The Cisco Catalyst 2960-CX/3560-CX Series Switches are the next generation of the world’s most widely deployed access switches, providing Layer 2 and Layer 3 access features. Designed for operational simplicity to lower TCO, this platform also offers superior security capabilities. Also, the Cisco Catalyst Compact Switches easily extend your Catalyst switching infrastructure outside the wiring closet to enable new workspaces, extend wireless LANs, and connect PoE devices. These fanless, small form-factor switches are ideal for space-constrained deployments where multiple cables runs would be challenging. Today, I am going to explain how to configure NetFlow on the Catalyst 2960-CX/3560-CX.
Enabling NetFlow Lite on the Catalyst 2960-CX/3560-CX
Step 1: Create a flow record
flow record flow-mon match datalink ethertype match datalink mac source address input match datalink mac destination address input match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect transport tcp flags collect interface input collect interface output collect flow sampler collect counter bytes long collect counter packets long collect timestamp sys-uptime first collect timestamp sys-uptime last ! !
Step 2: Create a flow exporter
flow exporter export-to-inside description flexible NF destination 10.1.4.66 source Vlan1 transport udp 2002 template data timeout 60 option interface-table option exporter-stats option sampler-table timeout 60 option application-table ! !
Step 3: Create a flow monitor
flow monitor myflowmon exporter export-to-inside cache timeout active 60 statistics packet protocol record flow-mon ! !
Step 4: Apply the flow monitor to each interface
! we are using random sampling because it is the most statistically accurate of the two. sampler my-random-sampler mode random 1 out-of 100 interface GigabitEthernet0/1 ip flow monitor myflowmon sampler my-random-sampler input interface GigabitEthernet0/7 ip flow monitor myflowmon sampler my-random-sampler input
Enabling NetFlow on the Catalyst 2960-CX/3560-CX for Performance Monitoring
Step 1: Create a flow record for performance monitoring
flow record type performance-monitor TCP match ipv4 protocol match ipv4 source address match ipv4 source prefix match ipv4 destination address match ipv4 destination prefix match transport source-port match transport destination-port match interface input match interface output match flow direction collect routing forwarding-status collect ipv4 dscp collect ipv4 ttl collect ipv4 source mask collect ipv4 destination mask collect transport round-trip-time collect transport event packet-loss counter collect transport tcp flags collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last collect timestamp interval collect application media bytes counter collect application media packets rate collect application media event collect policy performance-monitor classification hierarchy ! ! flow record type performance-monitor RTP match ipv4 protocolmatch ipv4 source address match ipv4 prefix match ipv4 destination address match ipv4 destination prefix match transport source-port match transport destination-port match transport rtp ssrc match interface input match interface output match flow direction collect routing forwarding-status collect ipv4 dscp collect ipv4 ttl collect ipv4 source mask collect ipv4 destination mask collect transport packets expected counter collect transport packets lost counter collect transport packets lost rate collect transport event packet-loss counter collect transport rtp jitter mean collect transport rtp jitter minimum collect transport rtp jitter maximum collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last collect timestamp interval collect application media bytes counter collect application media bytes rate collect application media packets counter collect application media packets rate collect application media event ! !
Step 2: Create a flow exporter
flow exporter export-to-inside description flexible NF destination 10.1.4.66 source Vlan1 transport udp 2002 template data timeout 60 option interface-table option exporter-stats option sampler-table timeout 60 option application-table ! !
Step 3: Create Performance Monitoring flow monitor
flow monitor type performance-monitor TCP destination TCP stats record TCP exporter export-to-inside cache entries 10000 cache timeout synchronized 60 ! ! flow monitor type performance-monitor RTP description RTP stats record RTP export-to-inside cache entries 10000 cache timeout synchronized 60 ! ! flow monitor myflowmon exporter export-to-inside cache timeout active 60 statistics packet protocol record flow-mon ! !
Step 4: Create a policy map that defines what monitors will be monitoring different types of traffic
policy-map type performance-monitor RTPMON description RTP stats class realtime flow monitor RTP monitor metric rtp min-sequential 10 max-dropout 10 max-reorder 10 ssrc maximum 10 monitor metric ip-cbr rate layer3 packet 500 class tcpclass flow monitor TCP
Step 5: Add Service Policy to interfaces where performance monitors are desired
interface GigabitEthernet0/1 service-policy type performance-monitor input RTPMON interface GigabitEthernet0/7 service-policy type performance-monitor input RTPMON
If you have any questions getting NetFlow running, reach out to our support team.