Skip to main content
Cisco SD-WAN
Product Documentation
Viptela Documentation

Configuring Traffic Flow Monitoring on IOS XE Routers

This article provides the procedure for configuring cflowd traffic flow monitoring on IOS XE routers. Cflowd traffic flow monitoring is equivalent to Flexible Netflow (FNF).

To configure cflowd monitoring, follow these steps:

  1. Configure global flow visibility.
  2. Configure cflowd monitoring policy.

Configure Global Flow Visibility

To enable cflowd visibility globally on all SD-WAN interfaces so that you can perform traffic flowing monitoring on traffic coming to the router from all VPNs in the LAN.

In vManage NMS:

  1. Select the Configuration ► Policies Screen.
  2. Select the Localized Policy tab.
  3. Click Add Policy.
  4. Click Next to display the Configure Policy Setting screen.
  5. Click Netflow.

From the CLI:

cEdge# config-transaction
cEdge(config)# policy flow-visibility
cEdge(config-policy)# commit
Commit complete.
cEdge(config-policy)# end

Configure Cflowd Monitoring Policy

To configure policy for cflowd traffic flow monitoring, use the vManage policy configuration wizard. The wizard consists of four sequential screens that guide you through the process of creating and editing policy components:

  1. Create Applications or Groups of Interest—Create lists that group together related items and that you call in the match or action components of a policy.
  2. Configure Topology—Create the network structure to which the policy applies.
  3. Configure Traffic Rules—Create the match and action conditions of a policy.
  4. Apply Policies to Sites and VPNs—Associate policy with sites and VPNs in the overlay network.

In the first three policy configuration wizard screens, you are creating policy components or blocks. In the last screen, you are applying policy blocks to sites and VPNs in the overlay network. For the cflowd policy to take effect, you must activate the policy.

For details of the vManage configuration procedure, see the Configuring Cflowd Traffic Flow Monitoring article.

From the CLI on the vSmart controller that is controlling the IOS XE router:

  1. Configure a cflowd template to specify flow visibility and flow sampling parameters:
vSmart(config)# policy cflowd-template template-name
vSmart(config-cflowd-template)# flow-active-timeout seconds
vSmart(config-cflowd-template)# flow-inactive-timeout seconds
vSmart(config-cflowd-template)# flow-sampling-interval number
vSmart(config-cflowd-template)# template-refresh seconds
  1. Configure a flow collector:
vSmart(config-cflowd-template)# collector vpn vpn-id address ip-address port port-number transport transport-type source-interface interface-name

cEdge Routers only support UDP collector. Irrespective of which transport protocol is configured, the collector functionality on cEdge Routers is always UDP.

vEdge Routers support both UDP and TCP collectors.

  1. Configure a data policy that defines traffic match parameters and that includes the action cflowd:
vSmart(config)# policy data-policy policy-name
vSmart(config-data-policy)# sequence number
vSmart(config-sequence)# match match-parameters
vSmart(config-sequence)# action cflowd
vSmart(config-data-policy)# default-action accept
  1. Create lists of sites in the overlay network that contain the IOS XE routers to which you want to apply the traffic flow monitoring policy. To include multiple site in the list, configure multiple vpn vpn-id commands.
vSmart(config)# policy lists
vSmart(config-lists)# vpn-list list-name
vSmart(config-vpn-list)# vpn vpn-id
  1. Apply the data policy to the sites in the overlay network that contain the IOS XE routers:
vSmart(config)# apply-policy site-list list-name
vSmart(config-site-list)# data-policy policy-name
vSmart(config-site-list)# cflowd-template template-name

Display Cflowd Information

To display cflowd information, use the following commands on the IOS XE router. The syntax and output of these commands is similar to the equivalent vEdge show app cflowd commands. For example, the output of show sdwan app-fwd flows is similar to that of show app cflowd flows.

  • show sdwan app-fwd cflowd collector
  • show sdwan app-fwd cflowd flow-count
  • show sdwan app-fwd cflowd flows [vpn vpn-id] [flow-parameter]
  • show sdwan app-fwd statistics
  • show sdwan app-fwd cflowd template [name template-name]
  • Was this article helpful?