10 Netflow Cust XR37 v2

IOS XR
Netflow
XR 3.7
2006 Cisco Systems, Inc. All rights reserved.
IOS-XR NetFlow - Recap

IOS-XR support only sampled NetFlow
IOS-XR support both interfaces and sub-interfaces
R 3.2 support of IPv4 NetFlow on the CRS-1 platform.
R 3.3 support of IPv4 NetFlow on the c12k platform and support of
Bundles on the CRS-1.
R 3.3.1 support of MPLS NetFlow on the CRS-1 platform.
R 3.4 Support of multiple exporters per flow monitor and support for
multiple labels in MPLS keys.
R 3.4.1 Support of IPv4 fields in MPLS flows.
R 3.5. Support of IPv6 NetFlow in the CRS-1 platform and support of
MPLS NetFlow IPv4 fields in MPLS flows on the c12k platform.
IOS-XR NetFlow - Release 3.6/3.7

In R 3.6 we added the following enhancements:
Support of MPLS IPv6 NetFlow on both CRS-1 and c12k
platforms.
Support of bundles in c12k platform
Support up to 2000(GSR)/1000(CRS) interfaces per LC
and up to 3 types of traffic (IPv4/IPv6/MPLS) per interface
per direction
In R 3.7 we added the following for XR12K:

IPv4 address of BGP next-hop
Destination Based Netflow Accounting (Hardware Full

mode)
Netflow Overview:
Introduction
Cisco Netflow is a set of features that allows monitor traffic on
per flow basis
A NetFlow feature defines flow as a sequence of packets in a
router that have the same values of a particular (specific to this
NetFlow feature) set of key fields. The set may include some
Layer 2, 3, 4 header fields from the packets as well as some
routing attributes for the packets
NetFlow features can be partitioned into two categories:
Sampled NetFlow
Aggregate NetFlow
Netflow Overview:
Processing
NetFlow maintains per flow data in a flow record:
Key fields (fields used to distinguish flow)
Non key fields
Byte/Packet counters
Timestamps for the first and last packet in the flow
NetFlow stores flow records in on-router cache
How long records will stay in cache depends on the configuration
When flow records are removed from cache they can be exported to the
NetFlow Collector for post processing and storage, subject to
configuration
Netflow Overview:
Sampled NetFlow
One out of N packets is sampled
Flow Byte/Packet counters are extrapolated by multiplying N
times number of sampled packets/bytes
Only pseudo random sampling algorithm is supported in IOS
XR
Support of Netflow export in v9 format over UDP
Can be configured on ingress and egress
Support interface, subinterface, and bundled interface
Netflow overview:
Aggregate Netflow
Uses hardware support to count bytes/packets for every
packet
Only one aggregation scheme Destination Based Netflow
Accounting (DBNA) is currently supported in 3.7 on XR12K
DBNA can be configured only in ingress direction.
IPv4 Sampled NetFlow Key Fields

Source Address
Destination Address
Layer 4 Source Port
Layer 4 Destination Port
BGP Destination Orig AS
BGP Source Orig AS
BGP Next Hop
Protocol
Traffic class
Input Interface
Layer 4 TCP Flags
Forwarding Status
Direction (Ingress/Egress)
IPv4 SNF non-Key Fields

Output Interface
Prefix length
Timestamp of the last and first packet in the flow
Byte counter
Packet counter
IPv6 Sampled NetFlow

Key fields:
- Source and Destination IP addresses
- Layer 4 Protocol
- Traffic Class
- Source and destination layer-4 ports
- Direction
- Forwarding status
- Ingress interface
- Flow label
-Header options mask
10
MPLS Sampled NetFlow

Key fields:
- Top n (n <= 6) labels of MPLS stack includes EXP and S
bits.
- Ingress interface
- Direction
- Forwarding status
- IPv4 fields:
- Source and destination IP addresses
- TOS
- Layer 4 Protocol
- Layer 4 source and destination port numbers
Non-Key fields:
- Top label type
- Prefix/Length
- Output interface
11
MPLS IPv6 NetFlow
Key fields:
Up to 6 labels of the MPLS stack including EXP bits.
Source and Destination IP addresses
Layer 4 Protocol
Traffic Class
Source and destination layer-4 ports
Direction
Forwarding status
Ingress interface
Flow label
Header options mask
12
DBNA key fields

Ingress Interface
Egress Interface
BGP Next Hop
BGP Destination AS number
Class of Service
Forwarding status
13
DBNA non key fields

Timestamp of the last and first packet in the flow
Byte counter
Packet counter
14
IPv4 SNF Configuration

Sampler configuration:
sampler-map nf1-1000
random 1 out-of 1000
!
Flow monitor configuration:
flow monitor-map fm-ipv4

record ipv4
!
Interface configuration:
Interface GigabitEthernet 0/3/0/0

flow ipv4 monitor fm-ipv4 sampler nf1-1000 ingress
flow ipv4 monitor fm-ipv4 sampler nf1-1000 egress
!
15
BGP Routing Attributes Configuration
The configuration parameter bgp attribute-download

needs to be configured for IPv4 address-family for the bgp
protocol.
16
IPv4 SNF Show command
RP/0/0/CPU0:ios#show flow monitor fmm-ipv4 cache format record location 0/3/cpu0

Cache summary for Flow Monitor fmm-ipv4:
Cache size:
65535
Current entries:
514
High Watermark:
62258
Flows added:
514
Flows not added:
0
Ager Polls:
218
- Active timeout
0
- Inactive timeout
0
- TCP FIN flag
0
- Watermark aged
0
- Emergency aged
0
- Counter wrap aged
0
- Total
0
Periodic export:
- Counter wrap
0
- TCP FIN flag
0
Flows exported
0
17
IPv4 SNF Show command continued
========== Record number: 1 ==========

IPV4SrcAddr
: 1.1.1.254
IPV4DstAddr
: 2.2.2.1
L4SrcPort : 0
L4DestPort : 0
BGPDstOrigAS : 103
BGPSrcOrigAS : 101
BGPNextHop
: 3.3.3.1
IPV4DstPrfxLen : 32
IPV4SrcPrfxLen : 24
IPV4Prot : 255
IPV4TOS : 0x60
InputInterface : Gi0/3/0/0
OutputInterface : Gi0/3/0/1
L4TCPFlags
: 0
ForwardStatus
: FwdNoFrag
FirstSwitched
: 06 22:41:35:346
LastSwitched
: 06 22:41:39:344
ByteCount
: 92
PacketCount : 2
Dir : Egr
18
19

10 Netflow Cust XR37 v2

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

10 Netflow Cust XR37 v2

Caricato da

Copyright:

Formati disponibili

IOS XR

2006 Cisco Systems, Inc. All rights reserved.

IOS-XR NetFlow - Recap

2004 Cisco Systems, Inc. All rights reserved.

IOS-XR NetFlow - Release 3.6/3.7

In R 3.7 we added the following for XR12K:

Destination Based Netflow Accounting (Hardware Full

2004 Cisco Systems, Inc. All rights reserved.

2004 Cisco Systems, Inc. All rights reserved.

2004 Cisco Systems, Inc. All rights reserved.

2004 Cisco Systems, Inc. All rights reserved.

2004 Cisco Systems, Inc. All rights reserved.

IPv4 Sampled NetFlow Key Fields

2004 Cisco Systems, Inc. All rights reserved.

IPv4 SNF non-Key Fields

2004 Cisco Systems, Inc. All rights reserved.

IPv6 Sampled NetFlow

2004 Cisco Systems, Inc. All rights reserved.

MPLS Sampled NetFlow

MPLS IPv6 NetFlow

2004 Cisco Systems, Inc. All rights reserved.

DBNA key fields

2004 Cisco Systems, Inc. All rights reserved.

DBNA non key fields

2004 Cisco Systems, Inc. All rights reserved.

IPv4 SNF Configuration

flow monitor-map fm-ipv4

Interface GigabitEthernet 0/3/0/0

2004 Cisco Systems, Inc. All rights reserved.

BGP Routing Attributes Configuration

The configuration parameter bgp attribute-download

2004 Cisco Systems, Inc. All rights reserved.

IPv4 SNF Show command

RP/0/0/CPU0:ios#show flow monitor fmm-ipv4 cache format record location 0/3/cpu0

2004 Cisco Systems, Inc. All rights reserved.

IPv4 SNF Show command continued

========== Record number: 1 ==========

2004 Cisco Systems, Inc. All rights reserved.

2004 Cisco Systems, Inc. All rights reserved.

Potrebbero piacerti anche