Network devices must be configured to generate and send NetFlow data to Flow Monitor. This is accomplished manually using the device's command line interface (CLI), or automatically through the Source configuration dialog (Flow Monitor > Configuration) for devices that are NetFlow enabled and have the Cisco NetFlow MIB (OID: 1.3.6.1.4.1.9.9.387).
To manually configure NetFlow enabled devices to send Flow data to Flow Monitor: Caution: This procedure is an example that applies to a Cisco 1812 router and should not be used for other devices. The process for configuring a device to export Flow data varies widely from device to device and dependent upon your network configuration. Please see your router's documentation to determine the correct process for your device.
|
||
|
Command |
Purpose |
|
|
Enters privileged EXEC mode. Enter your password if prompted. |
|
|
Enters configuration mode. |
|
|
Sets the version of the NetFlow protocol that should be used to export data. Flow Monitor supports versions 1, 5, 7, and 9 only. |
|
|
Enables the router to export Flow data. Substitute the Flow Monitor server's IP address for <IP> and the listener port specified in the Flow Monitor Flow Settings dialog for <port>. |
|
||
|
||
|
Command |
Purpose |
|
|
Enters the configuration mode for the interface you specify. Substitute <interface> with the interface's name on the router. |
|
- or -
|
Enables Flow data export. Select the command that best fits your needs.
|
Tip: If the device exporting Flow data is also performing network address translation (NAT), we recommend exporting egress data from the internal interface so that private network addresses are communicated. Any other configuration results in all private addresses reporting as the public addresses of the device performing the network address translation.
Note: Other options exist for configuring NetFlow. For a complete list of available options, see Configuring NetFlow on the Cisco Web site.
Before you can view meaningful sFlow reports, you must configure sFlow-enabled devices, such as routers or switches, to communicate network activity back to the Flow Monitor listener application. There are two methods to configure sFlow to send data to Flow Monitor:
The following examples shows how to configure sFlow devices to send data to Flow Monitor.
Configuring sFlow using the CLITo configure a sFlow enabled device to send sFlow data to Flow Monitor using the command line interface (CLI): Caution: This procedure is an example that applies only to an HP ProCurve 3500 switch and should not be used for other devices. The process for configuring a device to export sFlow data varies widely from device to device and is dependent upon your network configuration. The following example uses CLI configuration to enable sFlow on an HP ProCurve 3500 series switch. The configuration is for Flow Monitor running on a system with IP address 192.168.3.31 and receiving sFlow data on UDP port 9999.
Configuring sFlow using SNMP The following example uses SNMP commands to enable sFlow on an HP ProCurve 2610 series switch. We recommend configuring the sFlow device via the device OS commands from the command line interface (CLI); however, some sFlow devices do not include this capability. In this case, you can use SNMP commands to configure sFlow. This configuration example is for Flow Monitor running on a system with IP address 192.168.3.31 and receiving sFlow data on UDP port 9999. To configure an sFlow device, using SNMP commands, to send sFlow data to Flow Monitor: Important: This procedure is an example that applies to an HP ProCurve 2610 switch and should not be used for other devices. The process for configuring a device to export sFlow data varies widely from device to device and is dependent upon your network configuration. Refer to the documentation to determine the correct process for your device. Important: An sFlow device configured with the SNMP commands typically do not save the configuration to memory. If the device is rebooted, or power is lost, all sFlow configuration is lost and must be manually reset using the SNMP commands. Make sure that you save the SNMP configuration commands for future device configuration. Note: Make sure that the sFlow device is configured to allow SNMP read/write access and make sure that you have the community string information for read/write access. Refer to the documentation to determine the correct process for your device.
|
||||||||||
|
|
|
||||||||
|
Command |
Purpose |
||||||||
|
|
Sets the sFlow receiving device address. In this example, the IP address (192.168.3.31) must be provided as a hexadecimal value (C0A8031F). For example: Important: The example IP address must be entered as a hexadecimal value. Use an IP to hexadecimal calculator to determine the hexadecimal value for your sFlow collector's IP address. This example IP address breaks down into a hex value as follows: |
||||||||
|
|
Sets the sFlow receiving device port address. The default Flow Monitor port is 9999. For example: |
||||||||
|
|
Sets the sFlow receiver owner. The -D is a TYPE-STR identifier that specifies a Display String value. This value can be any string, for example NFmonitor (referring to Flow Monitor application which will receive the sFlow data). The -i is a TYPE-STR identifier that specifies an Integer value. The 100,000,000 value is a timeout value that defines the timeout countdown starting point value (in milliseconds). For example: |
||||||||
|
Note: Repeat the following settings for each interface on the sFlow device you want to monitor. The last number in the MIB OID represents the interface number. |
|
||||||||
|
|
Sets the sFlow sample rate. One out of every 128 packets will be collected in this example. For example: |
||||||||
|
|
Enables sFlow on the device. 1 enables / 0 disables sFlow. For example: |
||||||||
|
|
Sets the sFlow polling interval. Polls every 30 seconds in this example. For example: |
||||||||
|
|
Enables sFlow polling. 1 enables / 0 disables sFlow polling. For example: |
For more configuration options for sFlow, see the NetFlow Settings help.