Let’s say we have a collector running like I wrote in this article – Installing and using flow-tools
Now connect to the Cisco switch, for the test, I connect to the Cisco Catalyst 6509-E.
Now go into the configuration mode:
enable
configure terminal
Enable NetFlow:
mls netflow
Specify NetFlow parameters, collector address, port and version:
mls flow ip interface-full
mls nde sender version 5
ip flow-export version 5
ip flow-export destination 192.168.1.25 555
ip flow-cache timeout active 1
Suppose you need to collect statistics from the interface vlan 995:
interface vlan 995
ip route-cache flow
exit
Done, the statistics should be sent to the collector (via the vlan interface which is closer to the collector (if there are several), and not from which statistics are collected, respectively, on the collector, you need to specify the IP correctly).
To cancel execute the commands:
interface vlan 995
no ip route-cache flow
exit
An example of viewing the age of records:
show mls netflow aging
show mls netflow table-contention detailed
You can also set the MLS aging time (default is 300 seconds), in the range 32 – 4092 seconds:
show mls netflow aging
mls aging normal 300
mls aging {fast [threshold {1-128} | time {1-128}] | long 64-1920 | normal 32-4092}
Viewing the installed mask:
show mls netflow flowmask
View collected statistics:
show mls netflow ip nowrap
show ip cache flow
show ip flow export