Fluke Recording Equipment - page 75

User’s Guide – version 3.1.3 NetFlow Tracker

75

ipflow-cache timeout active 1

This breaks up long-lived flows into one-minute segme nts.

ip flow-cache timeout inactive 15

This ensures that flows that have finished are exported in a timely manner.

interface <interface>

ip route-cache flow or ip flow ingress or ip route-cache cef

bandwidth <kbps>

exit

You need to enable NetFlow on each interface through w hich traffic you are

interested in will flow. This will normally be the Ethernet and WAN interfaces.

Note that there are several commands to enable NetFlow on an interface and

you must use the same command for every interface. ip route-cache flow

and ip flow ingress enable NetFlow for inbound traffic on the interface ;

the only difference between the two is that the latter can be applied to individual

sub-interfaces whereas the former must be applied to the physical interface. Be

careful not to enable NetFlow for both a physical interfa ce and one or more of

its sub-interfaces.

ip flow egress enables NetFlow for outbound traffic on the interface and is

required if you are using input filters.You may enable NetFlow for both inbound

and outbound traffic on a single interface if you are inter ested only in its traffic;

in this case ensure that no other interface has NetFlow enabled.

Egress NetFlow is also useful if you are monitoring a router that is applying QoS

to the traffic it routes – by using egress NetFlow you will see the QoS settings

that the router applied rather than those that were on the traffic before it was

routed.

You may also need to set the speed of the interface in kilobits per second. It is

especially important to set the speed for frame relay or AT M virtual circuits.

Note that a Catalyst 4000 series switch does not supp ort any of the

commands to enable NetFlow for an interface; instead NetF low is enabled for

all interfaces using a special command documented below.

show ip flow export

This will show the current NetFlow configuration. Issue this in normal (not

configuration) mode.

show ip cache flow

show ip cache verbose flow

These commands issued in normal mode summarize the active flows and give

an indication of how much NetFlow data the router is e xporting.

Contents

Main Software License Agreement 1. GRANT OF LICENCE AND PAYMENT OF FEES 2. EVALUATION, UPDATES, UPGRADES AND SUPPORT AND MAINTENANCE Users Guide version 3.1.3 NetFlow Tracker 3. COPYRIGHT 4. OTHER RESTRICTIONS 5. LIMITED WARRANTY 6.CUSTOMER REMEDIES 7. NO OTHER WARRANTIES 8. NO LIABILITY FOR CONSEQUENTIAL DAMAGES 9. TERMINATION 10. INDEMNIFICATION 11. CONFIDENTIAL INFORMATION AND SECURITY 12. EXPORT CONTROL 13. GOVERNING LAW AND JURISDICTION 14. MISCELLANEOUS Page Appendix 1 to End User Licence Terms and Conditions for Fluke Support and Maintenance Service 1. Definitions 2. Support Services 3. Support Charges 4. Undertakings by You 5. Suppliers Undertakings 6. Limitation of Liability and indemnity 7. Intellectual Property Rights 8. Termination 9.Confidential Information and Security 10 Miscellaneous Schedule Support Services 1. Support Hours 2. Support Services 3. Response Times Contents Page Page Users Guide version 3.1.3 NetFlow Tracker 15 Introduction What is NetFlow? What is NetFlow Tracker? Features and Benefits Page Users Guide version 3.1.3 NetFlow Tracker 17 Installation Minimum System Requirements Operating System Support Pre-installation Checks Users Guide version 3.1.3 NetFlow Tracker 18 Installation on Microsoft Windows Users Guide version 3.1.3 NetFlow Tracker 19 Installation on Solaris and Linux Post-installation Tasks Page Using NetFlow Tracker Page Users Guide version 3.1.3 NetFlow Tracker 23 Per-AS data Working with Charts Page Users Guide version 3.1.3 NetFlow Tracker 25 Working with Pie Charts Users Guide version 3.1.3 NetFlow Tracker 26 Working with Tabular Reports Page Users Guide version 3.1.3 NetFlow Tracker 28 Report Templates Page Users Guide version 3.1.3 NetFlow Tracker 30 Creating Filtered Reports Page Page Page Page Users Guide version 3.1.3 NetFlow Tracker 35 Long-term Reports Devices and Interfaces Per-device and Per-interface Long-term Reports Filter Editor Page Page Users Guide version 3.1.3 NetFlow Tracker 38 Report URL Format General Form Report Format Parameters Page Page Page Users Guide version 3.1.3 NetFlow Tracker 42 Time Range Parameters Page Page Page Page Page Page Users Guide version 3.1.3 NetFlow Tracker 49 Filter Parameters Page Page Page Users Guide version 3.1.3 NetFlow Tracker 53 Security Parameters Users Guide version 3.1.3 NetFlow Tracker 54 Management Portal Access Control Parameters Page Page Performance Tuning Users Guide version 3.1.3 NetFlow Tracker 58 Configuration Guide Licensing Listener Ports SNMP Settings Users Guide version 3.1.3 NetFlow Tracker 59 Device Settings Page Users Guide version 3.1.3 NetFlow Tracker 61 Security Settings Page Users Guide version 3.1.3 NetFlow Tracker 63 Report Settings Page Page Users Guide version 3.1.3 NetFlow Tracker 66 An Example Executive Report Top Applications Today and This Week Page Users Guide version 3.1.3 NetFlow Tracker 68 IP Application Names DiffServ Names Hostname Resolution Settings Users Guide version 3.1.3 NetFlow Tracker 69 AS Names Subnet Names Database Settings Page Users Guide version 3.1.3 NetFlow Tracker 71 Backup Archiving Users Guide version 3.1.3 NetFlow Tracker 72 Memory Settings Performance Counters Page Users Guide version 3.1.3 NetFlow Tracker 74 Appendix 1: Device Configuration Enabling NetFlow Export/NDE on a Cisco Router or Layer 3 Switch Page Page Page Page Users Guide version 3.1.3 NetFlow Tracker 79 Configuring NetFlow Input Filters for Traffic Class Reporting Enabling Flow Detail Records on a Packeteer Device Users Guide version 3.1.3 NetFlow Tracker 80 Enabling NetFlow on an Enterasys Device Users Guide version 3.1.3 NetFlow Tracker 81 Using sflowtool to Convert sFlow Records to NetFlow Users Guide version 3.1.3 NetFlow Tracker 82 Appendix 2: CSV File Format Chart CSV format Tabular report CSV format Appendix 3: Third Party Software Components