NetFlow Data Export Formats

Chapter 1 Overview

What Are NetFlow Services?

•Version 5 datagrams, up to 30 flows can be sent in a single UDP datagram of approximately 1500 bytes.

•Version 7 datagrams, up to 27 flows can be sent in a single UDP datagram of approximately 1500 bytes.

•Version 8 datagrams, the number of flows sent in a single UDP datagram varies by aggregation scheme.

•Version 9 datagrams, the number of flows is variable, and depends on the number and size of fields defined in one or more templates.

See Appendix B, “NetFlow Export Datagram Formats,” in the CNS NetFlow Collection Engine User Guide for details on all versions of the NetFlow data export format.

NetFlow exports flow information in UDP datagrams in one of five formats: Version 1 (V1), Version 5 (V5), Version 7 (V7), Version 8 (V8), or Version 9 (V9).

Version 1 is the original format supported in the initial NetFlow releases. Version 5 is an enhancement that adds Border Gateway Protocol (BGP) autonomous system information and flow sequence numbers. Version 7 is an enhancement that exclusively supports Cisco Catalyst 5000 series switches equipped with a NetFlow feature card (NFFC). V7 is not compatible with Cisco routers. Version 8 is an enhancement that adds router-based aggregation schemes. Version 9 is an enhancement to support different technologies such as Multicast, Internet Protocol Security (IPSec), and Multi Protocol Label Switching (MPLS). CNS NetFlow Collection Engine Release 5.0 can collect, filter, and aggregate Version 9 data in the same way it does for NetFlow Data Export Versions 1 through 8.

Versions 2, 3, 4, and 6 are not supported by CNS NetFlow Collection Engine. For more information on the distinctions among the NetFlow data export formats, see Appendix B, “NetFlow Export Datagram Formats,” in the CNS NetFlow Collection Engine User Guide.

The following types of information are part of the detailed traffic statistics:

•Source and destination IP addresses

•Next hop address

•Input and output interface numbers

•Number of packets in the flow

•Total bytes (octets) in the flow

•First and last time stamps of packets that were switched as part of this flow

•Source and destination port numbers

•Protocol

•Type of service (ToS)

•Source and destination autonomous system (AS) numbers, either origin or peer (present in V5 and select V8 datagrams)

•Source and destination prefix mask bits (present in V5, V7, and V8 datagrams)

•Shortcut router IP address (present in V7 on Cisco Catalyst 5000 series switches only).

Cisco CNS NetFlow Collection Engine User Guide, Release 5.0.2

	OL-6899-01	1-3

OL-6900-01 specifications

Cisco Systems OL-6900-01 represents a pivotal advancement in the realm of data center networking. As organizations continue to lean towards digital transformation and cloud-based solutions, the need for robust, scalable, and efficient networking equipment becomes increasingly vital. The OL-6900-01 router is engineered to meet these demands, offering an array of advanced features and technologies that cater to modern network requirements.

One of the standout features of the OL-6900-01 is its high-performance architecture. This router is equipped with a powerful CPU and a sizeable memory footprint, ensuring that it can handle significant amounts of traffic with low latency. This capability is particularly useful for data centers and enterprise environments where the speed of data processing is crucial for operational success.

The OL-6900-01 utilizes Cisco's proprietary software, providing enhanced security features, including robust firewall capabilities and threat detection mechanisms. With security being a paramount concern for organizations today, this router incorporates advanced encryption protocols and access control measures, ensuring that data remains secure in transit and at rest.

Additionally, the OL-6900-01 supports advanced routing protocols, including OSPF, BGP, and EIGRP. This versatility allows for optimal network performance as it can dynamically adjust routing paths based on network conditions, ensuring reliable connectivity and efficient resource utilization. The support for IPv6 also ensures that organizations can future-proof their networks as they transition to this next-generation protocol.

Another important characteristic of the OL-6900-01 is its scalability. Designed to accommodate growing network demands, this router supports modular expansion. Organizations can easily upgrade their systems with additional interfaces and services, ensuring that the OL-6900-01 can grow alongside their needs without requiring a complete infrastructure overhaul.

In terms of connectivity, the OL-6900-01 features multiple interfaces, including Gigabit Ethernet and 10 Gigabit SFP+ ports, providing flexibility in network design and facilitating seamless integration into existing infrastructure. Its high availability features ensure minimal downtime, making it ideal for mission-critical applications.

Overall, Cisco Systems OL-6900-01 stands out as a robust and versatile networking solution, combining performance, security, and scalability to meet the dynamic needs of modern enterprises. With its comprehensive feature set and advanced technologies, it positions itself as a valuable asset for organizations aiming for operational excellence in a digitally-driven landscape.