Configure Netflow on VMware SD-WAN 4.4 | Netflow on the SD-WAN Edge

The SD-WAN Orchestrator allows you to configure Netflow collectors and filters as network services at the profile, edge, and segment level. You can configure a maximum of two collectors per segment and eight collectors per profile and edge. Also, you can configure a maximum of 16 filters per collector.

Procedure

  1. From the SD-WAN Orchestrator, go to Configure > Network Services.
    The Services page appears.
  2. To configure a collector, go to the Netflow Settings area and click the New button at the right side of the Collector table. The Add New Collector dialog box appears.
    1. In the Collector Name text box, enter a unique name for the collector.
    2. In the Collector IP text box, enter the IP address of the collector.
    3. In the Collector Port text box, enter the port ID of the collector.
    4. Click Save Changes.
      Under Network Services, the newly added collector appears in the Collector table.
  3. SD-WAN Orchestrator allows filtering of traffic flow records by source IP, destination IP, and application ID associated with the flow. To configure a filter, go to the Netflow Settings area and click the New button at the right side of the Filter table. The Add New Filter dialog box appears.
    1. In the Filter Name text box, enter a unique name for the filter.
    2. Under the Match area, click Define to define per collector filtering rules to match by source IP or destination IP or application associated with the flow, or click Any to use any of the source IP or destination IP or application associated with the flow as the match criteria for Netflow filtering.
    3. Under the Action area, select either Allow or Deny as the filter action for the traffic flow, and click OK.
      Under Network Services, the newly added filter appears in the Filter table.

Results

At the profile and edge level, the configured collectors and filters appears as a list under the Netflow Settings area in the Device tab.

After you enable Netflow on the SD-WAN Edge, it periodically sends messages to the configured collector. The contents of these messages are defined using IPFIX templates. For more information on templates, see IPFIX Templates.