Configuring NetFlow sources

Before you can view meaningful reports, you must configure NetFlow Monitor and NetFlow-enabled devices, such as routers or switches, to communicate network activity back to the NetFlow Monitor listener application.

Configuring NetFlow sources is a three-part process that requires:

1. Setting up NetFlow Monitor to listen for NetFlow data on the appropriate port.
2. Configuring NetFlow devices to send NetFlow data to NetFlow Monitor.
3. Setting options for the NetFlow source in NetFlow Monitor.

To configure NetFlow Monitor to listen for NetFlow data:

Note: By default, NetFlow Monitor listens for NetFlow data on port 9999. If you want to use that port, you do not need to perform this procedure.

1. From any workspace view or report in the web interface, select GO. The GO menu appears.
2. If the NetFlow section is not visible, click NetFlow. The NetFlow section of the GO menu appears.
3. Select Configure > NetFlow Settings. The NetFlow Settings dialog appears.
4. In Listener port, enter the port number over which NetFlow Monitor should listen for NetFlow data.
5. Click OK to save changes.

To configure NetFlow devices to send NetFlow data to NetFlow Monitor: Caution: This procedure is an example that applies to a Cisco 1812 router and should not be used for other devices. The process for configuring a device to export NetFlow data varies widely from device to device and dependent upon your network configuration. Please see your router's documentation to determine the correct process for your device. Step 1. Open the configuration interface for the router and enter the commands detailed in the following table to configure global options for all interfaces on the router.
	Command	Purpose
	enable	Enters privileged EXEC mode. Enter your password if prompted.
	configure terminal	Enters configuration mode.
	ip flow-export version <version_number>	Sets the version of the NetFlow protocol that should be used to export data. NetFlow Monitor supports versions 1, 5, and 9 only.
	ip flow-export destination <IP> <port>	Enables the router to export NetFlow data. Substitute the NetFlow Monitor server's IP address for <IP> and the listener port specified in the NetFlow Monitor NetFlow Settings dialog for <port>.
Step 2. Enter the commands detailed in the following table to enable the router to export NetFlow data about the traffic on an interface. You must repeat these commands for each interface.
	Command	Purpose
	interface <interface>	Enters the configuration mode for the interface you specify. Substitute <interface> with the interface's name on the router.
	ip flow ingress - or - ip flow egress	Enables NetFlow data export. Select the command that best fits your needs. ip flow ingress exports flows of all inbound traffic that uses the interface. ip flow egress exports flows of all outbound traffic that uses the interface.

Tip: If the device exporting NetFlow data is also performing network address translation (NAT), we recommend exporting egress data from the internal interface so that private network addresses are communicated. Any other configuration results in all private addresses reporting as the public addresses of the device performing the network address translation.

Note: Other options exist for configuring NetFlow. For a complete list of available options, see Configuring NetFlow on the Cisco Web site.

To configure options for NetFlow sources in NetFlow Monitor:

1. From any workspace view or report in the web interface, select GO. The GO menu appears.
2. If the NetFlow section is not visible, click NetFlow. The NetFlow section of the GO menu appears.
3. Select Configure > NetFlow Sources. The NetFlow Sources dialog appears.
4. Select the source from the list, then select Edit. The NetFlow Source dialog appears.

   Note: If you cannot locate a source in the list, verify that the source device is set up to export NetFlow data properly. All devices sending NetFlow data to NetFlow Monitor automatically appear in the list.

5. In Display Name, enter a friendly name for this NetFlow source. This name is used throughout NetFlow Monitor to identify this source.
6. Verify that Collect data from this source is selected.
7. Set SNMP options. NetFlow Monitor uses SNMP to query information about the interfaces on the NetFlow source.
   1. Select the appropriate SNMP credentials. If the credentials you want to use are not included in the list, click the browse button (...) to open the Credentials Library. For more information on configuring credentials, see Using Credentials .
   2. To set advanced options, such as timeout and number of retries, click Advanced. The Advanced dialog appears. Set the appropriate values, then click OK to return to the NetFlow Sources dialog.
   3. Select Query to query the router using SNMP to get updated names and speeds for the available interfaces.
8. Configure the speed of each interface, which is used to calculate capacity as a percentage of the total interface speed.
   1. Select an interface, then click Details. The NetFlow Interface dialog appears.
   2. Select Hide this interface from the NetFlow Home page and related configuration properties to hide the selected interface from the NetFlow Monitor Home page and other menu options in NetFlow Monitor. This lets you display only the interfaces that are relevant to your bandwidth monitoring requirements.
   3. Select Specify a custom speed for this interface. The In and Out fields are enabled.
   4. In In and Out, enter the upper limit of the interface in bps (bits per second). Common interface speeds expressed in bps are:
      • 1 Gbps = 1,000,000,000 bps
      • 100 Mbps = 100,000,000 bps
      • 10 Mbps = 10,000,000 bps

Note: NetFlow Monitor supports NetFlow versions versions 1, 5, and 9 only. If you export data using other versions of the NetFlow protocol or other protocols that are similar to NetFlow, such as IPFix or sFlow, NetFlow Monitor discards the data.

After you configure the listener port and set up NetFlow sources, NetFlow Monitor begins tracking data and generating reports.