How to configure a Cisco ISR router to send Netflow v5 data to VOSS Insights arbitrator¶
Abstract¶
This document provides the procedure to configure a Cisco ISR router to send Netflow data to VOSS Insights arbitrator using v5 format.
Assumptions¶
This document assumes that the following configuration will be applied on a Cisco ISR router with two interfaces:
GigabitEthernet0/0/0
GigabitEthernet0/0/1
For the purposes of this guide, the following software specifications are assumed:
isr4300-3977#show version
Cisco IOS XE Software, Version 03.16.04b.S - Extended Support Release
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M),
Version
15.5(3)S4b, RELEASE SOFTWARE (fc1)
VOSS Insights Team recommends that Netflow is configured and enabled in the “ingress” direction for all interfaces on a Netflow source device.
Configuration¶
The following sample configuration can be used as a template for Netflow v5:
ENABLE SNMP INDEX PERSISTENCE
isr4300-3977#configure terminal
Enter configuration commands, one per line. End with CTRL-Z.
isr4300-3977(config)#snmp-server ifindex persist
isr4300-3977(config)#
NETFLOW CONFIGURATION
isr4300-3977(config)#flow exporter lxexporter-1
destination [VOSS Insights arbitrator IP Address]
export-protocol netflow-v5
transport udp [Netflow Collector Port]
exit
isr4300-3977(config)#flow monitor lx-flowmonitor-1
record netflow ipv4 original-input
exporter lxexporter-1
exit
isr4300-3977(config)#ip cef distributed
isr4300-3977(config)#interface GigabitEthernet0/0/0
ip flow monitor lx-flowmonitor-1 input
exit
isr4300-3977(config)#interface GigabitEthernet0/0/0
ip flow monitor lx-flowmonitor-1 output
exit
isr4300-3977(config)#exit
#copy run start
Note
Please note that VOSS Insights arbitrator uses UDP 9996 to receive Netflow v5 by default.