Flexible NetFlow Exporter on Embedded Wireless Controller

Flexible NetFlow Exporter on Embedded Wireless Controller

Flexible Netflow (FnF) Exporter on Embedded Wireless Controller (EWC) is supported from Cisco IOS XE Amsterdam 17.2.1 onwards.

NetFlow is a Cisco IOS technology that provides statistics on packets flowing on the network. NetFlow is the standard for acquiring IP operational data from IP networks. NetFlow provides data to support network and security monitoring, network planning, traffic analysis, and IP accounting.

Flexible NetFlow improves on original NetFlow by adding the capability to customize the traffic analysis parameters for your specific requirements. Flexible NetFlow facilitates the creation of more complex configurations for traffic analysis and data export through the use of reusable configuration components.

FnF Exporter in EWC is supported only in the flex mode.

This feature is part of the AVC solution in EWC. For more information about AVC, refer to the Application Visibility and Control chapter.

AVC Configuration Limitations on EWC

  • Only one local exporter (statistics collector on EWC) is supported.

  • FnF supports only one per IP-type and direction in Flex mode, for Flow Monitor.

  • Support of only UDP transport protocol.

  • AVC cache is not supported.

  • The option command and the command related to DP statistics are not supported on EWC.

  • Support of only Wireless AVC Basic template.

  • Support for only Netflow Version 9.

  • IP address 0.0.0.0 is a valid destination address. However, if you use it, the Flexible NetFlow data will be discarded and not collected by any collector.

Create a Flow Exporter

The following procedure shows how to create a flow exporter in EWC:

Procedure

  Command or Action Purpose

Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

flow exporter flow-export-name

Example:

Device(config)# flow exporter export-test

Creates a flow exporter.

Step 3

description string

Example:

Device(config-flow-exporter)# description IPv4flow

(Optional) Describes the flow exporter as a maximum 63-character string.

Step 4

Example:

Device(config-flow-exporter)# destination 10.0.1.0

Create a Flow Monitor

The NetFlow configuration requires a flow record, a flow monitor, and a flow exporter. This configuration should be the first step in the overall AVC configuration.

Procedure

  Command or Action Purpose

Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

flow monitor monitor-name

Example:

Device(config)# flow monitor monitor-test

Creates a flow monitor.

Step 3

exporter exporter-name

Example:

Device(config-flow-monitor)# exporter export-test

Binds this flow monitor with an already defined flow exporter.

Step 4

record wireless avc basic

Example:

Device(config-flow-monitor)# record wireless avc basic

Specifies the basic wireless AVC flow template.

Configuring the Wireless WLAN Profile Policy

This configuration maps the flow-monitor or exporter constructs with wireless WLANs, thereby making APs collect FnF measurements.

Procedure

  Command or Action Purpose

Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

wireless profile policy policy-name

Example:

Device(config)# wireless profile policy default-policy-profile

Configures the WLAN policy profile and enters wireless policy configuration mode.

Step 3

shutdown

Example:

Device(config-wireless-policy)# shutdown

Disables the policy profile.

Step 4

{ipv4 | ipv6} flow monitor monitor-name input

Example:

Device(config-wireless-policy)# ipv4 flow monitor monitor-test input

Specifies the name of the IPv4 or IPv6 ingress flow monitor.

Step 5

{ipv4 | ipv6} flow monitor monitor-name output

Example:

Device(config-wireless-policy)# ipv4 flow monitor monitor-test output

Specifies the name of the IPv4 or IPv6 egress flow monitor.

Step 6

no shutdown

Example:

Device(config-wireless-policy)# no shutdown

Enables the policy profile.

Verifying Flow Exporter in Embedded Wireless Controller

To view the flow exporter details in the Embedded Wireless Controller, use the following command:

show platform software wlavc status cp-exporter 
show platform software wlavc status cp-exporter  
AVC FNF Exporter status
IP: 10.10.1.1
connection statistics 
        Sent bytes : 5672 
        Sent packets : 569 
        Sent records : 240 
        Received packets : 800 
        Received records : 564
Socket statistics 
        New sockets : 3 
        Closed sockets : 0
Library statistics  AVC 
        cache errors : 0  
        Unexpected Flow Monitor ID : 0  
        Socket creation error : 0