Downloads |
 Feedback
|
Table Of Contents
NetFlow Multiple Export Destinations
Supported Standards, MIBs, and RFCs
Configuring Multiple NetFlow Export Destinations to a Router
Configuring Multiple NetFlow Export Destinations on an Aggregation Cache
Multiple NetFlow Export Destinations Example
Multiple NetFlow Export Destinations on an Aggregation Cache Example
NetFlow Multiple Export Destinations
Feature History
This feature module describes the NetFlow Multiple Export Destinations feature. It includes information on the benefits of the new feature, supported platforms and standards, and the commands necessary for configuration.
This document includes the following sections:
•
Supported Standards, MIBs, and RFCs
Feature Overview
The NetFlow Multiple Export Destinations feature enables configuration of multiple destinations of the NetFlow data. With this feature enabled, two identical streams of NetFlow data are sent to the destination host. Currently, the maximum number of export destinations allowed is two.
The NetFlow Multiple Export Destinations feature is only available if NetFlow is configured.
Benefits
The NetFlow Multiple Export Destinations feature improves the chances of receiving complete NetFlow data by providing redundant streams of data. By sending the exact same export data to more than one NetFlow collector, fewer packets will be lost.
Restrictions
To export data to multiple destinations, NetFlow must be configured on the router.
Related Documents
For more information on enabling NetFlow, refer to the "Configuring NetFlow Switching" chapter in the Cisco IOS Switching Services Configuration Guide.
Supported Platforms
This feature is supported on the following platforms for Cisco IOS Release 12.0(19)S and 12.0(19)ST:
•
•
•
This feature is supported on the following platforms for Cisco IOS Release 12.2(2)T:
•
•
•
•
•
•
•
•
•
•
•
This feature is supported on the following platforms for Cisco IOS Release 12.2(14)S:
•
•
•
Supported Standards, MIBs, and RFCs
Standards
None
MIBs
None
For descriptions of supported MIBs and how to use MIBs, see the Cisco MIB web site on CCO at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
RFCs
None
Prerequisites
NetFlow must be enabled before any NetFlow data can be exported.
Configuration Tasks
See the following sections for configuration tasks for the NetFlow Export Destinations feature. Each task in the list indicates if the task is optional or required.
•
•
Configuring Multiple NetFlow Export Destinations to a Router
To configure multiple NetFlow export destinations to a router, use the following commands in global configuration mode:
Note
To disable one or both of the NetFlow export destinations, use the following command in global configuration mode:
Disables one or both of the NetFlow export destinations.
Note
Configuring Multiple NetFlow Export Destinations on an Aggregation Cache
To configure multiple NetFlow export destinations on an aggregation cache, use the following commands in global configuration mode:
To disable one or both of the NetFlow export destinations, use the following command in global configuration mode:
Disables one or both of the NetFlow export destinations.
Note
Verifying Data Export
To verify data export, use the following command in privileged EXEC mode.
Configuration Examples
This section provides the following configuration examples:
•
•
Multiple NetFlow Export Destinations Example
The following example enables the exporting of information in NetFlow cache entries:
ip flow-export destination 10.42.42.1 9991ip flow-export destination 10.0.101.254 1999The following example disables the exporting of information to the first destination while retaining the second destination:
no ip flow-export destination 10.42.42.1 9991Multiple NetFlow Export Destinations on an Aggregation Cache Example
The following example, enables the exporting of information from the NetFlow aggregation cache:
ip flow-aggregation cache destination-prefixexport destination 10.0.101.254 9991export destination 10.0.101.254 1999The following example disables the exporting of information to the second destination:
no export destination 10.0.101.254 1999Command Reference
This section documents modified commands. All other commands used with this feature are documented in the Cisco IOS Release 12.1 command reference publications.
Modified Cisco IOS commands are as follows:
ip flow-aggregation cache
To enable aggregation cache configuration mode, use the ip flow-aggregation cache command in global configuration mode. To disable aggregation cache configuration mode, use the no form of this command.
ip flow-aggregation cache {as | destination-prefix | prefix | protocol-port | source-prefix}
no ip flow-aggregation cache {as | destination-prefix | prefix | protocol-port | source-prefix}
Syntax Description
Defaults
This command is not enabled by default.
Command Modes
Global configuration.
Command History
Usage Guidelines
You can only enable a single aggregation cache configuration scheme, such as the Prefix aggregation cache scheme, per command line.
Examples
The following example shows how to enable an autonomous system aggregation scheme:
ip flow-aggregation cache asThe following example shows how to configure Multiple NetFlow Export Destinations on an Aggregation Cache:
ip flow-aggregation cache destination-prefixexport destination 10.0.101.254 9991export destination 10.0.101.254 1999Related Commands
ip flow-export destination
To enable the exporting of information in NetFlow cache entries, use the ip flow-export destination command in global configuration mode. To disable the exporting of information, use the no form of this command.
ip flow-export destination ip-address udp-port
no ip flow-export destination ip-address udp-port
Syntax Description
ip-address
IP address of the workstation to which you want to send the NetFlow information.
udp-port
UDP protocol-specific port number.
Defaults
Disabled
Command Modes
Global configuration
Command History
Usage Guidelines
To configure multiple NetFlow export destinations to a router, enter the ip flow-export destination command twice, once for each destination. Do not enter the same ip address twice. However, entering two different ip addresses with the same udp port number is configurable.
There is a lot of information in a NetFlow cache entry. When NetFlow is enabled with the ip route-cache flow command, you can use the ip flow-export destination command to configure the router to export the flow cache entry to a workstation when a flow expires. This feature can be useful for purposes of statistics, billing, and security.
Version 5 format includes the source and destination AS addresses, source and destination prefix masks, and a sequence number. Because this change may appear on your router as a maintenance release, support for version 1 format is maintained with the version 1 keyword.
For more information on version 1 and version 5 data format, refer to the "NetFlow Data Format" section in "Configuring NetFlow Switching" chapter of the Cisco IOS Switching Services Configuration Guide.
Examples
The following example configures the router to export he NetFlow cache entry to multiple export destinations:
ip flow-export destination 10.42.42.1 9991ip flow-export destination 10.0.101.254 9991Related Commands
show ip flow export
To display the statistics for the data export, including the main cache and all other enabled caches, use the show ip flow export command in EXEC mode.
show ip flow export
Syntax Description
This command has no keywords and arguments.
Defaults
No default behavior or values.
Command Modes
EXEC
Command History
Usage Guidelines
The following example shows how to use the show ip flow export command:
show ip flow exportFlow export is enabledExporting flows to 10.42.42.1 (9991) 10.0.101.254 (9991)Exporting using source IP address 10.0.101.203Version 5 flow recordsExport Stats for 10.42.42.1 (9991)3 flows exported in 3 udp datagrams0 flows failed due to lack of export packet3 export packets were sent up to process level0 export packets were dropped due to no fib0 export packets were dropped due to adjacency issues0 export packets were dropped enqueuing for the RP0 export packets were dropped due to IPC rate limitingExport Stats for 10.0.101.254 (9991)7 flows exported in 7 udp datagrams0 flows failed due to lack of export packet6 export packets were sent up to process level0 export packets were dropped due to no fib0 export packets were dropped due to adjacency issues0 export packets were dropped enqueuing for the RP0 export packets were dropped due to IPC rate limiting
