Netflow¶
Netflow is a network protocol developed by Cisco to collect IP network traffic information when it enters and exits a specific interface. It can also monitor network flow.
VyOS Commands¶
VyOS features a portfolio of various flow-accounting tools. For the lab, NetFlow v5 is sufficient to answer the questions in the lab. For a full description with example configurations, see VyOS Documentation.
Example-commands: | Command | Explanation | |---------|-------------| | set system flow-accounting interface INTERFACE | Activates flow-accounting for a specific interface. This starts the collection of flows. | | set system flow-accounting netflow engine-id XXX | Sets an engine-id for the running NetFlow process. | | set system flow-accounting netflow version X | Sets the version of the netflow communication. | | set system flow-accounting netflow server X.X.X.X port YYYY | Sets the destination netflow will send flows to. | | set system flow-accounting netflow timeout expiry-interval SECONDS | Sets the interval of which flow-exports are sent to the collector | | set system flow-accounting netflow timeout max-active-life SECONDS | Maximum life of a flow, before it is exported in the next exporting task |
Cisco commands¶
| Command | Explanation |
|---|---|
| ip flow-export source |
Sets the source interface for exporting NetFlow data |
| ip flow-export destination |
Sets the destination for exporting NetFlow data |
| ip flow-cache timeout active 1 | Sets the active flow timeout to 1 minute in NetFlow |