Contents
- IP-Aware MPLS NetFlow
- Finding Feature Information
- Restrictions for Configuring IP-Aware MPLS NetFlow
- Information About IP-Aware MPLS NetFlow
- Benefits of the CAP2 Rate Limiter
- How to Configure IP-Aware MPLS NetFlow
- Creating a Flow Record and Flow Exporter
- Creating a Monitor and Adding a Flow Record and Flow Exporter
- Configuring a Flow Sampler with a Copy Type
- Configuration Examples for IP-Aware MPLS NetFlow
- Example: Creating a Flow Record and Flow Exporter
- Example: Configuring a Flow Monitor and Adding a Flow Record and Flow Exporter
- Example: Configuring a Sampler with a Copy Type
- Example: Applying the Monitor and Sampler to an Interface
- Additional References for IP-Aware MPLS NetFlow
- Feature Information for IP-Aware MPLS NetFlow
IP-Aware MPLS NetFlow
The IP-Aware MPLS NetFlow feature is an extension of the NetFlow accounting feature that uses copy-based sampling to copy sampled packets to the software where they can be further processed. This sampling provides highly granular traffic statistics for Cisco devices. NetFlow is a Cisco application that provides statistics about packets flowing through the device.
- Finding Feature Information
- Restrictions for Configuring IP-Aware MPLS NetFlow
- Information About IP-Aware MPLS NetFlow
- How to Configure IP-Aware MPLS NetFlow
- Configuration Examples for IP-Aware MPLS NetFlow
- Additional References for IP-Aware MPLS NetFlow
- Feature Information for IP-Aware MPLS NetFlow
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Restrictions for Configuring IP-Aware MPLS NetFlow
- Copy-based sampling is allowed only in the ingress direction.
- The Lawful Intercept (LI) feature is of higher priority than the Capture2 (CAP2) feature. If LI is enabled, the copy-based sampling configuration is not removed but the feature is disabled.
- Inner Internet Protocol (IP) header meta details such as Ingress Interface, Egress Enterface, Border Gateway Protocol (BGP) next hop, and Interior Gateway Protocol (IGP) next hop are not allowed as collect fields with copy-based sampling.
- IP copy-based sampling supports both IP and Multiprotocol Label Switching (MPLS) packets coming in on the interface. However, these packets cannot be distinguished.
- All flow key and nonkey fields are enabled on the platform CLI but, during the configuration, only hardware supported fields are allowed on the noncopy-based sampling and nonsampling cases. For copy-based sampler all the fields are allowed, except the meta fields.
- The number of different profiles that can be used for copy-based sampling is limited to eight.
- In some cases the ingress and egress interface type cannot be derived in Cisco software.
Information About IP-Aware MPLS NetFlow
Benefits of the CAP2 Rate Limiter
During copy-based sampling the sampled packets are copied to the Route Processor. If this rate of sampling is high, the act of processing all of these packets in software may cause a negative impact on the CPU performance.
The CAP2 rate limiter limits the number of packets copied to the Route Processor, decreasing any chances of performance impact. The rate limiter configuration of access control list (ACL) logging (OAL) is also used for copy-based sampling rate limiting.
How to Configure IP-Aware MPLS NetFlow
Creating a Flow Record and Flow Exporter
To enable copy-based sampling you must first create a flow record and flow exporter that can then be added to a flow monitor. The flow record is used for traffic analysis, and the exporter to export the data that is collected by flexible NetFlow.
 Note | Meta fields, such as number and BGP next hop, are not allowed with copy-based sampling. |
1.
enable
2.
configure
terminal
3.
flow
record
record-name
4.
match
ipv4
source
address
5.
end
6.
flow
exporter
exporter-name
7.
end
DETAILED STEPS
Creating a Monitor and Adding a Flow Record and Flow Exporter
To enable flow sampling, you configure the record that you want to use for traffic analysis, and the exporter to export the data that is collected by flexible NetFlow to a remote system for further analysis and storage, and assign them to a flow monitor.
1.
enable
2.
configure
terminal
3.
flow
monitor
monitor-name
4.
record
record-name
5.
exporter
exporter-name
6.
end
DETAILED STEPS
Configuring a Flow Sampler with a Copy Type
Flow samplers are used to reduce the load placed by flexible NetFlow on the networking device to monitor traffic by limiting the number of packets that are analyzed. By applying the copy type command to the flow sampler, you enable the copying of sampled packets to the software or Route Processor. Features that are not available in hardware can then be applied on those packets.
1.
enable
2.
configure
terminal
3.
sampler
sampler-name
4.
type
copy
5.
end
DETAILED STEPS
Configuration Examples for IP-Aware MPLS NetFlow
Example: Creating a Flow Record and Flow Exporter
The following example shows how to create a flow record and flow exporter for copy-based sampling. Meta fields, such as number and BGP next hop, are not allowed with copy-based sampling.
Device(config)# flow record FLOW-RECORD-1 Device(config-record)# exit Device(config)# flow exporter FLOW-EXPORTER-1 Device(config-exporter)#
Example: Configuring a Flow Monitor and Adding a Flow Record and Flow Exporter
The following configuration example, in flow monitor configuration mode, shows how to configure a flow monitor and add to it a flow record and flow exporter which enables flow sampling.
Device(config)# flow monitor FLOW-MONITOR-1 Device(config-flow-monitor)# record FLOW-RECORD-1 Device(config-flow-monitor)# exporter FLOW-EXPORTER-1
Example: Configuring a Sampler with a Copy Type
The following example shows how to configure a sampler for copy-based sampling. When the type copy is not specified the command is in noncopy-based sampling mode and the sampled packets are accounted for in hardware.
Device(config)# sampler SAMPLER-1 Device(config-sampler)# type copy Device(config-sampler)# mode rand 1 out 10 Device(config)# end
Example: Applying the Monitor and Sampler to an Interface
The following example shows how to apply the monitor and sampler commands to an interface. Copy-based sampling in allowed only on the ingress direction. By applying a flow monitor and a sampler to the interface, you ensure the rate of analysis of the sampled packets is at the rate specified by the sampler. The sampled packets are then compared with the flow record associated with the flow monitor. If the analyzed packets meet the criteria specified by the flow record, they are added to the flow monitor cache.
Device(config)# interface g1/1 Device(config-if)# ip flow monitor FLOW-MONITOR-1 sampler SAMPLER-1 input
Additional References for IP-Aware MPLS NetFlow
Related Documents
|
Related Topic |
Document Title |
|---|---|
|
Overview of Cisco IOS NetFlow |
Cisco IOS NetFlow Overview |
|
Cisco IOS commands |
Technical Assistance
|
Description |
Link |
|---|---|
|
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content. |
Feature Information for IP-Aware MPLS NetFlow
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
IP-Aware MPLS NetFlow |
15.1(1)SY |
The IP-Aware MPLS NetFlow feature is an extension of the NetFlow accounting feature that uses copy-based sampling to copy sampled packets to the software where they can be further processed. This sampling provides highly granular traffic statistics for Cisco devices. NetFlow is a Cisco application that provides statistics on packets flowing through the device. The following command was introduced: type copy. |