What we will get benefit when we enable netflow feature are real-time monitoring of host behaviors and traffic analysis to identify threats, extensive network performance reports including top talkers, interface utilization, exporter tracking, etc. I have screenshot for your carification.
- Enabling NetFlow
Enter global configuration mode on Cisco router or Cisco switch, and issue the following commands for each interface on which you want to enable NetFlow:
#interface {interface} {interface_number}
#ip route-cache flow - Enabling the exports of these flows
Enter global configuration mode on Cisco router or Cisco switch, and issue the following commands by use the IP address of your NetFlow Collector and configured listening port. UDP port 9995 is used for example.
# ip flow-export version 5
# ip flow-export destination <ip_address> 9995
# ip flow-export source Loopback0 - Turning off NetFlow
Issue the following commands in global configuration mode to stop exporting NetFlow data:
#interface {interface} {interface_number}
#no ip route-cache flow
This will disable NetFlow export on the specified interface. Repeat the commands for each interface on which you need to disable NetFlow. - Diagnosis
In enable mode you can see current NetFlow configuration and state by looking at the output from
#sh ip flow export Shows the current NetFlow configuration
#show ip cache flow and sh ip cache verbose flow These commands summarize the active flows and give an indication of how much NetFlow data the device is exporting
Note: When access lists are used, all cisco routers or cisco switch must log failed network access attempts.
The following is a set of commands issued on a router to enable NetFlow version 5
!
interface Loopback0
ip address 172.30.203.253 255.255.255.255
no ip redirects
no ip proxy-arp
ip route-cache flow
no ip mroute-cache
!
!
interface FastEthernet0/1/0
description LINE:USHQ-VzBPIP,SPEED:8000000,GOLDCAR:256k,DEST:VzB_PERouter
bandwidth 8000
ip address 172.30.0.86 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache cef
ip route-cache flow
no ip mroute-cache
load-interval 30
duplex full
speed 100
no mop enabled
!
interface FastEthernet0/1/1
description Local Network segment for THHQ
ip address 172.30.0.86 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache cef
no ip route-cache flow
duplex auto
speed auto
no cdp enable
no mop enabled
!
!
ip flow-export source Loopback0
ip flow-export version 5
ip flow-export destination 172.30.46.195 9995
ip flow-export destination 172.30.46.71 2055
!
!
access-list 30 permit 172.30.46.195
access-list 30 permit 172.30.46.71
access-list 30 deny any log
!
Wow!
ReplyDeleteI am really impressed by the way you detailed out everything. Cisco IOS (originally Internetwork Operating System) is software used on most Cisco Systems routers and current Cisco network switches.
router cisco
The best cisco hacker ever,... please teach me how to hack world of warcraft pls...
ReplyDeleteGreat help! Actually, I'm in a process of gathering information regarding routers or switches. I placed order for Cisco switches. This is the first time I will be using it for my business needs.
ReplyDeleteNice blog, Cisco is the most reputed company producing networking devices like switches and switches. One of the latest innovations of Cisco Company is the Cisco catalyst 2960-X series switches. These new switches have been specially designed for network programmability. They have offer a special feature of NetFlow Lite which prioritises the business applications.
ReplyDeleteThank you so much for this blog. Good information for me.
ReplyDeleteCisco Router Support
Securitytech offering guarantee customer support and providing Anti Virus, Computer, Browser, Email and Printer tech support service.Call us @ +1-8779336146
ReplyDeleteSophos Antivirus Support
Antivirus Tech Support
Panda Antivirus Support
Avg Antivirus Support
Dell Printer Support
FireWall Configurations Support
Securitytech offering guarantee customer support and providing Anti Virus, Computer, Browser, Email and Printer tech support service.Call us @ +1-8779336146
ReplyDeleteSophos Antivirus Support
Antivirus Tech Support
Panda Antivirus Support
Avg Antivirus Support
Dell Printer Support
FireWall Configurations Support
This is really informative blog! Belkin is one of the most trustable routers in the UK. Belkin Router provides best internet service by their latest features.
ReplyDeleteThank you for sharing the information.
ReplyDeleteHP Switches
Meraki Switches
CISCO Switches
Nice Content Thanks for sharing ..Aruba Wireless Access Points
ReplyDeleteMeraki Wireless Access Points
Wireless Access Points services in bangalore
Wireless Survey services in bangalore
Controller Less Wireless Solution
This blog is helpful and informative with its content on the usefulness.CISCO Firewall Thanks for sharing.
ReplyDeleteBardzo fajnie napisane. Jestem pod wrażeniem i pozdrawiam.
ReplyDeleteThanks so much for sharing this interesting info! I am looking forward to see more posts by you! For Router queries, HOW TO RESET AT&T ROUTER? , HOW TO RESET RESET ASUS ROUTER? , Click in to our site.
ReplyDelete
ReplyDeleteHpe R2H28A Price vs ada
ReplyDeleteISR4331-SEC/K9 dcadax c