monitor bridged-flow-monitor
description bridged flow monitor
record bridged-flow-record
exit
!
sampler S1
mode deterministic 1 out-of 2
exit
!
interface vlan 100
ipv6 flow monitor bridged-flow-monitor sampler S1 layer2-bridged input
exit
!The following example is designed to monitor IPv6 Layer 2 bridged traffic on a VLAN using a flow sampler. An exporter is not configured because this example is intended to be used to capture additional data for analysis on the router using the show flow monitor command.
This sample starts in global configuration mode:
!
!
flow record bridged-flow-record
description bridged flow record
match ipv6 destination address
match ipv6 source address
match interface input
collect counter bytes long
collect counter packets long
exit
!
flow monitor bridged-flow-monitor
description bridged flow monitor
record bridged-flow-record
exit
!
sampler S1
mode deterministic 1 out-of 2
exit
!
vlan configuration 100
ipv6 flow monitor bridged-flow-monitor sampler S1 layer2-bridged input
exit
!|
Related Topic |
Document Title |
|---|---|
|
Cisco IOS commands |
|
|
Overview of Flexible NetFlow |
"Cisco IOS Flexible NetFlow Overview" |
|
Flexible NetFlow Feature Roadmap |
"Cisco IOS Flexible NetFlow Features Roadmap" |
|
Emulating original NetFlow with Flexible NetFlow |
"Getting Started with Configuring Cisco IOS Flexible NetFlow" |
|
Configuring flow exporters to export Flexible NetFlow data. |
"Configuring Data Export for Cisco IOS Flexible NetFlow with Flow Exporters" |
|
Configuring flow sampling to reduce the overhead of monitoring traffic with Flexible NetFlow |
"Using Cisco IOS Flexible NetFlow Flow Sampling to Reduce the CPU Overhead of Analyzing Traffic" |
|
Configuring Flexible NetFlow using predefined records |
"Configuring Cisco IOS Flexible NetFlow with Predefined Records" |
|
Using Flexible NetFlow Top N Talkers to analyze network traffic |
"Using Cisco IOS Flexible NetFlow Top N Talkers to Analyze Network Traffic" |
|
Configuring IPv4 multicast statistics support for Flexible NetFlow |
"Configuring IPv4 Multicast Statistics Support for Cisco IOS Flexible NetFlow" |
|
Configuration commands for Flexible NetFlow |
Cisco IOS Flexible NetFlow Command Reference |
|
Standard |
Title |
|---|---|
|
None |
-- |
|
MIB |
MIBs Link |
|---|---|
|
None |
To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL: |
|
RFC |
Title |
|---|---|
|
RFC 3954 |
Cisco Systems NetFlow Services Export Version 9 |
|
Description |
Link |
|---|---|
|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.|
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
Flexible Netflow - IPv6 bridged flows |
15.1(1)SY |
Flexible Netflow has been enhanced to enable the accounting of Layer 2 switched or bridged IPv6 traffic, for both SVIs and pure VLANs. |
Feedback