netflow monitor

Description                                                    Enable ACOS to act as a NetFlow exporter, for monitoring traffic and exporting the data to one or more NetFlow collectors for analysis.

Syntax                                                                  [no] netflow monitor monitor-name

Default                                                                Replace monitor-name with the name of the NetFlow monitor.

This command changes the CLI to the configuration level for the specified NetFlow monitor, where the following commands are available.

Command

Description

[no] destination 
ipaddr [portnum]

Configure the destination where NetFlow records will be sent.

disable

Disable this NetFlow monitor.

[no] flow-timeout

Timeout value interval at which flow records will be periodically exported for long-lived sessions. Flow records for short-lived sessions (if any) are sent upon termination of the session.

After the specified amount of time has elapsed, the ACOS device will send any flow records to the NetFlow collector, even if the flow is still active. The flow timeout can be set to 0-1440 minutes. The flow timeout default value is 10 minutes.

Setting the timeout value to 0 disables the flow timeout feature. Regardless of how long-lived a flow might be, the ACOS device waits until the flow has ended and the session is deleted before it sends any flow records for it.

[no] protocol

Configure the version of the NetFlow protocol you want to use:

  v9 – Version 9 (default)

  v10 – Version 10

[no] record
netflow-template-type

Configure the NetFlow record types to be exported. (See the “NetFlow v9 and v10 (IPFIX)” chapter in the System Configuration and Administration Guide.)

[no] resend-template
{records num |
  timeout seconds}

Configure when to resend the NetFlow template. The trigger can be either the num­ber of records, or the amount of time that has passed.

  records – Specifies the counters by which the ACOS device resends templates to the collectors. The num can be 0-1000000. The default is 1000.

  timeout – Specifies the time between when templates are resent to the collec­tors. The num is the number of seconds and can be 0-86400. The default is 1800.

NOTE: Specifying 0 means never resend the template.

[no] sample {ethernet | global | nat-pool | ve}

Enable sampling.

Configure filters for monitoring traffic. Identify the specific type and subset of resources to monitor.

  ethernet portnum – Specify the list of Ethernet data ports to monitor. Flow information for the monitored interfaces is sent to the NetFlow collector(s).

  global – (Default) No filters are in effect. Traffic on all interfaces is monitored.

  nat-pool pool-name – NAT pool.

  ve ve-num – Specify the list of Virtual Ethernet (VE) data ports to monitor.

[no] source-address 
{
ip ipv4addr |
  ipv6 ipv6addr}

Uses the specified IP address as the source address for exported NetFlow packets. By default, the IP address assigned to the egress interface is used. This command does not change the egress port out which the NetFlow traffic is exported.

[no] source-ip-use-mgmt

Use the management interface’s IP address as the source IP for exported NetFlow packets. This command does not change the egress port out which the NetFlow traf­fic is exported.

Default                                                                Described above, where applicable.

Mode                                                                   Global configuration level

Table of Contents

Index

Glossary

-Search-

Back