Scribd Logo
Upload

Welcome to Scribd!

  • 26 views

    10 Netflow Cust XR37 v2

    Uploaded by

    charrazca
    The document discusses Cisco Netflow features in Cisco IOS-XR including support for sampled Netflow, release details, key fields, and configuration. Sampled Netflow allows monitoring traffic on a per flow basis, with sampled packets and extrapolated counters. Releases have added support for IPv4, IPv6, MPLS Netflow and bundles on different platforms.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd

    10 Netflow Cust XR37 v2

    Uploaded by

    charrazca
    26 views19 pages
    The document discusses Cisco Netflow features in Cisco IOS-XR including support for sampled Netflow, release details, key fields, and configuration. Sampled Netflow allows monitoring traffic on a per flow basis, with sampled packets and extrapolated counters. Releases have added support for IPv4, IPv6, MPLS Netflow and bundles on different platforms.

    Original Description:

    Netflow CISCO IOS XR

    Original Title

    10_Netflow_Cust_XR37_v2

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses Cisco Netflow features in Cisco IOS-XR including support for sampled Netflow, release details, key fields, and configuration. Sampled Netflow allows monitoring traffic on a per flow basis, with sampled packets and extrapolated counters. Releases have added support for IPv4, IPv6, MPLS Netflow and bundles on different platforms.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    26 views19 pages

    10 Netflow Cust XR37 v2

    Uploaded by

    charrazca
    The document discusses Cisco Netflow features in Cisco IOS-XR including support for sampled Netflow, release details, key fields, and configuration. Sampled Netflow allows monitoring traffic on a per flow basis, with sampled packets and extrapolated counters. Releases have added support for IPv4, IPv6, MPLS Netflow and bundles on different platforms.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    You are on page 1of 19

    IOS XR

    Netflow
    XR 3.7

    2006 Cisco Systems, Inc. All rights reserved.

    IOS-XR NetFlow - Recap


    IOS-XR support only sampled NetFlow
    IOS-XR support both interfaces and sub-interfaces
    R 3.2 support of IPv4 NetFlow on the CRS-1 platform.
    R 3.3 support of IPv4 NetFlow on the c12k platform and support of
    Bundles on the CRS-1.
    R 3.3.1 support of MPLS NetFlow on the CRS-1 platform.
    R 3.4 Support of multiple exporters per flow monitor and support for
    multiple labels in MPLS keys.
    R 3.4.1 Support of IPv4 fields in MPLS flows.
    R 3.5. Support of IPv6 NetFlow in the CRS-1 platform and support of
    MPLS NetFlow IPv4 fields in MPLS flows on the c12k platform.

    2004 Cisco Systems, Inc. All rights reserved.

    IOS-XR NetFlow - Release 3.6/3.7


    In R 3.6 we added the following enhancements:
    Support of MPLS IPv6 NetFlow on both CRS-1 and c12k
    platforms.
    Support of bundles in c12k platform
    Support up to 2000(GSR)/1000(CRS) interfaces per LC
    and up to 3 types of traffic (IPv4/IPv6/MPLS) per interface
    per direction

    In R 3.7 we added the following for XR12K:


    IPv4 address of BGP next-hop

    Destination Based Netflow Accounting (Hardware Full


    mode)

    2004 Cisco Systems, Inc. All rights reserved.

    Netflow Overview:
    Introduction
    Cisco Netflow is a set of features that allows monitor traffic on
    per flow basis
    A NetFlow feature defines flow as a sequence of packets in a
    router that have the same values of a particular (specific to this
    NetFlow feature) set of key fields. The set may include some
    Layer 2, 3, 4 header fields from the packets as well as some
    routing attributes for the packets
    NetFlow features can be partitioned into two categories:
    Sampled NetFlow
    Aggregate NetFlow

    2004 Cisco Systems, Inc. All rights reserved.

    Netflow Overview:
    Processing
    NetFlow maintains per flow data in a flow record:
    Key fields (fields used to distinguish flow)
    Non key fields
    Byte/Packet counters
    Timestamps for the first and last packet in the flow
    NetFlow stores flow records in on-router cache
    How long records will stay in cache depends on the configuration
    When flow records are removed from cache they can be exported to the
    NetFlow Collector for post processing and storage, subject to
    configuration

    2004 Cisco Systems, Inc. All rights reserved.

    Netflow Overview:
    Sampled NetFlow
    One out of N packets is sampled
    Flow Byte/Packet counters are extrapolated by multiplying N
    times number of sampled packets/bytes
    Only pseudo random sampling algorithm is supported in IOS
    XR
    Support of Netflow export in v9 format over UDP
    Can be configured on ingress and egress
    Support interface, subinterface, and bundled interface

    2004 Cisco Systems, Inc. All rights reserved.

    Netflow overview:
    Aggregate Netflow
    Uses hardware support to count bytes/packets for every
    packet
    Only one aggregation scheme Destination Based Netflow
    Accounting (DBNA) is currently supported in 3.7 on XR12K
    DBNA can be configured only in ingress direction.

    2004 Cisco Systems, Inc. All rights reserved.

    IPv4 Sampled NetFlow Key Fields


    Source Address
    Destination Address
    Layer 4 Source Port
    Layer 4 Destination Port
    BGP Destination Orig AS
    BGP Source Orig AS
    BGP Next Hop
    Protocol
    Traffic class
    Input Interface
    Layer 4 TCP Flags
    Forwarding Status
    Direction (Ingress/Egress)

    2004 Cisco Systems, Inc. All rights reserved.

    IPv4 SNF non-Key Fields


    Output Interface
    Prefix length
    Timestamp of the last and first packet in the flow
    Byte counter
    Packet counter

    2004 Cisco Systems, Inc. All rights reserved.

    IPv6 Sampled NetFlow


    Key fields:
    - Source and Destination IP addresses
    - Layer 4 Protocol
    - Traffic Class
    - Source and destination layer-4 ports
    - Direction
    - Forwarding status
    - Ingress interface
    - Flow label
    -Header options mask

    2004 Cisco Systems, Inc. All rights reserved.

    10

    MPLS Sampled NetFlow


    Key fields:
    - Top n (n <= 6) labels of MPLS stack includes EXP and S
    bits.
    - Ingress interface
    - Direction
    - Forwarding status
    - IPv4 fields:
    - Source and destination IP addresses
    - TOS
    - Layer 4 Protocol
    - Layer 4 source and destination port numbers
    Non-Key fields:
    - Top label type
    - Prefix/Length
    - Output interface
    2004 Cisco Systems, Inc. All rights reserved.

    11

    MPLS IPv6 NetFlow

    Key fields:
    Up to 6 labels of the MPLS stack including EXP bits.
    Source and Destination IP addresses
    Layer 4 Protocol
    Traffic Class
    Source and destination layer-4 ports
    Direction
    Forwarding status
    Ingress interface
    Flow label
    Header options mask

    2004 Cisco Systems, Inc. All rights reserved.

    12

    DBNA key fields


    Ingress Interface
    Egress Interface
    BGP Next Hop
    BGP Destination AS number
    Class of Service
    Forwarding status

    2004 Cisco Systems, Inc. All rights reserved.

    13

    DBNA non key fields


    Timestamp of the last and first packet in the flow
    Byte counter
    Packet counter

    2004 Cisco Systems, Inc. All rights reserved.

    14

    IPv4 SNF Configuration


    Sampler configuration:

    sampler-map nf1-1000
    random 1 out-of 1000
    !
    Flow monitor configuration:

    flow monitor-map fm-ipv4


    record ipv4
    !
    Interface configuration:

    Interface GigabitEthernet 0/3/0/0


    flow ipv4 monitor fm-ipv4 sampler nf1-1000 ingress
    flow ipv4 monitor fm-ipv4 sampler nf1-1000 egress
    !

    2004 Cisco Systems, Inc. All rights reserved.

    15

    BGP Routing Attributes Configuration

    The configuration parameter bgp attribute-download


    needs to be configured for IPv4 address-family for the bgp
    protocol.

    2004 Cisco Systems, Inc. All rights reserved.

    16

    IPv4 SNF Show command

    RP/0/0/CPU0:ios#show flow monitor fmm-ipv4 cache format record location 0/3/cpu0


    Cache summary for Flow Monitor fmm-ipv4:
    Cache size:
    65535
    Current entries:
    514
    High Watermark:
    62258
    Flows added:
    514
    Flows not added:
    0
    Ager Polls:
    218
    - Active timeout
    0
    - Inactive timeout
    0
    - TCP FIN flag
    0
    - Watermark aged
    0
    - Emergency aged
    0
    - Counter wrap aged
    0
    - Total
    0
    Periodic export:
    - Counter wrap
    0
    - TCP FIN flag
    0
    Flows exported
    0

    2004 Cisco Systems, Inc. All rights reserved.

    17

    IPv4 SNF Show command continued

    ========== Record number: 1 ==========


    IPV4SrcAddr
    : 1.1.1.254
    IPV4DstAddr
    : 2.2.2.1
    L4SrcPort : 0
    L4DestPort : 0
    BGPDstOrigAS : 103
    BGPSrcOrigAS : 101
    BGPNextHop
    : 3.3.3.1
    IPV4DstPrfxLen : 32
    IPV4SrcPrfxLen : 24
    IPV4Prot : 255
    IPV4TOS : 0x60
    InputInterface : Gi0/3/0/0
    OutputInterface : Gi0/3/0/1
    L4TCPFlags
    : 0
    ForwardStatus
    : FwdNoFrag
    FirstSwitched
    : 06 22:41:35:346
    LastSwitched
    : 06 22:41:39:344
    ByteCount
    : 92
    PacketCount : 2
    Dir : Egr

    2004 Cisco Systems, Inc. All rights reserved.

    18

    2004 Cisco Systems, Inc. All rights reserved.

    19

    You might also like