Полезная информация

cc/td/doc/product/software/ios120/12cgcr/switch_c
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Configuring NetFlow Switching

Configuring NetFlow Switching

This chapter describes how to configure NetFlow switching. For a complete description of NetFlow commands used in this chapter, refer to the "Cisco IOS Switching Commands" chapter in th Cisco IOS Switching Services Command Reference. For documentation of other commands that appear in this chapter, you can use the command reference master index or search online. This chapter contains these sections:

Configure NetFlow Switching

NetFlow switching is one of the available switching modes. When you configure NetFlow on an interface, the other switching modes are not used on that interface. Also, with NetFlow switching you can export data (traffic statistics) to a remote workstation for further processing.

NetFlow switching is based on identifying packet flows and performing switching and access list processing within a router. It does not involve any connection-setup protocol either between routers or to any other networking device or end station and does not require any change externally---either to the traffic or packets themselves or to any other networking device. Thus, NetFlow switching is completely transparent to the existing network, including end stations and application software and network devices like LAN switches. Also, because NetFlow switching is performed independently on each internetworking device, it does not need to be operational on each router in the network. Network planners can selectively invoke NetFlow switching (and NetFlow data export) on a router or interface basis to gain traffic performance, control, or accounting benefits in specific network locations.


Note NetFlow does consume additional memory and CPU resources compared to other switching modes, therefore, it is important to understand the resources required on your router before enabling NetFlow.

To configure NetFlow switching, first configure the router for IP routing as described in the IP configuration chapters in the Network Protocols Configuration Guide, Part 1. After you configure IP routing, use the following commands beginning in global configuration mode:
Step Command Purpose

1 . 

interface type slot/port-adapter/port (Cisco 7500 series routers)

interface type slot/port (Cisco 7200 series routers)

Specify the interface, and enter interface configuration mode.

2 . 

ip route-cache flow

Specify flow switching.

NetFlow switching information can also be exported to network management applications. To configure the router to export NetFlow switching statistics maintained in the NetFlow cache to a workstation when a flow expires, use one of the following commands in global configuration mode:
Command Purpose

ip flow-export ip-address udp-port [version  1]

Configure the router to export NetFlow cache entries to a workstation if you are using receiving software that requires version 1. Version 1 is the default.

ip flow-export ip-address udp-port version  5 [origin-as | peer-as]

Configure the router to export NetFlow cache entries to a workstation if you are using receiving software that accepts version 5. Optionally specify origin or peer autonomous system (AS). The default is to export neither AS which provides improved performance.

Normally the size of the NetFlow cache will meet your needs. However, you can increase or decrease the number of entries maintained in the cache to meet the needs of your NetFlow traffic rates. The default is 64K flow cache entries. Each cache entry is approximately 64 bytes of storage. Assuming a cache with the default number of entries, approximately 4 MB of DRAM would be required. Each time a new flow is taken from the free-flow queue, the number of free flows is checked. If there are only a few free flows remaining, NetFlow attempts to age 30 flows using an accelerated timeout. If there is only one free flow remaining, NetFlow automatically ages 30 flows regardless of their age. The intent is to ensure free flow entries are always available.

To customize the number of entries in the NetFlow cache, use the following command in global configuration mode:
Command Purpose

ip flow-cache entries number

Change the number of entries maintained in the NetFlow cache. The number of entries can be 1024 to 524288. The default is 65536.

Caution Cisco recommends that you not change the NetFlow cache entries. Improper use of this feature could cause network problems. To return to the default NetFlow cache entries, use the no  ip  flow-cache entries global configuration command.

Manage NetFlow Switching Statistics

You can display and clear NetFlow switching statistics. NetFlow statistics consist of IP packet size distribution, IP flow switching cache information, and flow information such as the protocol, total flow, flows per second, and so forth. The resulting information can be used to find out information about your router traffic. To manage NetFlow switching statistics, use either of the following commands in privileged EXEC mode:
Command Purpose

show ip route flow

Display the NetFlow switching statistics.

clear ip flow stats

Clear the NetFlow switching statistics.

Configure IP Distributed and NetFlow Switching on VIP Interfaces

On Cisco 7500 series routers with a Route Switch Processor (RSP) and with Versatile Interface Processor (VIP) controllers, the VIP hardware can be configured to switch packets received by the VIP with no per-packet intervention on the part of the RSP. This process is called distributed switching. Distributed switching decreases the demand on the RSP.

The VIP hardware can also be configured for NetFlow switching, a new high-performance feature that identifies initiation of traffic flow between internet endpoints, caches information about the flow, and uses this cache for high-speed switching of subsequent packets within the identified stream.

NetFlow switching data can also be exported to network management applications.

Refer to the Cisco Product Catalog for information about VIP port adapters used for distributed switching.

To configure distributed switching on the VIP, first configure the router for IP routing as described in this chapter and the various routing protocol chapters, depending on the protocols you use.

After you configure IP routing, use the following commands beginning in global configuration mode:
Step Command Purpose

1 . 

interface type slot/port-adapter/port

Specify the interface, and enter interface configuration mode.

2 . 

ip route-cache distributed

Enable VIP distributed switching of IP packets on the interface.

3 . 

ip route-cache flow

Specify flow switching.

When the RSP or VIP is flow switching, it uses a flow cache instead of a destination network cache to switch IP packets. The flow cache uses source and destination network address, protocol, and source and destination port numbers to distinguish entries.

To export NetFlow switching cache entries to a workstation when a flow expires, use the following command in global configuration mode:
Command Purpose

ip flow-export ip-address udp-port

Configure the router to export NetFlow cache entries to a workstation.

To improve performance, fragmented IP packets are flow switched rather than being process switched by default on Cisco  7500 series routers.

NetFlow Switching Configuration Example

The following example shows how to modify the configuration of serial interface 3/0/0 to enable NetFlow switching and to export the flow statistics for further processing to UDP port 0 on a workstation with the IP address of 1.1.15.1. In this example, existing NetFlow statistics are cleared to ensure accurate information when the show ip cache flow command is executed to view a summary of the NetFlow switching statistics.

configure terminal
interface serial 3/0/0
  ip route-cache flow
  exit
  ip flow-export 1.1.15.1 0 version 5 peer-as
  exit
  clear ip flow stats


hometocprevnextglossaryfeedbacksearchhelp
Copyright 1989-1998 © Cisco Systems Inc.