designetwork(EN)

IT technical memo of networking

Cisco CSR1000V NetFlow Settings

f:id:daichi703n:20160307021611j:plain

Setting the NetFlow with Cisco CSR1000V ( Virtual Router Appliance ).
There are a case of that NetFlow Collector does NOT support ASA5505's NetFlow, because the ASA5505's NetFlow is NSEL that is fer difference from NetFlow though it is based on NetFlow v9.
For example, Opmantek opFlow does NOT support NSEL.

Installation CSR1000V

Installation of CSR100V on VMware ESXi is in this page.
It can be installed follow wizard with OVA file.
www.cisco.com

NetFlow Settings

Settings of NetFlow in CSR1000V is below.(about Base Config doesn't describe here because it is like other Cisco Router)
In this case, I referred the document of ASR(IOS-XR)

Create FlowRecord

Create FlowRecord for setting Key Field.

flow record opFlowRecord
 description opFlow
 match ipv4 source address
 match ipv4 destination address
 match ipv4 protocol
 match transport source-port
 match transport destination-port
 collect counter bytes long
 collect counter packets long

Create FlowExporter

Create FlowExporter for setting destination that is FlowCollector, Analyzer.
Set the Port Number to 12345 for matching default port of opFlow(Flowd).

flow exporter opFlowExporter
 destination 192.168.1.65
 transport udp 12345

Create FlowMonitor

Create FlowMonitor to associate FlowRecord with FlowExporter.

flow monitor opFlowMonitor
 exporter opFlowExporter
 record opFlowRecord

Assign to interface

Assign the FlowMonitor to interface.
In my environment, Because of that default-gateway exists in same segment, set to not redirect.

interface GigabitEthernet1
 ip address 192.168.1.15 255.255.255.0
 no ip redirects
 ip flow monitor opFlowMonitor input
 negotiation auto

Checking status

You can check the setting works correctly like below.

CSR1000v-15#show flow exporter opFlowExporter statistics
Flow Exporter opFlowExporter:
  Packet send statistics (last cleared 00:44:21 ago):
    Successfully sent:         622                   (83060 bytes)
    Reason not given:          4                     (404 bytes)

  Client send statistics:
    Client: Flow Monitor opFlowMonitor
      Records added:           2744
        - sent:                2731
        - failed to send:      13
      Bytes added:             79576
        - sent:                79199
        - failed to send:      377

This Blog is English Version of my JP's.

Sorry if my English sentences are incorrect.

designetwork