Hi Giuseppe,

Thanks for your quick response.

Can you show me the full command to enable (notice: use origin-as that allows to associate a prefix with the AS that owns it)

Regards,

Naidu.

Hello Naidu,

there are other commands that need to be added to the interfaces that you want to monitor:

int type x/y

ip route-cache flow

note: by default netflow classifies traffic inbound the interfaces

so on the wan interfaces you see traffic coming from internet and on lan interfaces on border router you see traffic going to internet.

This is important later to create correct aggregations of traffic data.

about origin-as:

if net 145.145.0.0 comes from AS 7000

you see a BGP path like

1255 4500 3336 7000

if you use peer-as the prefix is associated to AS 1255 that is the AS that has passed you the BGP advertisement and then one you send the traffic to

Origin-as is useful because allows to understand from what AS traffic comes.

Hope to help

Giuseppe

Hi Giuseppe,

To install NetFlow Analyser in some device what are the things compatibilites with device we need to consider.

Example I have 4560S, 1850R what things I need to see and consider to install NetFlow.

Regards,

Naidu.

Hello Naidu,

netflow analyzer and netflow collector are installed in unix workstations not on network devices

network devices just need to be configured to export info about monitored flows

see

http://www.cisco.com/en/US/docs/net_mgmt/netflow_collection_engine/6.0/tier_one/installation/guide/in_chap.html

Hardware Requirements

Cisco NetFlow Collector, Release 6.0 has the following hardware requirements:

•Minimum: 2 GB RAM, 73 GB disk, dual processor on an entry-level server.

•Recommended: 4 to 8 GB RAM, two or more 15K SAS 146 GB or greater disks, dual 3 GHz dual-core (5160) processor entry-level server.

Supported Operating Systems and Platforms

Cisco NetFlow Collector, Release 6.0 supports the following operating systems and platforms:

•Solaris 8, Solaris 9, or Solaris 10 on an entry-level server with dual 1 GHz or greater SPARC processors such as a Sun Fire V240.

•Red Hat Enterprise Linux 2.1, 3.0, or 4.0 (ES and AS) on an entry-level server, such as an IBM x3550 or x3650 with dual 2.8 GHz or greater Intel Xeon single-core processor or dual 3 GHz dual-core (5160) processors.

to be noted that open source alternatives to netflow collector exist

an example:

http://neye.unsupported.info/

Hope to help

Giuseppe

Hi Giuseppe,

Sorry for the confusion.

I mean what are the minimal requirements that the device need have to enable the NetFlow commands in that not to installation of NetFlow Analyzer.

Regards,

Naidu.

Hello Naidu,

sorry for the misunderstanding

for software based routers no problem.

multilayer switches: actually only C6500 support it.

example C3750 don't support netflow

for c4500:

Supervisor Engine 6-E and LAN Base image do not support Netflow.

see

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/46sg/configuration/guide/nfswitch.html

Hope to help

Giuseppe

Hi Giuseppe,

Unfortunately I have the below following devices and those need to create NetFlow for Traffic & Packet analyzer.

Cisco 4507S & 7 numbers 1841R

Will it support for above devices.

Regards,

Naidu.

Hello Naidu,

for the C4507 if the supervisor is different from 6-E and you have an image above lan base the answer is yes.

For the 1841 it is supported: it is supported on older 1721 so I think no problem about these software based routers

see also table-7 here:

http://www.cisco.com/en/US/products/sw/netmgtsw/ps1964/products_implementation_design_guide09186a00800d6a11.html#wp1093125

Hope to help

Giuseppe