NetFlow Hardware Support

note.gif

Note In Cisco IOS Release 15.4SY, the Flexible NetFlow feature provides statistics collection and data export. See these publications:

http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/command/fnf-cr-book.html

 

Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page:

http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html

Participate in the Technical Documentation Ideas forum

 

Prerequisites for NetFlow Hardware Support

None.

Restrictions for NetFlow Hardware Support

  • Cisco IOS Release 15.4SY and later releases do not support NetFlow version 7 or NetFlow version 8. Flexible NetFlow has limited support for NetFlow version 5.
  • No statistics are available for flows that are forwarded when the NetFlow table is full.
  • If the NetFlow table utilization exceeds the recommended utilization levels, there is an increased probability that there will be insufficient room to store statistics. Table 54-1 lists the recommended maximum utilization levels.

 

Table 54-1 NetFlow Table Utilization
PFC Mode
Effective NetFlow Table Utilization
Total NetFlow Table Capacity

PFC4XL

506,184 ingress entries

506,184 egress entries

524,288 (512k) ingress entries

524,288 (512k) egress entries

PFC4

515,032 ingress+egress entries

524,288 (512k) ingress+egress entries
  • If a flow is destined to an address in the PBR range or is sourced from an address in the PBR range, the input and output interface will be the default route (if configured) or be null.

Information About NetFlow Hardware Support

The NetFlow table on the PFC and any DFCs captures data for flows forwarded in hardware. These are some of the features that use the NetFlow table:

  • Flexible NetFlow
  • Network address translation (NAT)
  • QoS microflow policing
  • Reflexive ACLS
  • WCCP

To limit NetFlow CPU usage, you can configure aging timers to identify stale flows that can be deleted from the table. NetFlow deletes the stale entries to clear table space for new entries.

Default Settings for NetFlow Hardware Support

  • Inactive Flow Aging: enabled (300 seconds)
  • Fast Aging: disabled
  • Active Flow Aging: enabled (1920 seconds)

 

How to Configure NetFlow Hardware Support

note.gif

Noteblank.gif NetFlow table aging keeps the NetFlow table size below the recommended utilization. If the number of NetFlow table entries exceeds the recommended utilization (see the “Restrictions for NetFlow Hardware Support” section), only adjacency statistics might be available for some flows.

  • Network events (for example, routing changes or a link state change) can also purge NetFlow table entries.

 

Configuring Inactive Flow Aging

To configure inactive flow aging, perform this task:

 

Command
Purpose

Router(config)# flow platform cache timeout inactive seconds

Configures the aging time for NetFlow table entries that have been inactive longer than the configured time value.

  • Default: enabled; value: 300 seconds.
  • Range for the seconds value: 60-4092.

This example displays how to configure the aging time for NetFlow table entries that have been inactive longer than the configured time value:

Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# flow platform cache timeout inactive 300

Configuring Fast Aging

To configure fast aging, perform this task:

 

Command
Purpose

Router(config)# flow platform cache timeout fast [[time seconds ] [threshold packets ]]

Configures an aging time for NetFlow table entries that have been inactive longer than the configured time value and that have forwarded fewer packets than the configured threshold value.

  • Default: disabled.
  • Default if time seconds not entered: 32 seconds;
    range for the seconds value: 60–4092.
  • Default if threshold packets not entered: 100 packets
    range for the packets value: 1–4000.
note.gif

Noteblank.gif If you enable fast aging, initially set the value to 128 seconds. If the size of the NetFlow table continues to grow over the recommended utilization, decrease the setting until the table size stays below the recommended utilization. If the table continues to grow over the recommended utilization, decrease the inactive NetFlow table aging time.

This example displays how to configure the NetFlow table aging time:

Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# flow platform cache timeout fast time 32 threshold 100

Configuring Active Flow Aging

To configure active flow aging, perform this task:

 

Command
Purpose

Router(config)# flow platform cache timeout active seconds

Configures the aging time for NetFlow table entries regardless of packet activity, which can prevent counter wraparound and inaccurate statistics.

  • Default: enabled; value: 1920 seconds.
  • Range for the seconds value: 60–4092.

This example displays how to configure active flow aging:

Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# flow platform cache timeout active 1920

Verifying the NetFlow Table Aging Configuration

To display the NetFlow table aging configuration, perform this task:

 

Command
Purpose

Router# show platform flow aging

Displays the NetFlow table aging configuration.

This example shows how to display the NetFlow table aging-time configuration:

Router# show platform flow aging
Aging scheme Enabled Timeout Packet threshold
--------------+---------+---------+------------------
Fast No 32 100
Inactive Yes 300 N/A
Active Yes 1920 N/A

Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page:

http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html

Participate in the Technical Documentation Ideas forum