Cisco Nexus 7000 NetFlow Configuration-using netflow-original

Cisco Nexus 7000 NetFlow Configuration-using netflow-original


The Cisco Nexus 7000 switch runs Cisco NX-OS operating system. Configuring Netflow is
a little different than in traditional IOS devices. Follow the below 5 steps to enable Netflow
monitoring.


1. Enable Netflow Feature and set timeouts
switch(config)#feature netflow
switch(config)#flow timeout active 60
switch(config)#flow timeout inactive 15


2. Create a Flow Record (specify the fields to export)
We will use the Nexus predefined record of “netflow-original” for this
configuration.
See Creating a Flow Record section of appendix for creating a custom flow record.


3. Create a Flow Exporter (specify where/how NetFlow is to be sent)
switch(config)#flow exporter netflow_to_stealthwatch
switch(config-flow-exporter)#description Export NetFlow to StealthWatch
switch(config-flow-exporter)#destination <xe_collector_IP_address>
switch(config-flow-exporter)#source <interface>(e.g. use a Loopback)
switch(config-flow-exporter)#transport udp 2055
switch(config-flow-exporter)#version 9


4. Create a Flow Monitor (tie the Flow Record to the Flow Exporter)
switch(config)#flow monitor standard_v9netflow
switch(config-flow-monitor)#record netflow-original
switch(config-flow-monitor)#exporter netflow_to_stealthwatch


5. Assign Flow Monitor to selected interfaces
Repeat this step on every interface you are interested in monitoring traffic for.
switch(config)#interface <interface> → (e.g. VLAN1 or g2/1)
switch(config-if)#ip flow monitor standard_v9netflow input


Validate configuration:
show flow record netflow-original
show flow monitor standard_v9netflow statistics
show flow monitor standard_v9netflow cache
Reference:


www.cisco.com/.../
sm_netflow.html