Thursday 8 September 2016

NetFlow




Netflow as an application for collecting IP traffic information. CISCO compares Netflow information reports to receiving a phone bill with detailed call information to track calls, call frequency.

CISCO IOS netflow efficiently provides, a key set of services for IP applications, including network traffic accounting for baselining, usage-based network billing for consumers of network services, network planning and designing, general network security and DoS&DDoS monitoring.
Cisco use latest netflow version 9 , also know flexible netflow.

   


In this figure a host has connected to a server located in at another location. Netflow can monitor the application by counting packets, bytes send and received, and so on, and then send this information to a netflow collector.


Service providers use Netflow to do the following:

            1.)Efficiently measuring who is using network service and for which purpos
            2.) Accounting and charging back according to the resource utilizing level.
            3.)Using the measured information for more effective network planning.
            4.)Using the information to better structure and customize the set of available application.
   
   
     There are different types of analyse available to gather Netflow statistics and analyse the traffic on your network by showing following:
    
            1. Major users of network, meaning top talkers, top listener, top protocols, and so on.
            2.  Websites that are routinely visited, plus what’s been downloaded.
            3.  Who’s generating the most traffic and using excessive bandwidth.
            4.   Description of bandwidth need for an application as well as our available bandwidth.
  
IP Netflow attribute (this field is used by netflow):

Source IP address
Destination IP address
Source port number
Destination port number
Layer 3 protocol field
Types of service (ToS)marking
Input logical interface 

Configure Netflow:

There are four factors must be completed to properly implement Netflow on a router:
    1.       Configure Netflow data capture by configuring ingress (incoming) and egress (outgoing)    packets.
    2.       Configure Netflow data export by specifying the IP address of the Netflow collector and the UDP port the collector listens for.
    3.       Configure the Netflow data export version by specifying the version of netflow, with version 9 being the most current.
    4.       Verify netflow by analysing the exported data on a host running a netflow collection engine or using show command on the netflow router.

  


     To perform practical normally need a router configure with netflow and a  netflow collector (PC).

     On router(config)#interface fastethernet 0/0
                                  Ip flow ingress
                                  Ip flow egress
                                  Exit

   Router(config)# ip flow-export destination <ip of pc> 9996
                                Ip flow-export version 9
                                Ip flow-export source loopback 0
   
       For verifying:
    Router# show ip flow interface 
    Router#show ip flow export
    Router#show ip cache flow


 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)