What is Netflow? How To Configure Netflow on Cisco Router

By | 9th November 2015

To enable NetFlow on a router, you must use the following commands:

ip flow {ingress | egress}

This enables NetFlow on the interface. Captures traffic that is being received or being transmitted by the interface.

ip flow-export destination ip-address udp-port 

This is the IP address of the network device or server to which you want to send the NetFlow information and the number of the UDP port on which the network device or server is listening for this information. UDP port 9996 is commonly used for NetFlow.

ip flow-export version version 

This specifies the version format that the export packet uses.




How To Configure Netflow

How To Configure Netflow

HQ1(config)# interface Gi0/0

HQ1(config-if)# ip flow ingress

HQ1(config-if)# ip flow egress

HQ1(config-if)# exit

HQ1(config)# ip flow-export destination 172.16.20.84 9996

HQ1(config)# ip flow-export version 9

The figure above shows the configurations for NetFlow data capture and export to NetFlow collector with IP address 172.16.20.84, where you can analyze the exported data.

Traffic that is received or transmitted by the GigabitEthernet 0/0 interface is captured using the ip flow command.

The captured NetFlow information is then sent to the collector with IP address 172.16.20.84 on UDP port 9996.

The ip flow-export version command shows that the export packet uses the version 9 format.




How to Verify Netflow Configuration on Cisco router.

You can use the show ip flow interface command to verify if NetFlow is enabled on an interface.

HQ1# show ip flow interface

GigabitEthernet0/0

  ip flow ingress

  ip flow egress

 In the example, NetFlow is enabled in the ingress and egress directions on the GigabitEthernet0/0 interface.

Use the show ip flow export command to verify the status and statistics for NetFlow accounting data export.

HQ1# show ip flow export

Flow export v9 is enabled for main cache

Export source and destination details :

VRF ID : Default

Destination(1) 172.16.20.84 (9996)

Version 9 flow records

35 flows exported in 15 udp datagrams

In the example above, the configured destination for NetFlow export is 172.16.20.84 using UDP port 9996. The version of the configured flow export is 9.




Network Troubleshooting
Network Security
IPv6 Protocols

Understanding Simple Network Management Protocol-SNMP

Understanding Virtual Router Redundancy Protocol (VRRP)

Understanding Gateway Load Balancing Protocol (GLBP)

Leave a Reply

Your email address will not be published. Required fields are marked *