Start Free Trial
Start Free Trial

How can we help?

  1. Auvik Support
  2. Audit and Reporting
  3. Device configuration for Auvik TrafficInsights
  4. How to Configure Netflow

How to configure Netflow on Cisco Catalyst 9300 series and Cisco Nexus switches

Avatar
Lawrence Popa
Follow

These instructions assume:

Items that are between { } and in bold should be replaced with values specific to the environment being configured.

1. Configure the Input Flow Record

You can create a flow record and add keys to match on and fields to collect in the flow.

config terminal

flow record {AuvikInputRecord}

match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match ipv4 protocol
match interface input
match ipv4 tos
match flow direction
collect interface output
collect counter bytes long
collect counter packets long
collect transport tcp flags
collect timestamp absolute first
collect timestamp absolute last

 

2. Configure the Output Flow Record

flow record {AuvikOutputRecord}

match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match ipv4 protocol
match interface output
match ipv4 tos
match flow direction
collect interface input
collect counter bytes long
collect counter packets long
collect transport tcp flags
collect timestamp absolute first
collect timestamp absolute last

 

3. Configure the Flow Exporter

You can create a flow export to define the export parameters for a flow.

Each flow exporter supports only one destination. If you want to export the data to multiple destinations, you must configure multiple flow exporters and assign them to the flow monitor.

Set the destination to the IP address of your Auvik Collector.

flow exporter {ExporterName}
destination {AuvikCollectorIP}
source {ManagementInterfaceName}
transport udp {Must be on one of these ports: 2055,2056,4432,4739,6343,9995 or 9996}
template data timeout 60

 

4. Configure the Input and Output Flow Monitor

You can create a flow monitor and associate it with a flow record and a flow exporter.

flow monitor {AuvikInputMonitor}
exporter {ExporterName}
record {AuvikInputRecord}
cache timeout active 60

flow monitor {AuvikOutputMonitor}
exporter {ExporterName}
record {AuvikOutputRecord}
cache timeout active 60

 

4. Enabling Flow on an Interface

Enter global configuration mode on the Cisco Catalyst 9300, and issue the following commands for each interface on which you want to enable flow:

interface {InterfaceName}
ip flow monitor {AuvikInputMonitor} input
ip flow monitor {AuvikOutputMonitor} output

 

5. Save the configuration

copy running-config startup-config
Was this article helpful?
5 out of 8 found this helpful
Have more questions? Submit a request

Auvik System Status

Check system status

Need help?

Submit your question or comment and we'll be in touch.

Send a message

Related articles