manualshive.com logo in svg

Cisco CNS NetFlow Collection Engine, Installation And Configuration Manual

The Installation And Configuration Manual for Cisco CNS NetFlow Collection Engine is available for free download from manualshive.com. This comprehensive manual provides step-by-step instructions on setting up and configuring the product, ensuring seamless implementation and efficient network traffic analysis.

Share
Download
background image

C H A P T E R

1-1

Cisco CNS NetFlow Collection Engine User Guide, Release 5.0.2

OL-6899-01

1

Overview

This chapter describes the CNS NetFlow Collection Engine application, which is used with the NetFlow 
services data export feature on Cisco routers and Catalyst 5000 and 6000 series switches. 

This chapter includes the following sections:

What Are NetFlow Services?

What Is CNS NetFlow Collection Engine?

CNS NetFlow Collection Engine Architectural Overview

What Are NetFlow Services?

NetFlow services consist of high-performance IP switching features that capture a rich set of traffic 
statistics exported from routers and switches while they perform their switching functions. The exported 
NetFlow data consists of traffic flows, which are unidirectional sequences of packets between a 
particular source device and destination device that share the same protocol and transport-layer 
information. The captured traffic statistics can be used for a wide variety of purposes, such as network 
analysis and planning, network management, accounting, billing, and data mining. 

Because of their unidirectional nature, flows from a client to a server are differentiated from flows from 
the server to the client. Flows are also differentiated on the basis of protocol. For example, Hypertext 
Transfer Protocol (HTTP) Web packets from a particular source host to a particular destination host 
constitute a separate flow from File Transfer Protocol (FTP) file transfer packets between the same pair 
of hosts. 

Routers and switches identify flows by looking for the following fields within IP packets: 

Source IP address

Destination IP address

Source port number 

Destination port number

Protocol type

Type of service (ToS)

Input interface

Summary of Contents for CNS NetFlow Collection Engine

Page 1: ...man Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 526 4100 Cisco CNS NetFlow Collection Engine Installation and Configuration Guide 5 0 2 February 2005 Customer Order Number N A Text Part Number OL 6900 01 ...

Page 2: ... DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES Cisco CNS NetFlow Collection Engine Installation and Configuration Guide 5 0 2 Copyright 2005 Cisco Systems Inc All rights reserved CCSP CCVP the Cisco Square Bridge logo Follow Me Bro...

Page 3: ...ized viii Command Syntax Conventions viii Obtaining Documentation viii World Wide Web viii Ordering Documentation ix Documentation Feedback ix Obtaining Technical Assistance ix Cisco com ix Technical Assistance Center x Cisco Technical Support Web Site x Cisco TAC Escalation Center xi C H A P T E R 1 Overview 1 1 What Are NetFlow Services 1 1 NetFlow Services Device and IOS Release Support 1 2 Net...

Page 4: ...HP UX Platform 2 3 Installing on a Red Hat Enterprise Linux Platform 2 7 Uninstalling CNS NetFlow Collection Engine 5 0 2 10 C H A P T E R 3 Configuring CNS NetFlow Collection Engine 3 1 Required Patches and Software Packages 3 1 UNIX Environment Variables 3 2 Enabling NetFlow Data Export 3 2 Starting CNS NetFlow Collection Engine 3 2 Verifying That CNS NetFlow Collection Engine Is Running 3 3 Net...

Page 5: ...s in this SLA shall take precedence By installing downloading accessing or otherwise using the Software Customer agrees to be bound by the terms of this SLA If Customer does not agree to the terms of this SLA Customer may not install download or otherwise use the Software When used below the term server refers to central processor unit Additional License Restrictions Installation and Use The Softw...

Page 6: ...ine Installation and Configuration Guide Release 5 0 2 OL 6900 01 Supplemental License Agreement Additional License Restrictions Description Of Other Rights and Limitations Please refer to the Cisco Systems Inc Software License Agreement ...

Page 7: ...their switching function CNS NetFlow Collection Engine provides fast scalable and economical data collection from multiple export devices exporting NetFlow data records Prior to reading this manual you should read the Release Notes for Cisco CNS NetFlow Collection Engine Release 5 0 2 document These release notes provide information about known software and documentation problems and any last minu...

Page 8: ...om Cisco Systems World Wide Web You can access the most current Cisco documentation on the World Wide Web at the following URL http www cisco com Translated documentation is available at the following URL http www cisco com public countries_languages shtml Table 1 Command Syntax Guide Convention Description boldface Commands and keywords italic Command input that is supplied by you Keywords or arg...

Page 9: ...isco at 408 527 0730 You can e mail your comments to bug doc cisco com To submit your comments by mail use the response card behind the front cover of your document or write to the following address Cisco Systems Attn Document Resource Connection 170 West Tasman Drive San Jose CA 95134 9883 We appreciate your comments Obtaining Technical Assistance Cisco provides Cisco com as a starting point for ...

Page 10: ...workaround is available Priority level 1 P1 Your production network is down and a critical impact to business operations will occur if service is not restored quickly No workaround is available Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts when applicable Cisco Technical Support Web Site The Cisco Technical Support Web Site allo...

Page 11: ...s When you contact the TAC Escalation Center with a P1 or P2 problem a Cisco TAC engineer will automatically open a case To obtain a directory of toll free Cisco TAC telephone numbers for your country go to the following URL http www cisco com warp public 687 Directory DirTAC shtml Before calling please check with your network operations center to determine the level of Cisco support services to w...

Page 12: ...xii Cisco CNS NetFlow Collection Engine Installation and Configuration Guide Release 5 0 2 OL 6900 01 About This Guide Obtaining Technical Assistance ...

Page 13: ... sequences of packets between a particular source device and destination device that share the same protocol and transport layer information The captured traffic statistics can be used for a wide variety of purposes such as network analysis and planning network management accounting billing and data mining Because of their unidirectional nature flows from a client to a server are differentiated fr...

Page 14: ...etFlow data export makes NetFlow traffic statistics available for purposes of network planning billing and so on An export device configured for NetFlow data export maintains a flow cache used to capture flow based traffic statistics Traffic statistics for each active flow are maintained in the cache and are updated when packets within each flow are switched Periodically summary traffic statistics...

Page 15: ...tches equipped with a NetFlow feature card NFFC V7 is not compatible with Cisco routers Version 8 is an enhancement that adds router based aggregation schemes Version 9 is an enhancement to support different technologies such as Multicast Internet Protocol Security IPSec and Multi Protocol Label Switching MPLS CNS NetFlow Collection Engine Release 5 0 can collect filter and aggregate Version 9 dat...

Page 16: ...of the configuration information for each export device includes the IP address and the UDP port number a logical port designator that identify CNS NetFlow Collection Engine as the receiver of flows from this export device The UDP port number is a user configurable designator you can configure CNS NetFlow Collection Engine to listen for flows on a number of different UDP ports and then configure y...

Page 17: ...hoose one or more of these aggregation schemes to customize CNS NetFlow Collection Engine for your operating context Moreover in Release 5 0 you can modify any of the predefined aggregation schemes or define your own aggregation schemes based on them You can also use filters with aggregation schemes to include or exclude certain types of NetFlow data For more information about threads aggregation ...

Page 18: ...t data and filters specified data from supported Cisco routers and switches Output is stored in files that are organized in an easy to use directory structure Web Based User Interface The Web Based User Interface is provided for configuration control status and reporting CNS XML interface events Aggregated data reports CNS integration bus Events Events NFC 5 0 Collector FTP NFS FTP Netflow NDE Rep...

Page 19: ...nd responses and unsolicited event notifications The CNS XML interface uses the CNS Integration Bus to communicate with clients Report Generator The Report Generator produces hourly and daily reports based on Collector output files by performing further aggregation of the records in these files based on criteria selected by the user BGP Peer A passive BGP peer is provided for supplementing CNS Net...

Page 20: ...1 8 Cisco CNS NetFlow Collection Engine User Guide Release 5 0 2 OL 6899 01 Chapter 1 Overview CNS NetFlow Collection Engine Architectural Overview ...

Page 21: ...supported Solaris 8 and Solaris 9 on an entry level server such as the Sun Fire 280R with 1 GHz or greater UltraSPARC III or IIIi processors HP UX Version 11i for PA RISC on an entry level server such as the rp2400 series Red Hat Enterprise Linux 2 1 or 3 ES on an entry level server such as an IBM x336 with 2 8 GHz or greater Intel Xeon processors Note that the CPU RAM and disk space recommendatio...

Page 22: ...ction Engine Unzip and untar the download file Run the installation script NFC_setup sh The CNS NetFlow Collection Engine installation script makes the installation process as easy as possible by automatically handling new and upgrade installation issues The installation script searches for files from a previously installed version of CNS NetFlow Collection Engine If it detects a previously instal...

Page 23: ...owing steps Step 1 Log into the host as root Step 2 Perform one of the following a When installing from CD ROM run setup sh in the CD ROM base directory b When downloading the image over the web Download the zipped distribution file to a directory with at least 200 MB of available space Unzip and untar the distribution with gzcat and tar gzcat download file tar xf The following files are created N...

Page 24: ... cisco com wwl export crypto tool stqrg html If you require further assistance please contact us by sending email to export cisco com Press Return to continue Step 3 Press return when prompted after the banner page is displayed Step 4 Unlike earlier releases of the CNS Netflow Collection Engine programs are not installed with setuid to bin permission Therefore you must select an existing user ID a...

Page 25: ...the system the pkgrm program prompts whether to remove the previously installed package Enter y The following package is currently installed CSCOnfc Cisco CNS NetFlow Collection Engine Solaris2 8 5 0 standard image build 23 Do you want to remove this package y Step 7 The pkgadd program prompts whether to install the new package to which you should press return or specify all The following packages...

Page 26: ...1 and option 2 is selected a migration script is run to automatically migrate minor changes in the XML configuration format for release 5 0 2 Before the migration the following is displayed Preparing to migrate 5 0 5 0 1 configuration Please carefully note any instructions given during the migration since some configuration options have changed in this release After the migration the following is ...

Page 27: ...nstallation session is saved in opt CSCOnfc logs nfc_install log Note When CNS Netflow Collection Engine is uninstalled from the system you must remove these files yourself after the uninstall completes Installing on a Red Hat Enterprise Linux Platform Note When reinstalling the same or an earlier version of CNS Netflow Collection Engine than is currently installed on a Red Hat Enterprise Linux pl...

Page 28: ...llustrates these steps The installation script is invoked while logged in as root NFC_setup sh CSCOnfc 5 0 4 standard i386 rpm Thu Mar 4 15 58 12 EST 2004 NFC_setup sh CSCOnfc 5 0 4 standard i386 rpm CNS Netflow Collection Engine 5 0 2 standard image build 4 Copyright c 2003 2005 by Cisco Systems Inc All rights reserved This product contains cryptographic features and is subject to United States a...

Page 29: ...t be resolved automatically In that case refer to details about configuration format updates introduced in CNS Netflow Collection Engine Release 5 0 2 in the Release Notes for Cisco CNS NetFlow Collection Engine 5 0 2 Step 5 Unlike earlier releases of the CNS Netflow Collection Engine programs are not installed with setuid to bin permission As a result you must select an existing userid as the own...

Page 30: ...n guide to determine how this value is updated This value should be at least the maximum size specified for the collector process as described in the Tuning Memory Usage section on page 4 26 in the Cisco CNS NetFlow Collection Engine User Guide The new package is then installed Starting FlowCollector Install FlowCollector installation completed successfully The record of this installation session ...

Page 31: ... Patches and Software Packages Solaris Platform On the Solaris platform the following patch should be installed on the system prior to running CNS NetFlow Collection Engine 32 Bit Shared library patch for C 108434 13 or later for Solaris 8 111711 06 or later for Solaris 9 Solaris patches can be downloaded at http sunsolve sun com Red Hat Enterprise Linux Platform On Red Hat Enterprise Linux platfo...

Page 32: ...etFlow Collection Engine installation UDP ports 9995 and 9996 are automatically configured as the UDP ports CNS NetFlow Collection Engine uses to receive NetFlow exported data Enable NetFlow data export For information on Cisco IOS software features related to NetFlow services on Cisco routers see the Cisco IOS software configuration guides and command references For information on specific config...

Page 33: ...Files Table 3 1 displays all of the configuration files used by CNS NetFlow Collection Engine Table 3 1 CNS NetFlow Collection engine Configuration Files File Directory Description nfcmem opt CSCOnfc config Memory limits for each collector process nfc config xml opt CSCOnfc config Collector configuration file for the user specific configuration nfc config predefined xml opt CSCOnfc config Collecto...

Page 34: ... Collection Engine enter the following command to stop the CNS NetFlow Collection Engine application opt CSCOnfc bin nfcollector shutdown To immediately and ungracefully stop all CNS NetFlow Collection Engine processes enter the following command opt CSCOnfc bin nfcollector clean Caution The nfcollector clean command does not gracefully stop the system Any and all CNS NetFlow Collection Engine fun...

Page 35: ...starting 3 2 stopping 3 4 uninstalling 2 10 Collector subsystem NFCollector 1 6 command conventions viii compatibility IOS software 1 2 conventions command viii D data export compatibility matrix 1 2 format 1 3 mechanism 1 2 F flow cache 1 2 flows defined 1 1 H HP UX installation 2 3 system requirements 2 1 I IP address for configuration 1 4 IP packets 1 1 L Linux installation 2 7 required softwar...

Page 36: ...ws description 1 1 traffic statistics information types 1 3 U UDP exporting NetFlow data to port 1 4 port number configuration 1 4 uninstall 2 10 UNIX environment variables 3 2 V Version 1 NetFlow export datagram description 1 3 Version 5 NetFlow export datagram description 1 3 Version 7 NetFlow export datagram description 1 3 Version 8 NetFlow export datagram description 1 3 Version 9 NetFlow exp...

Reviews:

No comments

Related manuals for CNS NetFlow Collection Engine

Nortel CC MIS User Manual preview
CC MIS
Brand: Nortel Pages: 374
ProfiNet ProfinetCommander User Manual preview
ProfinetCommander
Brand: ProfiNet Pages: 25
COMPRO COMPRODVD2 User Manual preview
COMPRODVD2
Brand: COMPRO Pages: 18
AVG 8.5 EMAIL SERVER EDITION - V 85.4 User Manual preview
8.5 EMAIL SERVER EDITION - V 85.4
Brand: AVG Pages: 52
MACROMEDIA COLDFUSION STUDIO 4.5-USING COLDFUSION... Use Manual preview
COLDFUSION STUDIO 4.5-USING COLDFUSION...
Brand: MACROMEDIA Pages: 236
Teklynx Discover ActiveX Programmer'S Manual preview
Discover ActiveX
Brand: Teklynx Pages: 165
MACROMEDIA FLASH 8-USING FLASH VIDEO ENCODER Use Manual preview
FLASH 8-USING FLASH VIDEO ENCODER
Brand: MACROMEDIA Pages: 30
Art & Logic DMF-560TX Brochure preview
DMF-560TX
Brand: Art & Logic Pages: 2
ACTi Network Video Recorder User Manual preview
Network Video Recorder
Brand: ACTi Pages: 132
M-Audio Torq Conectiv User Manual preview
Torq Conectiv
Brand: M-Audio Pages: 88
Janome AcuFil Tips And Tricks Manual preview
AcuFil
Brand: Janome Pages: 6
IBM Keyboard Optimizer User Manual preview
Keyboard Optimizer
Brand: IBM Pages: 5
FARONICS ANTI-VIRUS Getting Started Manual preview
ANTI-VIRUS
Brand: FARONICS Pages: 4
LinPlug SaxLab User Manual preview
SaxLab
Brand: LinPlug Pages: 40
LinPlug RMV Reference Manual preview
RMV
Brand: LinPlug Pages: 154
KIP PrintNET 7.X Enterprise Operation Manual preview
PrintNET 7.X Enterprise
Brand: KIP Pages: 37
Waves Dynamics Processor MV2 User Manual preview
Dynamics Processor MV2
Brand: Waves Pages: 13
Xerox SMARTsend 2.0 Brochure preview
SMARTsend 2.0
Brand: Xerox Pages: 4

Brands by name

Popular brands

Load more brands