Table Of Contents
Netflow v9 for IPv6
Contents
Prerequisites for Netflow v9 for IPv6
Information About Netflow v9 for IPv6
NetFlow and NDE on the PFC
NetFlow Export Format Version 9
How to Configure Netflow v9 for IPv6
Examples
Configuration Examples for Configuring Netflow v9 for IPv6
Configuring the NetFlow v9 for IPv6 Feature: Example
Additional References
Related Documents
Standards
MIBs
RFCs
Technical Assistance
Command Reference
Feature Information for Netflow v9 for IPv6
Netflow v9 for IPv6
First Published: February 27th, 2007
Last Updated: February 27th, 2007
This module contains information about and instructions for configuring NetFlow and NetFlow Data Export (NDE) for capturing and exporting data from IP version 6 (IPv6) traffic flows using the NetFlow version 9 (v9) export format.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for Netflow v9 for IPv6" section.
Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Contents
•
Prerequisites for Netflow v9 for IPv6
•Information About Netflow v9 for IPv6
•How to Configure Netflow v9 for IPv6
•Configuration Examples for Configuring Netflow v9 for IPv6
•Additional References
•Command Reference
•Feature Information for Netflow v9 for IPv6
Prerequisites for Netflow v9 for IPv6
Your router must be running Cisco IOS release 12.2(33)SRB or later to configure the Netflow v9 for IPv6 feature.
Information About Netflow v9 for IPv6
Before you configure the Netflow v9 for IPv6 feature, you should understand the following concepts:
•NetFlow and NDE on the PFC
•NetFlow Export Format Version 9
NetFlow and NDE on the PFC
The NetFlow cache on the PFC captures statistics for flows routed in hardware.
The PFC uses one of these flow masks to create NetFlow entries:
•source-only—The cache contains one entry for each source IP address. All flows from a given source IP address use this entry.
•destination—The cache contains one entry for each destination IP address. All flows to a given destination IP address use this entry.
•destination-source—The cache contains one entry for each source and destination IP address pair. All flows between the same source and destination IP addresses use this entry.
•destination-source-interface—Adds the source VLAN SNMP ifIndex to the information in the destination-source flow mask.
•full—A separate cache entry is created for each IP flow. A full entry includes the source IP address, destination IP address, protocol, and protocol interfaces.
•full-interface—Adds the source VLAN SNMP ifIndex to the information in the full flow mask.
See the "Configuring NetFlow and NDE" chapter of the Cisco 7600 Series Cisco IOS Software Configuration Guide, Release 12.2SR, for detailed information on NetFlow flow masks and flow records.
NetFlow Export Format Version 9
For all NetFlow export versions, the NetFlow export datagram consists of a header and a sequence of flow records. The header contains information such as sequence number, record count, and system uptime. The flow record contains flow information, such as IP addresses, ports, and routing information.
NetFlow version 9 export format is the newest NetFlow export format. The distinguishing feature of the NetFlow version 9 export format is that it is template based. Templates make the record format extensible. NetFlow version 9 export format allows future enhancements to NetFlow without requiring concurrent changes to the basic flow-record format.
The NetFlow version 9 export record format is different from the traditional NetFlow fixed format export record. In NetFlow version 9, a template describes the NetFlow data, and the flow set contains the actual data. This arrangement allows for flexible export.
The use of templates with the NetFlow version 9 export format provides several other key benefits:
•You can export almost any information from a router or switch, including Layer 2 through 7 information, routing information, IP version 6 (IPv6), IP version 4 (IPv4), multicast, and Multiprotocol Label Switching (MPLS) information. This new information allows new applications for export data and new views of network behavior.
•Third-party business partners who produce applications that provide NetFlow collector or display services for NetFlow are not required to recompile their applications each time a new NetFlow export field is added. Instead, they can use an external data file that documents the known template formats.
•New features can be added to NetFlow more quickly, without breaking current implementations.
•NetFlow is "future-proofed" against new or developing protocols, because the version 9 export format can be adapted to provide support for them and for other non-NetFlow-based approaches to data collection.
The NetFlow version 9 export packet header format is shown in Table 1.
Table 1 NetFlow Version 9 Export Packet Header Field Names and Descriptions
|
Bytes
|
Field Name
|
Description
|
0-1 |
Version |
The version of NetFlow records exported in this packet; for version 9, this value is 0x0009. |
2-3 |
Count |
Number of FlowSet records (both template and data) contained within this packet. |
4-7 |
System Uptime |
Time in milliseconds since this device was first booted. |
8-11 |
UNIX Seconds |
Seconds since 0000 Coordinated Universal Time (UTC) 1970. |
12-15 |
Sequence Number |
Incremental sequence counter of all export packets sent by this export device; this value is cumulative, and it can be used to find out whether any export packets have been missed. This is a change from the NetFlow version 5 and version 8 headers, where this number represented "total flows." |
16-19 |
Source ID |
The Source ID field is a 32-bit value that is used to guarantee uniqueness for each flow exported from a particular device. (The Source ID field is the equivalent of the engine type and engine ID fields found in the NetFlow version 5 and version 8 headers.) The format of this field is vendor specific. In Cisco's implementation, the first two bytes are reserved for future expansion and are always zero. Byte 3 provides uniqueness with respect to the routing engine on the exporting device. Byte 4 provides uniqueness with respect to the particular line card or Versatile Interface Processor on the exporting device. Collector devices should use the combination of the source IP address and the Source ID field to associate an incoming NetFlow export packet with a unique instance of NetFlow on a particular device. |
Figure 1 shows a typical example of exporting data using the NetFlow version 9 export format.
Figure 1 NetFlow Version 9 Export Format Packet Example
Additional information about the NetFlow export format version 9 and the export format architecture is available in the NetFlow version 9 Flow-Record Format document.
How to Configure Netflow v9 for IPv6
Perform the steps in this required task to configure the Netflow v9 for IPv6 feature.
SUMMARY STEPS
1. enable
2. configure terminal
3. ipv6 unicast-routing
4. mls flow {ip | ipv6} {destination | destination-source | full | interface-destination-source | interface-full | source}
5. mls nde sender
6. ip flow-export version 9
7. ip flow-export destination {ip-address | hostname} udp-port
8. interface type number
9. ipv6 address ip-address/mask
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1 |
enable
Example:
Router> enable |
Enables privileged EXEC mode. •Enter your password if prompted. |
Step 2 |
configure terminal
Example:
Router# configure terminal |
Enters global configuration mode. |
Step 3 |
ipv6 unicast-routing
Example:
Router(config)# ipv6 unicast-routing |
Enables the forwarding of IPv6 unicast datagrams. |
Step 4 |
mls flow {ip | ipv6} {destination | destination-source | full | interface-destination-source | interface-full | source}
Example:
Router(config)# mls flow ipv6 interface-full |
Specifies the NetFlow flow mask for IPv6 traffic. |
Step 5 |
mls nde sender
Example:
Route(config)# mls nde sender |
Enables NDE globally on the router. Note NDE does not start exporting data until you specify a destination for the exported traffic. The destination for exported traffic is specified in Step 7. |
Step 6 |
ip flow-export version 9
Example:
Router(config)# ip flow-export version 9 |
Configures NDE to use the NetFlow version 9 export format. |
Step 7 |
ip flow-export destination {ip-address | hostname} udp-port
Example:
Router(config)# ip flow-export destination 172.16.10.2 88 |
Specifies the IP address or the hostname of the NetFlow collector and the UDP port on which the NetFlow collector is listening. |
Step 8 |
interface type number
Example:
Router(config)# interface fastethernet 1/1 |
Specifies the interface that you want to enable NetFlow on and enters interface configuration mode. |
Step 9 |
ipv6 address ip-address/mask
Example:
Router(config-if)# ipv6 address 2001:0DB8:AB::2/64 |
Configure an IPv6 address on the interface. |
Examples
The following output of the show mls nde command verifies that NDE is enabled on the router.
Cisco-7600#show mls nde
NetFlow Data Export enabled
Exporting flows to 10.30.30.2 (12345) 172.16.10.2 (88)
Exporting flows from 10.4.9.149 (58970)
Version: 9
Layer2 flow creation is disabled
Layer2 flow export is disabled
Include Filter not configured
Exclude Filter not configured
Total NetFlow Data Export Packets are:
0 packets, 0 no packets, 0 records
Total NetFlow Data Export Send Errors:
IPWRITE_NO_FIB = 0
IPWRITE_ADJ_FAILED = 0
IPWRITE_PROCESS = 0
IPWRITE_ENQUEUE_FAILED = 0
IPWRITE_IPC_FAILED = 0
IPWRITE_OUTPUT_FAILED = 0
IPWRITE_MTU_FAILED = 0
IPWRITE_ENCAPFIX_FAILED = 0
NetFlow Aggregation Disabled
Configuration Examples for Configuring Netflow v9 for IPv6
This section contains the following configuration example:
•Configuring the NetFlow v9 for IPv6 Feature: Example
Configuring the NetFlow v9 for IPv6 Feature: Example
The following example shows how to configure the router for NetFlow and NDE for IPv6 traffic using NetFlow export format version 9.
ipv6 unicast-routing
mls flow ipv6 interface-full
mls nde sender
ip flow-export version 9
ip flow-export destination 172.16.10.2 88
interface FastEthernet1/1
ipv6 address 2001:0DB8::1/64
Additional References
The following sections provide references related to the Netflow v9 for IPv6 feature.
Related Documents
Standards
|
Standard
|
Title
|
There are no standards associated with this feature. |
— |
MIBs
|
MIB
|
MIBs Link
|
There are no MIBs associated with this feature. |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs |
RFCs
|
RFC
|
Title
|
RFC 3954 |
Cisco Systems NetFlow Services Export Version 9. |
Technical Assistance
|
Description
|
Link
|
The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, tools, and technical documentation. Registered Cisco.com users can log in from this page to access even more content. |
http://www.cisco.com/techsupport |
Command Reference
This feature uses no new or modified commands.
Feature Information for Netflow v9 for IPv6
Table 2 lists the release history for this feature.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 2 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.
Table 2 Feature Information for Netflow v9 for IPv6
|
Feature Name
|
Releases
|
Feature Information
|
Netflow v9 for IPv6 |
12.2(33)SRB |
The Netflow v9 for IPv6 feature enables the export of NetFlow flow information for IPv6 traffic. In 12.2(33)SRB, support for this feature was introduced on the Cisco 7600 series routers. |
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2007 Cisco Systems, Inc. All rights reserved.
Feedback