Beginners guide to setting up NetFlow v9
Set up for Netflow v9 explained in bite-size chunks.
2019. 8. 7•How to
Feature
GS-NetFlow
Title
Beginners guide to setting up NetFlow v9
Objective
How to set up Netflow v9 for the very first time.
Environment
H-Series GigaSMART Netflow
Procedure
1. Identify the GigaVUE port for sending the Netflow reports out of
a. This port gets connected to your switch and allows you to send Netflow records to your Netflow collector.
b. Defined as a tunnel port
example uses port 1/1/g1
2. Identify incoming traffic streams to report on
a. Defined on the GigaVUE as network ports
example uses ports 1/2/x1 to x3
3. Define Netflow Exporterapps netflow exporter alias exp1 destination ip4addr 10.11.12.13 dscp 10 netflow-version netflow-v9 transport udp 9999 template-refresh-interval 15 ttl 64 exit
4. Define Netflow Recorderapps netflow record alias rec1 netflow-version netflow-v9 collect add ipv4 destination address collect add datalink vlan collect add ipv4 tos collect add ipv4 fragmentation id collect add ipv4 fragmentation offset collect add ipv4 source address collect add transport destination-port collect add transport source-port collect add ipv4 protocol collect add counter bytes collect add counter packets collect add timestamp sys-uptime first collect add timestamp sys-uptime last match add ipv4 destination address match add ipv4 source address match add transport destination-port match add transport source-port match add ipv4 protocol exit
5. Define Netflow Monitorapps netflow monitor alias mon1 cache timeout active 30 cache timeout inactive 60 cache timeout event transaction-end record add rec1 exit
6. Define the GigaSMART components for Netflow V9 and configure the tunnel port
Assume Gigasmart card is in slot 3
Note that in 5.5 we introduced ip interfaces, replacing the tunneling ports in previous versions
gsgroup alias gs1 port-list 1/3/e1 gsop alias gsop1 flow-ops netflow port-list gs1 port 1/1/g1 type tool Pre 5.5. tunneled-port 1/1/g1 ip 10.11.12.28 255.255.255.0 gateway 10.11.12.1 mtu 1500 port-list gs1 tunneled-port 1/1/g1 netflow-exporter add exp1 5.5 Onwards ip interface alias <alias> attach 1/1/g1 ip address 10.11.12.28 /24 gw 10.11.12.1 mtu 1500 gsgroup add gs1 netflow-exporter add exp1 exit gsparams gsgroup gs1 netflow-monitor add mon1
7. Create flow-mapping for netflow to report onmap alias for-netflow-v9 from 1/2/x1..x3 use gsop gsop1 to 1/1/g1 rule add pass ipver 4 exit
Beginners guide to setting up NetFlow v9
Set up for Netflow v9 explained in bite-size chunks.
2019. 8. 7•How to
Feature
GS-NetFlow
Title
Beginners guide to setting up NetFlow v9
Objective
How to set up Netflow v9 for the very first time.
Environment
H-Series
GigaSMART Netflow
Procedure
1. Identify the GigaVUE port for sending the Netflow reports out of
a. This port gets connected to your switch and allows you to send Netflow records to your Netflow collector.
b. Defined as a tunnel port
example uses port 1/1/g1
2. Identify incoming traffic streams to report on
a. Defined on the GigaVUE as network ports
example uses ports 1/2/x1 to x3
3. Define Netflow Exporter
apps netflow exporter alias exp1
destination ip4addr 10.11.12.13
dscp 10
netflow-version netflow-v9
transport udp 9999
template-refresh-interval 15
ttl 64
exit
4. Define Netflow Recorder
apps netflow record alias rec1
netflow-version netflow-v9
collect add ipv4 destination address
collect add datalink vlan
collect add ipv4 tos
collect add ipv4 fragmentation id
collect add ipv4 fragmentation offset
collect add ipv4 source address
collect add transport destination-port
collect add transport source-port
collect add ipv4 protocol
collect add counter bytes
collect add counter packets
collect add timestamp sys-uptime first
collect add timestamp sys-uptime last
match add ipv4 destination address
match add ipv4 source address
match add transport destination-port
match add transport source-port
match add ipv4 protocol
exit
5. Define Netflow Monitor
apps netflow monitor alias mon1
cache timeout active 30
cache timeout inactive 60
cache timeout event transaction-end
record add rec1
exit
6. Define the GigaSMART components for Netflow V9 and configure the tunnel port
Assume Gigasmart card is in slot 3
Note that in 5.5 we introduced ip interfaces, replacing the tunneling ports in previous versions
gsgroup alias gs1 port-list 1/3/e1
gsop alias gsop1 flow-ops netflow port-list gs1
port 1/1/g1 type tool
Pre 5.5.
tunneled-port 1/1/g1 ip 10.11.12.28 255.255.255.0 gateway 10.11.12.1 mtu 1500 port-list gs1
tunneled-port 1/1/g1 netflow-exporter add exp1
5.5 Onwards
ip interface alias <alias>
attach 1/1/g1
ip address 10.11.12.28 /24
gw 10.11.12.1
mtu 1500
gsgroup add gs1
netflow-exporter add exp1
exit
gsparams gsgroup gs1 netflow-monitor add mon1
7. Create flow-mapping for netflow to report on
map alias for-netflow-v9
from 1/2/x1..x3
use gsop gsop1
to 1/1/g1
rule add pass ipver 4
exit
'업무이야기 > 패킷전달플랫폼' 카테고리의 다른 글
| Gigamon Unprotected Flexible Inline Netlag, One Collector Map (0) | 2021.01.17 |
|---|---|
| Gigamon Unprotected Flexible Inline, One Collector Map (0) | 2021.01.17 |
| 5G Correlation (0) | 2020.06.04 |
| SIP/RTP Correlation (0) | 2020.06.04 |
| FlowVUE Flow Sampling (0) | 2020.06.04 |