Understanding IPv6 net-flow

Document

Apr 30, 2012 5:35 AM
Apr 30th, 2012

Introduction

Cisco IOS netflow provide network administrators with information concerning IP flows within their data networks such as network traffic accounting, usage-based network  billing, network planning, security, Denial of Service monitoring  capabilities, and network monitoring. It provides valuable information and exported NetFlow data can be used for a variety of  purposes like  network management and planning, enterprise  accounting, and Internet Service Provider (ISP)  billing, data warehousing, combating Denial of Service (DoS) attacks,  and data mining for marketing purpose. Net-flow for IPv6 provides basic funcationality of net-flow without affecting the IPv4 net-flow performance. This document provides summary steps on how to configure the ipv6 netflow on Cisco IOS.

Note: The below configuration steps are tested in 12.4 IOS release. To configure IPv6 NetFlow in IOS 12.4(20)T and above refer to

IPv6 Flexible Netflow Configuration Example

How to enable Ipv6 netflow

Summary Steps:

In Configuration mode:

1. ipv6 flow-export version 9

This command enables the exporting of information in NetFlow cache entries.

2. ipv6 flow-export destination ip-address udp-port

This command enable the exporting of information in NetFlow cache entries to a specific address or port.

3. ipv6 flow-export template {refresh-rate packet-refresh-rate | timeout timeout-value}

Configuring this command in the global configuration mode, enable the exporting of information in NetFlow cache entries,

For example:

ipv6 flow-export template refresh-rate 100 means NetFlow cache is refreshed after 100 packets are collected.

In otherwords, the refresh-rate specifies the number of export packets that are sent before the options and flow templates are resent. The value ranges from 1 to 600. and the default value is 20.

ipv6 flow-export template timeout-rate 60 means the flow and options is resent after every 60 minutes

The timeout-rate specifies the interval (in minutes) that the  router waits after sending the templates (flow and options) before  sending them again. The value ranges from 1 to 3600 and the default value is 30.

4. ipv6 flow-export template options {export-stats | refresh-rate packet-refresh-rate | timeout timeout-value}

This command configures templates for IPv6 cache exports.

Configuring this command enables the  export-stats, refresh-rate and timeout-rate keywords for configuring Version 9 export options.

In Interface mode:

  1. ipv6 flow {ingress | egress}

This command enables accounting of  IPv6 packets arriving on an interface configured for 6PE

Configuring ipv6 flow ingress enables IPv6 flow capture on incoming packets.

Configuring ipv6 flow egress enables IPv6 flow capture on outgoing packets.

Managing NetFlow for IPv6 Statistics

The following show commands can be used to display the cache content and cache statistics

  • show ipv6 flow cache

This command displays the cache content. Sample output is shown as below:

shipv6flowcache.gif

  • show ipv6 flow export.

This command displays the export statistics.Sample output is shown below.

shipv6flowexport.gif

1.

Related Information

NetFlow Version 9 Flow-Record Format

Cisco IOS Netflow

IPv6 - Frequently Asked Questions (FAQ)

Average Rating: 4.5 (2 ratings)

Comments

Don Jacob Mon, 12/03/2012 - 05:55 (reply to sivnaray)

Is there an option to export NetFlow data to IPv6 address? ie. ip flow export destination "ipv6 address".

Regards,

Don Thomas

Gian Paolo Boarina Sat, 02/23/2013 - 09:32

Hi Sivagami,

what happens if the export destination is configured only for the aggregation cache but not for the main cache?

ipv6 flow-export source Loopback0

ipv6 flow-aggregation cache destination-prefix

export version 9

export destination 1.1.1.1 1111

sh ipv6 flow export

Flow export v9 is disabled for main cache

  Version 9 flow records

  Cache for destination-prefix aggregation:

  VRF ID : Default

    Destination(1)  6.6.44.100 (9876)

Are aggregate flow entries sent to the destination or is the main cache export required too?

Thanks

Actions

Login or Register to take actions

This Document

Posted April 30, 2012 at 5:35 AM
Stats:
Comments:4 Avg. Rating:4.5
Views:5543 Contributors:4
Shares:0
Tags: No tags.

Documents Leaderboard