To configure NetFlow on a Cisco Nexus switch, you'll need to configure both the NetFlow exporter (which exports flow data) and the NetFlow monitor (which defines the flow characteristics). Cisco Nexus devices use NetFlow v9 and IPFIX as the primary flow export protocols.
Here’s a step-by-step guide to enabling NetFlow on a Cisco Nexus switch:
Step 1: Enable NetFlow Globally
Before you can configure NetFlow on interfaces, you need to enable it globally on the Nexus switch.
This command enables the NetFlow feature on the device.
Step 2: Define a NetFlow Exporter
The exporter defines where the NetFlow data is sent. This typically points to a NetFlow collector or analysis tool (such as SolarWinds, PRTG, etc.).
- EXPORTER_NAME: Name of the exporter (you can choose any name, like
NetFlowExporter
). - destination: IP address of the NetFlow collector.
- transport udp <port>: Specifies the UDP port (default is 2055).
- source-interface: The interface used to send the flow data to the collector (optional but recommended for best performance).
- export-protocol: Choose
netflow-v9
oripfix
depending on your collector’s capabilities.
Step 3: Define a NetFlow Monitor
The NetFlow monitor defines which flow information to collect and how to classify traffic flows.
- MONITOR_NAME: Name of the flow monitor (e.g.,
NetFlowMonitor
). - record netflow-original: Defines the flow record. In most cases,
netflow-original
is used, which captures a standard set of flow information. - exporter: Points to the previously configured exporter.
Step 4: Apply the NetFlow Monitor to Interfaces
Now that the exporter and monitor are configured, apply the NetFlow monitor to specific interfaces or globally.
- input: Captures incoming traffic.
- output: Captures outgoing traffic.
You can apply the flow monitor to multiple interfaces as needed.
Step 5: Verify NetFlow Configuration
After you’ve configured NetFlow, you can verify the settings with the following commands:
These commands will provide you with information on the flow exporter status, configured monitors, and traffic statistics.
Example Configuration:
Here’s an example of the full configuration:
Step 6: Optional - Configure Sampling (if required)
If you want to reduce the volume of flow data, you can configure flow sampling on specific interfaces. For example, to sample 1 out of every 100 packets:
This configures a flow sampler that captures 1 out of every 100 packets on the input side.
Step 7: Configure Flow Timeout (Optional)
You can also adjust the timeout for flows, which defines how long flows remain active before they are exported to the collector.
- active: Time in seconds to wait before a flow is considered "active" and exported.
- inactive: Time in seconds before an inactive flow is exported.