Enterasys Matrix DFE-Gold Series

944 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Configuring NetFlow

15-2 NetFlow Configuration

•IthasaccumulatedthemaximumnumberofNetFlowrecordsperpacket,whichis30,or

•Ithasaccumulatedfewerthan30NetFlowrecordsandtheactiveflowtimerhasexpired,or

•Theflowexpires(agesoutorisinvalidated).

Version Support

TheEnterasysMatrixDFEfirmwaresupportsNetFlowVersion5and Version9.Formore

informationaboutVersion9dataexportformat,refertoRFC3954,“CiscoSystemsNetFlow

ServicesExportVersion9.”

WhentransmittingNetFlowVersion5reports,theDFEbladeuses“netflowinterface”indexes.

NormallythesewouldbeactualMIB‐

2ifIndexvalues,buttheVersion5recordformatlimitsthe 

valuesto2bytes,whichisnotsufficienttohold4byteifIndexes.NetFlowcollectorapplications

thatusethein/outinterfaceindexestogatherSNMPdataabouttheinterface(suchasifName)

musttranslatetheinterfaceindexesusingtheEnterasys

MIBetsysNetflowMIB

(1.3.1.6.1.4.1.5624.1.2.61).

NetFlowVersion9recordsgeneratedbyDFEbladesusetrueMIB‐2ifIndexvaluessincethe

templatemechanismpermitstransmissi on of4byteifIndexes.Version9alsouses8bytepacket

andbytecounters,sotheyarelesslikelytorollover.Checkwithyourcollectorproviderto



determineiftheyprovidethenecessarysupport.

ThecurrentVersion9implementation:

•Doesnotsupportaggregationcaches

•Provides4predefinedtemplates.Theappropriatetemplateisselectedforeachflow

dependingonwhethertheflowisroutedorswitched,andwhetheritisaTCP/UDPpacketor

not.

Version9templatesarere‐

transmittedwhen:

•Thetimeoutisreached.Thedefaultis30minutesbutisuserconfigurableusingtheset

netflowtemplatetimeoutcommand(“setnetflowtemplate”onpage 15‐9).

Templatesaresentfromeverybladewhenthetimeoutisreached.

•Thepacketrefreshrateisreached.Thedefaultisevery20packets,

butisuserconfigurable

usingthesetnetflowtemplaterefresh‐ratecommand(“setnetflowtemplate”onpage 15‐9).

Templatesaresentasaresultoftherefreshratebyeachblade,sinceeachbladehandlesitʹsown

packettransmission.Forflowgenerationandprocessingefficiencyreasons,Enterasys

recommends

thatcustomersconfiguretheirEnterasysMatrixsy stemssothattemplatesarenot

generatedmoreoftenthanoncepersecond,asaminimum.Formoreinformationaboutsetting

therefreshrate,seetheUsagediscussionin“setnetflowtemplate”onpage 15‐9.

Commands

Note: A flow is a unidirectional sequence of packets having a set of common properties, travelling

between between a source and a destination endpoint. A flow is created on the Enterasys Matrix

device when the MAC destination address of a packet is learned on a port and torn down when

either it ages out or it is explicitly torn down by the firmware.

For information about... Refer to page...

show netflow 15-3

set netflow cache 15-4

Table of Contents

Related product manuals

Preview: Enterasys Matrix 2G4072-52

Enterasys Matrix 2G4072-52

Preview: Enterasys Matrix E1 1H582-51

Enterasys Matrix E1 1H582-51

Enterasys Matrix E1 1G694-13

Preview: Enterasys Matrix-V V2H124-24

Enterasys Matrix-V V2H124-24

Preview: Enterasys C3G124-24

Enterasys C3G124-24

Preview: Enterasys B5G124-24

Enterasys B5G124-24

Enterasys A4H124-48P

Preview: Enterasys B5G124-24P2

Enterasys B5G124-24P2

Preview: Enterasys SecureStack C2

Enterasys SecureStack C2

Enterasys SSA-G1018-0652

Preview: SecureStack B3 B3G124-24P

SecureStack B3 B3G124-24P

Preview: SecureStack B2 B2G124-48P

SecureStack B2 B2G124-48P