Being a switch/router hybrid model, the configuration is a little different from standard Cisco routers models, like the 2811, but not too much.
I would also recommend checking out this great resource directly from Cisco to configure the Catalyst 6509 for NetFlow.
With most Cisco routers, there are two sets of commands used to enable NetFlow. However, with the 6509, there are technically three sets of commands.
To enable NetFlow on the router, you need the following:
switch (config)#ip flow-export source (insert interface name here)
switch (config)#ip flow-export version 5
switch (config)#ip flow-export destination (netflow collector ip address) (port to export flows to)
switch (config)#ip flow ingress layer2-switched vlan (insert vlans X,Y,X)
switch (config)#ip flow-cache timeout active 1
Sample:
switch (config)#ip flow-export source vlan88
switch (config)#ip flow-export version 5
switch (config)#ip flow-export destination 10.10.100.98 2055
switch (config)#ip flow ingress layer2-switched vlan 88
switch (config)#ip flow-cache timeout active 1
Once those are in place, we now need to configure NetFlow for the switched traffic:
switch (config)#mls nde sender version 5
switch (config)#mls flow ip interface-full
switch (config)#mls nde interface
switch (config)#mls aging long 64
switch (config)#mls aging normal 64
After you have configured these global, you now can configure each of the interfaces themselves for NetFlow:
switch (config-if)#ip route-cache flow
or
switch (config-if)#ip flow ingress
* Note:
1. ip route-cache flow will enable flows on the physical interface and all sub-interfaces associated with it.
2. ip flow ingress will enable flows on individual sub-interfaces, as opposed to all of them on the same interface.
You may finally use the show mls nde command to display the NetFlow export information.
No comments:
Post a Comment