Scribd Logo
Upload

Welcome to Scribd!

  • 10 Netflow Cust XR37 v2

    Uploaded by

    charrazca
    5 views19 pages

    Original Title

    10_Netflow_Cust_XR37_v2.ppt

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views19 pages

    10 Netflow Cust XR37 v2

    Uploaded by

    charrazca

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 19

    IOS XR

    Netflow
    XR 3.7

    2006 Cisco Systems, Inc. All rights reserved. 1


    IOS-XR NetFlow - Recap

    IOS-XR support only sampled NetFlow


    IOS-XR support both interfaces and sub-interfaces
    R 3.2 support of IPv4 NetFlow on the CRS-1 platform.
    R 3.3 support of IPv4 NetFlow on the c12k platform and
    support of Bundles on the CRS-1.
    R 3.3.1 support of MPLS NetFlow on the CRS-1 platform.
    R 3.4 Support of multiple exporters per flow monitor and
    support for multiple labels in MPLS keys.
    R 3.4.1 Support of IPv4 fields in MPLS flows.
    R 3.5. Support of IPv6 NetFlow in the CRS-1 platform and
    support of MPLS NetFlow IPv4 fields in MPLS flows on the
    c12k platform.

    2004 Cisco Systems, Inc. All rights reserved. 2


    IOS-XR NetFlow - Release 3.6/3.7

    In R 3.6 we added the following enhancements:


    Support of MPLS IPv6 NetFlow on both CRS-1 and c12k
    platforms.
    Support of bundles in c12k platform
    Support up to 2000(GSR)/1000(CRS) interfaces per LC and
    up to 3 types of traffic (IPv4/IPv6/MPLS) per interface per
    direction
    In R 3.7 we added the following for XR12K:
    IPv4 address of BGP next-hop
    Destination Based Netflow Accounting (Hardware Full
    mode)

    2004 Cisco Systems, Inc. All rights reserved. 3


    Netflow Overview:
    Introduction

    Cisco Netflow is a set of features that allows monitor traffic


    on per flow basis
    A NetFlow feature defines flow as a sequence of packets in a
    router that have the same values of a particular (specific to
    this NetFlow feature) set of key fields. The set may include
    some Layer 2, 3, 4 header fields from the packets as well as
    some routing attributes for the packets
    NetFlow features can be partitioned into two categories:
    Sampled NetFlow
    Aggregate NetFlow

    2004 Cisco Systems, Inc. All rights reserved. 4


    Netflow Overview:
    Processing

    NetFlow maintains per flow data in a flow record:


    Key fields (fields used to distinguish flow)
    Non key fields
    Byte/Packet counters
    Timestamps for the first and last packet in the flow
    NetFlow stores flow records in on-router cache
    How long records will stay in cache depends on the
    configuration
    When flow records are removed from cache they can be
    exported to the NetFlow Collector for post processing and
    storage, subject to configuration

    2004 Cisco Systems, Inc. All rights reserved. 5


    Netflow Overview:
    Sampled NetFlow

    One out of N packets is sampled


    Flow Byte/Packet counters are extrapolated by multiplying N
    times number of sampled packets/bytes
    Only pseudo random sampling algorithm is supported in IOS
    XR
    Support of Netflow export in v9 format over UDP
    Can be configured on ingress and egress
    Support interface, subinterface, and bundled interface

    2004 Cisco Systems, Inc. All rights reserved. 6


    Netflow overview:
    Aggregate Netflow

    Uses hardware support to count bytes/packets for every


    packet
    Only one aggregation scheme Destination Based Netflow
    Accounting (DBNA) is currently supported in 3.7 on XR12K
    DBNA can be configured only in ingress direction.

    2004 Cisco Systems, Inc. All rights reserved. 7


    IPv4 Sampled NetFlow Key Fields

    Source Address
    Destination Address
    Layer 4 Source Port
    Layer 4 Destination Port
    BGP Destination Orig AS
    BGP Source Orig AS
    BGP Next Hop
    Protocol
    Traffic class
    Input Interface
    Layer 4 TCP Flags
    Forwarding Status
    Direction (Ingress/Egress)
    2004 Cisco Systems, Inc. All rights reserved. 8
    IPv4 SNF non-Key Fields

    Output Interface
    Prefix length
    Timestamp of the last and first packet in the flow
    Byte counter
    Packet counter

    2004 Cisco Systems, Inc. All rights reserved. 9


    IPv6 Sampled NetFlow

    Key fields:
    - Source and Destination IP addresses
    - Layer 4 Protocol
    - Traffic Class
    - Source and destination layer-4 ports
    - Direction
    - Forwarding status
    - Ingress interface
    - Flow label
    -Header options mask

    2004 Cisco Systems, Inc. All rights reserved. 10


    MPLS Sampled NetFlow
    Key fields:
    - Top n (n <= 6) labels of MPLS stack includes EXP and S
    bits.
    - Ingress interface
    - Direction
    - Forwarding status
    - IPv4 fields:
    - Source and destination IP addresses
    - TOS
    - Layer 4 Protocol
    - Layer 4 source and destination port numbers
    Non-Key fields:
    - Top label type
    - Prefix/Length
    - Output interface
    2004 Cisco Systems, Inc. All rights reserved. 11
    MPLS IPv6 NetFlow

    Key fields:
    Up to 6 labels of the MPLS stack including EXP bits.
    Source and Destination IP addresses
    Layer 4 Protocol
    Traffic Class
    Source and destination layer-4 ports
    Direction
    Forwarding status
    Ingress interface
    Flow label
    Header options mask

    2004 Cisco Systems, Inc. All rights reserved. 12


    DBNA key fields

    Ingress Interface
    Egress Interface
    BGP Next Hop
    BGP Destination AS number
    Class of Service
    Forwarding status

    2004 Cisco Systems, Inc. All rights reserved. 13


    DBNA non key fields

    Timestamp of the last and first packet in the flow


    Byte counter
    Packet counter

    2004 Cisco Systems, Inc. All rights reserved. 14


    IPv4 SNF Configuration

    Sampler configuration:
    sampler-map nf1-1000
    random 1 out-of 1000
    !
    Flow monitor configuration:
    flow monitor-map fm-ipv4
    record ipv4
    !
    Interface configuration:
    Interface GigabitEthernet 0/3/0/0
    flow ipv4 monitor fm-ipv4 sampler nf1-1000 ingress
    flow ipv4 monitor fm-ipv4 sampler nf1-1000 egress
    !

    2004 Cisco Systems, Inc. All rights reserved. 15


    BGP Routing Attributes Configuration

    The configuration parameter bgp attribute-download


    needs to be configured for IPv4 address-family for the bgp
    protocol.

    2004 Cisco Systems, Inc. All rights reserved. 16


    IPv4 SNF Show command
    RP/0/0/CPU0:ios#show flow monitor fmm-ipv4 cache format
    record location 0/3/cpu0
    Cache summary for Flow Monitor fmm-ipv4:
    Cache size: 65535
    Current entries: 514
    High Watermark: 62258
    Flows added: 514
    Flows not added: 0
    Ager Polls: 218
    - Active timeout 0
    - Inactive timeout 0
    - TCP FIN flag 0
    - Watermark aged 0
    - Emergency aged 0
    - Counter wrap aged 0
    - Total 0
    Periodic export:
    - Counter wrap 0
    - TCP FIN flag 0
    Flows exported 0
    2004 Cisco Systems, Inc. All rights reserved. 17
    IPv4 SNF Show command continued
    ========== Record number: 1 ==========
    IPV4SrcAddr : 1.1.1.254
    IPV4DstAddr : 2.2.2.1
    L4SrcPort : 0
    L4DestPort : 0
    BGPDstOrigAS : 103
    BGPSrcOrigAS : 101
    BGPNextHop : 3.3.3.1
    IPV4DstPrfxLen : 32
    IPV4SrcPrfxLen : 24
    IPV4Prot : 255
    IPV4TOS : 0x60
    InputInterface : Gi0/3/0/0
    OutputInterface : Gi0/3/0/1
    L4TCPFlags : 0
    ForwardStatus : FwdNoFrag
    FirstSwitched : 06 22:41:35:346
    LastSwitched : 06 22:41:39:344
    ByteCount : 92
    PacketCount : 2
    Dir : Egr
    2004 Cisco Systems, Inc. All rights reserved. 18
    2004 Cisco Systems, Inc. All rights reserved. 19

    You might also like