Child pages
  • Router basic configuration for opFlow
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Netflow Daemon Listening UDP Port

Currently the default port for opFlow listening for Netflow data is UDP 12345.  This can be changed in the /usr/local/etc/flowd.conf file if required.

Sample Cisco Netflow Configuration

The following is a basic Cisco Router configuration for telling the router to send Netflow data to the opFlow.

! this command is optional, this will flow data about in-progress flows, very handy for large file transfers.
ip flow-cache timeout active 1
! version can be 5 or 9 with 9 add IPV4 template
ip flow-export version 5 
ip flow-export destination <opflow_server> 12345
!
interface FastEthernet0/0
 !only if you want output traffic
 ip flow ingress
 !only if you want input traffic
 ip flow egress

 

 

Sample Juniper J-Flow Configuration for SRX

J-FLow version 5 example (IPV4 only)

To keep things simple if you are only looking at IPV4 traffic then use Version 5 J-Flow example below.  As shown

interfaces {                            
    ge-0/0/0 {                          
        unit 0 {                        
            family inet {               
                sampling {              
                    input;              
                    output;  
                    
forwarding-options {                    
    sampling {                          
        input {                         
            rate 100;     
####   This means 1 in every 100 packets is sampled  DO NOT reduce this to 1 unless the router is very lightly loaded.                 
        }                               
        family inet {                   
            output {                    
                flow-server 192.168.1.1 {
                    port 12345;         
                    version 5; 
###  Version 5 is simplest but only supports IPV4      
                }                       
            }                           
        }                               
    }                                   
}

 

 

J-FLow version 9

J-FLow version 9 supports other protocols such as IPV6 and MPLS .  To get good results we recommend you still only use a template for IPV4 with Version 9.  There are some subtle differences with the SRX models for the config so please refer to J-Flow SRX version 9 Config Examples

 

 


  • No labels