Here is a great video explaining how to setup netflow on a cisco router or switch. I’ve also included the command lines below. You can use a network bandwidth monitor program to analysis the netflow data.
Video Transcript
Hi there, Josh Stevens here head geek at solarwinds and today I’m going to show you how to configure a Cisco router to export netflow data. Now netflow is a really cool technology and we have talked about it before. If you’re not familiar with netflow a good place to go is solarwinds.com/geek and you will find lots of videos and tutorials where we talk about this technology. Another really cool place to go is thwack.com which is an online community for network engineers. Now once you decide to deploy this technology you need to configure your routers and switches to export the data to you network management system like Orion network traffic analyzer.
Now to do that you can use the solarwinds netflow configurator which is a free tool offered at solarwinds. There are some situations where that application will not work for you for instance, if you don’t have SNMP access to your routers. So I’m going to show you to do it the manual way.
The first thing you will want to do is to open the command prompt and telnet to your routers. (or make a SSH connection)
So what I’m going to do now is to log in and then I’m going to go into privilege or many of us call it enable mode. Now once I’ve done that I can then begin to make configuration changes, I’m going to configure from terminal. Enter command
ip flow-export source fastethernet0/0
What I’m telling the router is when it exports the netflow data to source that traffic from my fa0/0 interface
Next thing I’m going to do is tell it I want to export version 5 netflow data. Now solarwinds applications like netflow analyzer support multiple versions of netflow including version 5 and 9, which are the most popular two versions but typically people like to use version 5 to get started.
ip flow-export version 5
Then I want to tell it where to send the data, this is the IP address of the network management system you have collecting the data, whether its using Orion or even the new cool real time netflow network traffic analyzer from solarwinds. Either way you want to enter in the ip address of the device and the port, now the port is the UDP port number that the application is listening on for this netflow traffic.
Ip flow-export destination 1.1.1.1 2055
Now once you’ve done that you can configure the router to now support netflow and start exporting but you have to tell it which interface you are interested in analyzing the traffic on.
Interface fastethernet0/0
So now I’m going into fastethernet0/0 and I’ll I have to do is tell it
Ip flow egress
Ip flow ingress
What that means is that I want to monitor both traffic inbound and outbound on that interface. I also want go in and enable
ip route-cache flow
Very important there, once I’m done, I’m done. That’s all I have to you can now start seeing this data in Orion and of course last thing you should do before exiting the router is to make those changes to memory
wr mem
Hope this guide to how to configure netflow was useful to you. For more network performance monitoring tips, tools and articles please visit our homepage http://networkperformancemonitor.net
For more information on netflow see http://en.wikipedia.org/wiki/Netflow
