Fluke Recording Equipment manual Enabling Flow Detail Records on a Packeteer Device

Page 79

User’s Guide – version 3.1.3

NetFlow Tracker

Configuring NetFlow Input Filters for Traffic Class Reporting

IOS versions 12.2(25)S, 12.2(27)SBC and 12.3(4)T and greater support the NetFlow Input Filters feature, which can be used by NetFlow Tracker to report upon the traffic class used to route each flow.

flow-sampler-map allflows mode random one-out-of 1 exit

Create a flow sampler that exports every flow record.

policy-map netflowpolicymap class <class> netflow-sampler allflows exit

exit

Create a policy map containing NetFlow sampling actions; you must include each class that you would like information on.

interface <interface>

service-policy input netflowpolicymap

exit

Associate the policy map with an interface; you must associate the policy map with each NetFlow-enabled interface that you would like traffic class information from.

Enabling Flow Detail Records on a Packeteer Device

A Packeteer 1200, 1550, 2500, 4500, 6500, 8500, 9500, or 10000 series running PacketWise v7.0.0 or above and having 256MB or more of memory can be configured to send either NetFlow records or a similar proprietary format to NetFlow Tracker. For more information visit http://support.packeteer.com/documentation/packetguide/rc3.1/overviews/flowde tail.htm

To enable Flow Detail Records, first log in to the PacketShaper in touch mode, then open the “flow detail records” page on the “setup” tab. In one of the collector rows, enter the IP address of the NetFlow Tracker server and one of the ports configured in the Listener Ports settings page (2055 is monitored by default). Packeteer-1 is the recommended record type for use with NetFlow Tracker; Packeteer-2 is also supported but NetFlow Tracker does not use any of the extra information and thus it is wasteful of network bandwidth between the PacketShaper and the NetFlow Tracker server. You can also choose to export NetFlow v5 records; this will prevent the Traffic Classes and Identified Applications reports and filters from functioning for the device. Finally, set the value under “Enabled” to “on” and click “apply changes…”.

79

Image 79

Contents NetFlow Tracker Grant of Licence and Payment of Fees Software License AgreementCopyright Customer Remedies Confidential Information and Security User’s Guide version NetFlow Tracker Definitions Supplier’s Undertakings Support ServicesSupport Charges Undertakings by YouIntellectual Property Rights Limitation of Liability and indemnityTermination Miscellaneous Confidential Information and SecuritySupport Hours Exceptions to Support ServicesResponse Times Contents LONG-TERM Reports Appendix 2 CSV File Format Introduction What is NetFlow?What is NetFlow Tracker? Features and BenefitsUser’s Guide version NetFlow Tracker Operating System Support InstallationPre-installation Checks Minimum System RequirementsInstallation on Microsoft Windows Installation on Solaris and Linux Post-installation Tasks Add listener ports Set up Snmp community stringsSet up web front-end security Configure your routers and switchesUsing NetFlow Tracker Interfaces Device traffic metersPer-AS data Working with ChartsChanging the displayed chart Chart legendZooming out View a standard chart as a pie chartView a standard chart as a tabular report ZoomingWorking with Pie Charts Working with Tabular Reports User’s Guide version NetFlow Tracker Address Reports Report TemplatesSession Reports Network Reports QoS ReportsInterface Reports Report Template Creating Filtered ReportsTraffic Identification Reports Other ReportsEnd Time Sample SizeSource Data Start TimeOut VPN Out InterfaceIn/Out Interface VPNDiffServ Recognised ApplicationIdentified Application ToSDestination Mask Destination SubnetSource/Destination Subnet Source MaskFilter Editor Long-term ReportsDevices and Interfaces Per-device and Per-interface Long-term ReportsUser’s Guide version NetFlow Tracker Executive Reports General Form Report URL FormatReport Format Parameters 0025 Chart0023 0024Heading NumberTrue False256 FeaturesSections 128Time Range Parameters Mon HourDay WeekCalendar-based advanced Applying a time-of-day mask to the time range HHmmDay1-day2/time1-time2 113 110105 100125 115120 140Daily 285300 MinuteFilter Parameters Port/name NamePort/number Tos PrecPrec%20tos Byte CodeAddr/mask Password PasswordSecurity Parameters Secret Management Portal Access Control ParametersNull Aclid specifies a permitted long-term report Features Query Size Performance TuningDatabase Server Settings Disk SpeedListener Ports Configuration GuideSnmp Settings LicensingDevice Settings Device SettingsDevice List Traffic Classes ArchivingIdentified Applications VPNs Security SettingsDeleting a Device Management Portal Settings Report Settings Long-term Reports Saved FiltersExecutive Reports Span class=repdesctextTest/span Content Nelements=5 and chartWidth=400Sub-reports User’s Guide version NetFlow Tracker IP Application Names Hostname Resolution SettingsDiffServ Names AS Names Database SettingsSubnet Names User’s Guide version NetFlow Tracker Archiving BackupPerformance Counters Memory SettingsMissed Exports Unprocessed FlowsetsInterface Scans Missed FlowsIp flow-export destination address Appendix 1 Device ConfigurationEnabling Netflow Export on an IOS Device Ip cefShow ip cache flow Show ip cache verbose flow Ip flow-cache timeout activeIp flow-cache timeout inactive Show ip flow export Mls aging long Ip route-cache flow infer-fields Mls netflow Mls nde sender versionUser’s Guide version NetFlow Tracker Set mls nde address Set mls bridged-flow-statistics enable vlanlistSet mls nde enable Set system name nameEnabling Flow Detail Records on a Packeteer Device Flow-sampler-map allflows mode random one-out-of 1 exitEnabling NetFlow on an Enterasys Device Address Using sflowtool to Convert sFlow Records to NetFlowAppendix 2 CSV File Format Chart CSV formatTabular report CSV format Appendix 3 Third Party Software Components