Flow export settings EcoRouter Documentation / Flow export settings
EcoRouter supports IPFIX, according to RFC5101 (NetFlow v.10), using UDP and port 4739 to transfer data to the collector.
The Netflow sensor allocates from the passing traffic streams with the following matching parameters:
- source address;
- destination address;
- source port for UDP and TCP;
- destination port for UDP and TCP;
- message type and code for ICMP;
- IP protocol number;
- network interface (ifindex SNMP parameter);
- IP Type of Service
- source mask;
- destination mask.
A stream is a set of packets which is transferred in one direction. When the sensor determines the stream is over (the packets parameters changed, or the TCP session is reset), it sends information to the collector. Depending on the settings, it can also periodically send information to the collector about the still-flowing streams.
The configuration objects called sensor profiles ( flow-export-profile ) are used to control sensors. Use the flow-export-profile <NUM> command to create sensor profile in configuration mode, where <NUM> is profile index.
Use the same command to configore profile. The command available in the profile configuration mode are shown in the table below.
| Command | Description |
|---|---|
description <DESCRIPTION> | Create profile description |
destination <IP> [port <1-65535>] [vrf <NAME>] [source <IP>] | Collector IP address. The address format is A.B.C.D. The collector UDP port can be specified after the IP address. Also, the virtual routing table (VRF) which will be used for data transfer can be specified (this parameter is unavailable for virtual routers). Specific source address can be used for outgoing packets from router to collector. |
packet-sampling <50-1000> | The sequence number of the packet from the stream that will be transferred to the collector. For example, every 50th. The default value is 500 |
timeout active <1-300> | The period after which the data will be transferred to the collector in active session, in seconds. The default value is 60 |
timeout inactive <5-300> | The period after which the data will be transferred to the collector after session is terminated, in seconds. The default value is 15 |
timeout template <1-30> | The period after which the stream message template will be transferred to the collector, in seconds. The default value is 15 |
Use the flow-export-profile <NUM> command to assign the sensor profile to the interface in the interface configuration context mode.
Thesensor profile configuration is also available for virtual routers. The configuration commands, similar to those described above, must be executed in the virtual router interface.
Configuration example
In this scenario, configurаtion of the sensor on the e3 interface of the ECO-2 device is shown.
Step 1. The configuration is made in configuration mode.
ecorouter>en
ecorouter#configure terminal
Step 2. Configuration of interfaces and ports of the device.
ecorouter(config)#interface e1
ecorouter(config-if)#ip add 172.16.0.1/16
ecorouter(config)#interface e2
ecorouter(config-if)#ip add 192.168.2.1/24
ecorouter(config)#interface e3
ecorouter(config-if)#ip add 192.168.3.1/24
ecorouter(config)#port te0
ecorouter(config-port)#service-instance te0/e1
ecorouter(config-service-instance)#encapsulation untagged
ecorouter(config-service-instance)#connect ip int e1
ecorouter(config)#port te1
ecorouter(config-port)#service-instance te1/e2
ecorouter(config-service-instance)#encapsulation untagged
ecorouter(config-service-instance)#connect ip int e2
ecorouter(config)#port te2
ecorouter(config-port)#service-instance te2/e3
ecorouter(config-service-instance)#encapsulation untagged
ecorouter(config-service-instance)#connect ip int e3
Step 3. Sensor profile creation.
ecorouter(config)#flow-export-profile 1
ecorouter(config-flow-export)#description Netflow
ecorouter(config-flow-export)#destination 172.16.0.2
ecorouter(config-flow-export)#packet-sampling 1
ecorouter(config-flow-export)#timeout active 30
ecorouter(config-flow-export)#timeout inactive 30
Step 4. Assign the sensor profile to the interface.
ecorouter(config)#interface e3
ecorouter(config-if)#flow-export-profile 10
Show commands
Use the show flow-export-profile and show flow-export-profile <NUM> commands in administration mode to display the configured profile. These commands display the list of all configured sensors of the device without a number and specific numbered profile.
ecorouter#sh flow-export-profile
NetFlow profile 1
Description: Netflow.10
Destination: 172.16.0.2
Active timeout: 30
Inactive timeout: 30
Packet sampling: 1
Use the same command as to display the information about the state of the interface in administration mode to display Netflow statistics - show interface <NAME>.
See an example below.
ecorouter#sh interface e1
Interface e1 is up
Ethernet address: 1c87.7640.d603
MTU: 100
ICMP redirection is on
Label switching is disabled
<UP,BROADCAST,RUNNING,MULTICAST>
Connect service instance te0.te0/e1 symmetric
inet 10.0.0.1/16 broadcast 10.0.255.255/16
NetFlow profile 0
Destination: 10.0.0.2:9996
Total packets: 2077, dropped packets: 0, flow count: 10
total input packets 103844, bytes 6647020
total output packets 100917, bytes 6463274
Here:
Total packets is a packet number transferred to the netflow buffer of the router,
dropped packets is a packet number not transferred to the netflow buffer because of error occured ,
flow count is a number of streams in the buffer.