This article provides the procedure for configuring cflowd traffic flow monitoring on IOS XE routers. Cflowd traffic flow monitoring is equivalent to Flexible Netflow (FNF).
To configure cflowd monitoring, follow these steps:
- Configure global flow visibility.
- Configure cflowd monitoring policy.
Configure Global Flow Visibility
To enable cflowd visibility globally on all SD-WAN interfaces so that you can perform traffic flowing monitoring on traffic coming to the router from all VPNs in the LAN.
In vManage NMS:
- Select the Configuration ► Policies Screen.
- Select the Localized Policy tab.
- Click Add Policy.
- Click Next to display the Configure Policy Setting screen.
- Click Netflow.
From the CLI:
cEdge# config-transaction cEdge(config)# policy flow-visibility cEdge(config-policy)# commit Commit complete. cEdge(config-policy)# end cEdge#
Configure Cflowd Monitoring Policy
To configure policy for cflowd traffic flow monitoring, use the vManage policy configuration wizard. The wizard consists of four sequential screens that guide you through the process of creating and editing policy components:
- Create Applications or Groups of Interest—Create lists that group together related items and that you call in the match or action components of a policy.
- Configure Topology—Create the network structure to which the policy applies.
- Configure Traffic Rules—Create the match and action conditions of a policy.
- Apply Policies to Sites and VPNs—Associate policy with sites and VPNs in the overlay network.
In the first three policy configuration wizard screens, you are creating policy components or blocks. In the last screen, you are applying policy blocks to sites and VPNs in the overlay network. For the cflowd policy to take effect, you must activate the policy.
For details of the vManage configuration procedure, see the Configuring Cflowd Traffic Flow Monitoring article.
From the CLI on the vSmart controller that is controlling the IOS XE router:
- Configure a cflowd template to specify flow visibility and flow sampling parameters:
vSmart(config)# policy cflowd-template template-name vSmart(config-cflowd-template)# flow-active-timeout seconds vSmart(config-cflowd-template)# flow-inactive-timeout seconds vSmart(config-cflowd-template)# flow-sampling-interval number vSmart(config-cflowd-template)# template-refresh seconds
- Configure a flow collector:
vSmart(config-cflowd-template)# collector vpn vpn-id address ip-address port port-number transport transport-type source-interface interface-name
cEdge Routers only support UDP collector. Irrespective of which transport protocol is configured, the collector functionality on cEdge Routers is always UDP.
vEdge Routers support both UDP and TCP collectors.
- Configure a data policy that defines traffic match parameters and that includes the action cflowd:
vSmart(config)# policy data-policy policy-name vSmart(config-data-policy)# sequence number vSmart(config-sequence)# match match-parameters vSmart(config-sequence)# action cflowd vSmart(config-data-policy)# default-action accept
- Create lists of sites in the overlay network that contain the IOS XE routers to which you want to apply the traffic flow monitoring policy. To include multiple site in the list, configure multiple vpn vpn-id commands.
vSmart(config)# policy lists vSmart(config-lists)# vpn-list list-name vSmart(config-vpn-list)# vpn vpn-id
- Apply the data policy to the sites in the overlay network that contain the IOS XE routers:
vSmart(config)# apply-policy site-list list-name vSmart(config-site-list)# data-policy policy-name vSmart(config-site-list)# cflowd-template template-name
Display Cflowd Information
To display cflowd information, use the following commands on the IOS XE router. The syntax and output of these commands is similar to the equivalent vEdge show app cflowd commands. For example, the output of show sdwan app-fwd flows is similar to that of show app cflowd flows.
- show sdwan app-fwd cflowd collector
- show sdwan app-fwd cflowd flow-count
- show sdwan app-fwd cflowd flows [vpn vpn-id] [flow-parameter]
- show sdwan app-fwd statistics
- show sdwan app-fwd cflowd template [name template-name]