Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Understanding IPv6 net-flow

 

 

Introduction

Cisco IOS netflow provide network administrators with information concerning IP flows within their data networks such as network traffic accounting, usage-based network  billing, network planning, security, Denial of Service monitoring  capabilities, and network monitoring. It provides valuable information and exported NetFlow data can be used for a variety of  purposes like  network management and planning, enterprise  accounting, and Internet Service Provider (ISP)  billing, data warehousing, combating Denial of Service (DoS) attacks,  and data mining for marketing purpose. Net-flow for IPv6 provides basic funcationality of net-flow without affecting the IPv4 net-flow performance. This document provides summary steps on how to configure the ipv6 netflow on Cisco IOS.

 

Note: The below configuration steps are tested in 12.4 IOS release. To configure IPv6 NetFlow in IOS 12.4(20)T and above refer to

IPv6 Flexible Netflow Configuration Example

 

How to enable Ipv6 netflow

Summary Steps:

In Configuration mode:

 

1. ipv6 flow-export version 9

 

This command enables the exporting of information in NetFlow cache entries.

 

2. ipv6 flow-export destination ip-address udp-port

 

This command enable the exporting of information in NetFlow cache entries to a specific address or port.

 

3. ipv6 flow-export template {refresh-rate packet-refresh-rate | timeout timeout-value}

 

Configuring this command in the global configuration mode, enable the exporting of information in NetFlow cache entries,

 

For example:

 

ipv6 flow-export template refresh-rate 100 means NetFlow cache is refreshed after 100 packets are collected.

 

In otherwords, the refresh-rate specifies the number of export packets that are sent before the options and flow templates are resent. The value ranges from 1 to 600. and the default value is 20.

 

 

ipv6 flow-export template timeout-rate 60 means the flow and options is resent after every 60 minutes

 

The timeout-rate specifies the interval (in minutes) that the  router waits after sending the templates (flow and options) before  sending them again. The value ranges from 1 to 3600 and the default value is 30.

 

 

4. ipv6 flow-export template options {export-stats | refresh-rate packet-refresh-rate | timeout timeout-value}

 

This command configures templates for IPv6 cache exports.

 

Configuring this command enables the  export-stats, refresh-rate and timeout-rate keywords for configuring Version 9 export options.

 

In Interface mode:

 

  1. ipv6 flow {ingress | egress}

 

This command enables accounting of  IPv6 packets arriving on an interface configured for 6PE

 

Configuring ipv6 flow ingress enables IPv6 flow capture on incoming packets.

Configuring ipv6 flow egress enables IPv6 flow capture on outgoing packets.

 

Managing NetFlow for IPv6 Statistics

 

The following show commands can be used to display the cache content and cache statistics

 

  • show ipv6 flow cache

This command displays the cache content. Sample output is shown as below:

shipv6flowcache.gif

  • show ipv6 flow export.

This command displays the export statistics.Sample output is shown below.

shipv6flowexport.gif

 

 

Related Information

NetFlow Version 9 Flow-Record Format

Cisco IOS Netflow

IPv6 - Frequently Asked Questions (FAQ)

Comments
Community Member

What version(s) of IOS are thee instruction valid for?

15.1M doesn't recognize this command set.

Hi John,

This configuration is supported till 12.4 IOS. Kindly refer to the IPv6 Flexible Netflow Configuration for configuring NetFlow for 12.4(20)T and above.

Thank you for visiting Ciso Support Community!

Thanks

Sivagami.N

Bronze

Is there an option to export NetFlow data to IPv6 address? ie. ip flow export destination "ipv6 address".

Regards,

Don Thomas

Community Member

Hi Sivagami,

what happens if the export destination is configured only for the aggregation cache but not for the main cache?

ipv6 flow-export source Loopback0

ipv6 flow-aggregation cache destination-prefix

export version 9

export destination 1.1.1.1 1111

sh ipv6 flow export

Flow export v9 is disabled for main cache

  Version 9 flow records

  Cache for destination-prefix aggregation:

  VRF ID : Default

    Destination(1)  6.6.44.100 (9876)

Are aggregate flow entries sent to the destination or is the main cache export required too?

Thanks

7797
Views
9
Helpful
4
Comments