Configuring Flow sources

Before you can view meaningful reports, you must configure Flow Monitor and Flow-enabled devices, such as routers or switches, to communicate network activity back to the Flow Monitor listener application.

Configuring Flow sources is a three-part process that requires:

Configure Flow Monitor to listen for flow data on the appropriate port.
Configuring Flow devices to send Flow data to Flow Monitor.
Setting options for the Flow source in Flow Monitor.

To configure Flow Monitor to listen for NetFlow data:

Note: By default, Flow Monitor listens for Flow data on port 9999. If you want to use that port, you do not need to perform this procedure.

From any workspace view or report in the web interface, select GO. The GO menu appears.
If the Flow Monitor section is not visible, click Flow Monitor. The Flow section of the GO menu appears.
Select Configure > Flow Settings. The Flow Settings dialog appears.
In Listener port, enter the port number over which Flow Monitor should listen for Flow data.
Click OK to save changes.


To configure Flow devices to send Flow data to Flow Monitor: Caution: This procedure is an example that applies to a Cisco 1812 router and should not be used for other devices. The process for configuring a device to export Flow data varies widely from device to device and dependent upon your network configuration. Please see your router's documentation to determine the correct process for your device. Step 1. Open the configuration interface for the router and enter the commands detailed in the following table to configure global options for all interfaces on the router.
	Command	Purpose
	`enable`	Enters privileged EXEC mode. Enter your password if prompted.
	`configure terminal`	Enters configuration mode.
	`ip flow-export version <version_number>`	Sets the version of the NetFlow protocol that should be used to export data. Flow Monitor supports versions 1, 5, and 9 only.
	`ip flow-export destination <IP> <port>`	Enables the router to export Flow data. Substitute the Flow Monitor server's IP address for <IP> and the listener port specified in the Flow Monitor Flow Settings dialog for <port>.

Step 2. Enter the commands detailed in the following table to enable the router to export Flow data about the traffic on an interface. You must repeat these commands for each interface.
	Command	Purpose
	`interface <interface>`	Enters the configuration mode for the interface you specify. Substitute <interface> with the interface's name on the router.
	`ip flow ingress` - or - `ip flow egress`	Enables Flow data export. Select the command that best fits your needs. `ip flow ingress` exports flows of all inbound traffic that uses the interface. `ip flow egress` exports flows of all outbound traffic that uses the interface.

Tip: If the device exporting Flow data is also performing network address translation (NAT), we recommend exporting egress data from the internal interface so that private network addresses are communicated. Any other configuration results in all private addresses reporting as the public addresses of the device performing the network address translation.

Note: Other options exist for configuring NetFlow. For a complete list of available options, see Configuring NetFlow on the Cisco Web site.

To configure options for Flow sources in Flow Monitor:

From any workspace view or report in the web interface, select GO. The GO menu appears.
If the Flow Monitor section is not visible, click Flow Monitor. The Flow section of the GO menu appears.
Select Configure > Flow Sources. The Flow Sources dialog appears.
Select the source from the list, then select Edit. The Flow Source dialog appears.
Note: If you cannot locate a source in the list, verify that the source device is set up to export Flow data properly. All devices sending Flow data to Flow Monitor automatically appear in the list.
In Display Name, enter a friendly name for this Flow source. This name is used throughout Flow Monitor to identify this source.
Verify that Collect data from this source is selected.
Set SNMP options. Flow Monitor uses SNMP to query information about the interfaces on the NetFlow source.
1. Select the appropriate SNMP credentials. If the credentials you want to use are not included in the list, click the browse button (...) to open the Credentials Library. For more information on configuring credentials, see Using Credentials .
2. To set advanced options, such as timeout and number of retries, click Advanced. The Advanced dialog appears. Set the appropriate values, then click OK to return to the Flow Sources dialog.
3. Select Query to query the router using SNMP to get updated names and speeds for the available interfaces.
Configure the speed of each interface, which is used to calculate capacity as a percentage of the total interface speed.
1. Select an interface, then click Edit. The Flow Interface dialog appears.
2. Select Hide this interface from the Flow Monitor Home page and related configuration properties to hide the selected interface from the Flow Monitor Home page and other menu options in Flow Monitor. This lets you display only the interfaces that are relevant to your bandwidth monitoring requirements.
Note: Null(0) interface names are hidden by default because they are not a true source interface. Null(0) interfaces show traffic that a router has dropped or traffic that a router has generated. In both cases the ifIndex = 0 and as a default convention we name an interface = Null because the interface is none existent. If you want Null(0) interface information to display as a source interface, make sure that you uncheck the Hide this interface from the Flow Monitor Home page and related configuration properties option.
1. Select Specify a custom speed for this interface. The In and Out fields are enabled.
2. In In and Out, enter the upper limit of the interface in bps (bits per second). Common interface speeds expressed in bps are:
  - 1 Gbps = 1,000,000,000 bps
  - 100 Mbps = 100,000,000 bps
  - 10 Mbps = 10,000,000 bps

After you configure the listener port and set up Flow Monitor sources, Flow Monitor begins tracking data and generating reports.