Cisco NetFlow feature to capture statistics about network traffic flows that pass through a router. Although Cisco considers a series of packets a flow if they share, at a minimum, the same source and destination IP addresses, a flow s defined as a series of packets that share the following characteristics:
- Source IP address
- Destination IP address
- Protocol number
- Source protocol port
- Destination protocol port
- Type of Service (ToS) bits
- Associated interface
You can configure NetFlow to monitor either ingress or egress traffic on an interface.
Enabling the NetFlow feature can be very processor-intensive and can have a large impact on device performance.
NetFlow should only be enabled when required on most hardware platforms.
the data gathered by NetFlow is stored locally in dedicated NetFlow tables on each configured device
NetFlow records are exported as User Datagram Protocol (UDP) datagrams by default, some platforms support Stream Control Transmission Protocol (SCTP) as an alternate transport protocol
Example configuration :
(config)#interface ( inbound )
(config-if)#ip flow ingress
(config-if)#interface ( outbound )
(config-if)#ip flow egress
(config)#ip flow-export version X
ip flow-export destination ” ip ” “port” upd (default) or sctp
Verifying configuration
show ip flow interface
