Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Netflow Michael Lin.

Published byMargaretMargaret Beasley Modified over 8 years ago

Similar presentations

Presentation on theme: "1 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Netflow Michael Lin."— Presentation transcript:

1 1 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Netflow Michael Lin

2 2 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Agenda What Is NetFlow? Application Discussion What’s New and Road Map Quickie on SLM/SAA—NetFlow Vision

3 3 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 NetFlow Components What Is NetFlow? 3 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3

4 4 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 NetFlow Enables NetFlow statistics empowers users with the ability to characterize their IP data flows The who, what, where, when, and how much IP traffic questions are answered Usage-Based Billing Traffic Analysis and Monitoring for Network Planning Router Feature Acceleration Router Feature Acceleration

5 5 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 NetFlow’s Value NetFlow enables IP traffic flow analysis without probes Offers a rich data set to be mined for network management, traffic engineering, and value-added service offerings (i.e. marketing data, personal NMS data) Increasing margins on existing Cisco infrastructure is possible and economical with NetFlow usage based billing

6 6 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Flow-Based Analysis 1. Source Address 2. Destination Address 3. Source Port 4. Destination Port 5. Layer 3 Protocol 6. TOS Byte (DSCP) 7. Input Interface 1. Source Address 2. Destination Address 3. Source Port 4. Destination Port 5. Layer 3 Protocol 6. TOS Byte (DSCP) 7. Input Interface Seven Keys Define a Flow: NetFlow Data Exported

7 7 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Source IP Address Destination IP Address Source IP Address Destination IP Address Next Hop Address Source AS Number Dest. AS Number Source Prefix Mask Dest. Prefix Mask Next Hop Address Source AS Number Dest. AS Number Source Prefix Mask Dest. Prefix Mask Input Interface Port Output Interface Port Input Interface Port Output Interface Port Type of Service TCP Flags Protocol Type of Service TCP Flags Protocol Packet Count Byte Count Packet Count Byte Count Start Timestamp End Timestamp Start Timestamp End Timestamp Source TCP/UDP Port Destination TCP/UDP Port Source TCP/UDP Port Destination TCP/UDP Port Usage QoS Time of Day Application Routing and Peering Port Utilization From/To NetFlow Data Record

8 8 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Configuring NetFlow in 12.0 code (partial command list) Enable an interface for flow switching ip route-cache flow Set the export destination ip flow-export destination ip flow-export version [origin-as | peer-as] Set as 5, it is 1 by default. Set the source address to use for export packets ip flow-export source default is the ip address of the interface with the best route to the destination (collection device) ip flow-cache feature-accelerate show ip cache flow Router Based Aggregation ip flow-aggregation cache cache timeout active [15 minutes is the default] sh ip cache flow aggregation export destination enable

9 9 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 NetFlow Infrastructure Network Data Analyzer: Data Presentation NFC Control and Configuration Partner Applications NetFlow Accounting: Data Switching Data Export Data Aggregation NetFlow FlowCollector: Data Collection Data Filtering Data Aggregation Data Storage File System Management RMON Probe Accounting/Billing Network Planning

10 10 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Platform Support in Cisco IOS ® Release 12.0T and 12.0S Cisco GSR 12.0(6)S Cisco GSR 12.0(6)S Cisco MGX ™ 8850/ Cisco BPX8650 Cisco MGX ™ 8850/ Cisco BPX8650 Cisco 7200/ 7500/ uBR7200 Available Since 11.1CC/CA Cisco 7200/ 7500/ uBR7200 Available Since 11.1CC/CA Cisco 1720 Cisco 2500/ 2600 Cisco 3600 Cisco AS5300/ 5800 Cisco 4500/ 4700 Cisco 1400/ 1600 Cisco 1400/ 1600 Catalyst ® 5000/6000 with NFFC

11 11 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 NetFlow FlowCollector Flow record reception Data volume reduction Filtering Aggregation Flat file, binary, and/or compressed file storage File cleanup Solaris and HP-UX Applications NetFlow FlowCollector

12 12 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Network Data Analyzer Graphical display of NetFlow data Consumes from NetFlow FlowCollector(s) Time-based analysis ands data sorting Configure routers and FlowCollectors Histograms, bar charts, and pie charts Spreadsheet data export NetFlow FlowCollectors NetFlow FlowCollectors NetFlow FlowAnalyzer NetFlow FlowAnalyzer

13 13 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Applications 13 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3

14 14 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 NetFlow Users E-commerce companies Large and medium enterprises ISPs of all sizes CLECs Service providers

15 15 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Applications Mine NetFlow Data and Find: Who are my top N talkers What percentage of traffic are they? How many users are on the network at any given time? When will upgrades effect the least number of users? How long do my users surf? Where do they go? Where did they come from? Are users staying within an acceptable usage policy (AUP)? Alarm DOS attacks like smurf, fraggle, and SYN flood Will watch for these attacks destined for anywhere or coming from anywhere!

16 16 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Public Routers 1, 2, 3 Month of September—Outbound Traffic Used For Traffic Engineering and Capacity Planning 20% 32% 4% 6% 8% 10% 1% 2% 1%

17 17 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Web Hosting and ASP Users Up-sale opportunities Larger and more servers needed More bandwidth into location Sell value-added services Marketing data Usage-based billing Use this Valuable Information:

18 18 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 IP Accounting/Billing Many Different Flavors! Flat-rate billing doesn’t always scale Competitive pricing models can be created with usage-based billing Usage-based billing considerations Time of dayWithin my network or off ApplicationDistance-based QoS/CoSBandwidth usage Transit or peerData transferred Traffic class (i.e. going through a secure tunnel, high-speed link, or special arrangement)

19 19 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 POP NetFlow Data Collection Carrier A Carrier Z Network Core Edge Aggregation NFC Access Devices Head End, MUX, Customers, Routers??? Access Devices Head End, MUX, Customers, Routers???

20 20 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Server Farm—Access Router Carrier ACarrier X Server NFC

21 21 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Metered Service Collector Can Be at Customer Site or POP Depending on POP Ownership/Co-Location Issues On-net Internet Off-net NFC

22 22 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Road Map Direction 22 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3

23 23 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Charter Built in IP Accounting Mechanism MPLS support Multicast support

24 24 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Recent Deliveries and Roadmap Scalability Sampled NetFlow for GSR (Engine 0 and 1) Minimum prefix RBA/TOS support Availability ifIndex persistence Redundant data streams MPLS support Phase 1 egress PE only and no label information provided Phase 2, MPLS details—definition phase 12.0(11)S 12.1(2)T 12.0(11)S 12.1(2)T August EFT August EFT 12.1(2)T 12.0(11)S 12.1(4)T 12.0(11)S 12.1(4)T 12.0(10)ST

25 25 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Partnership 25 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3

26 26 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Infrastructure NetFlow Partners Mediation Traffic Analysis Traffic Analysis Billing Consulting * Bought by Amdocs

27 27 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3

28 28 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 NetFlow Platform Support (Not Presented) *Support for NetFlow Export v1, v5, and v8 on 1600 and 2500 platforms is targeted for Cisco IOS software release 12.0(5)T. NetFlow support for these platforms will not be available in the Cisco IOS 12.0 mainline release. Cisco IOS ™ Software Release Version Supported NetFlow Export Version(s) Supported Cisco Hardware Platforms 11.1CA, 11.1CC 11.2, 11.2P 11.2P 11.3, 11.3T 12.0 12.0T 12.0S 12.0(3)T and later 12.0(3)S and later 12.04XE N/A 12.0(6)S 11.1CA, 11.1CC 11.2, 11.2P 11.2P 11.3, 11.3T 12.0 12.0T 12.0S 12.0(3)T and later 12.0(3)S and later 12.04XE N/A 12.0(6)S v1, v5 v1 v1, v5 v1, v5, v8 v7 v8 v1, v5 v1 v1, v5 v1, v5, v8 v7 v8 7200, 7500, RSP7000 Route Switch Module (RSM), 11.2(10)P and later 7200, 7500, RSP7000 1720, 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM 1720, 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM, MGX 8800 RPM, BPX 8600 1400*, 1600*, 1720, 2500*,2600, 3600, 4500, 4700, AS5800, AS5300**, 7200, uBR7200, 7500, RSP7000, RSM, MGX8800 RPM, BPX 8650 7100 Catalyst 5K NetFlow Feature Card (NFFC) Catalyst 6K with MSFC card 12000 7200, 7500, RSP7000 Route Switch Module (RSM), 11.2(10)P and later 7200, 7500, RSP7000 1720, 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM 1720, 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM, MGX 8800 RPM, BPX 8600 1400*, 1600*, 1720, 2500*,2600, 3600, 4500, 4700, AS5800, AS5300**, 7200, uBR7200, 7500, RSP7000, RSM, MGX8800 RPM, BPX 8650 7100 Catalyst 5K NetFlow Feature Card (NFFC) Catalyst 6K with MSFC card 12000 **Support for NetFlow Export v1, v5, and v8 on AS5300 platform is targeted for Cisco IOS software release 12.0(7)XR.

Download ppt "1 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Netflow Michael Lin."

Similar presentations

NETFLOW & NETWORK-BASED APPLICATION RECOGNITION

NETFLOW & NETWORK-BASED APPLICATION RECOGNITION
Network Monitoring and Security Nick Feamster CS 4251 Spring 2008.

Network Monitoring and Security Nick Feamster CS 4251 Spring 2008.
Geneva, 24 March 2011 Cisco experiences of IP traffic flow measurement and billing with NetFlow Benoit Claise, Distinguished Engineer, Cisco ITU-T Workshop.

Geneva, 24 March 2011 Cisco experiences of IP traffic flow measurement and billing with NetFlow Benoit Claise, Distinguished Engineer, Cisco ITU-T Workshop.
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
ICmyNet.Flow Network Traffic Analysis System If You Want to See Your Net www.icmynet.com.

ICmyNet.Flow Network Traffic Analysis System If You Want to See Your Net
Addition of Virtual Interfaces in NetFlow Probe for the NetFPGA Muhammad Shahbaz Zaheer Ahmed Habibullah Jamal Asrar Ashraf Nadeem Yousaf Raania.

Addition of Virtual Interfaces in NetFlow Probe for the NetFPGA Muhammad Shahbaz Zaheer Ahmed Habibullah Jamal Asrar Ashraf Nadeem Yousaf Raania.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
Delivery and Forwarding of

Delivery and Forwarding of
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.

Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
1 © 2003 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco IOS NetFlow and Service Assurance Agent Paul Kohler ITD Product.

1 © 2003 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco IOS NetFlow and Service Assurance Agent Paul Kohler ITD Product.
Monitoring a Large-Scale Network: Selecting the Right Tool Sayadur Rahman United International University & Network Manager, Financial Service.

Monitoring a Large-Scale Network: Selecting the Right Tool Sayadur Rahman United International University & Network Manager, Financial Service.
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
NetFlow Analyzer Drilldown to the root-QoS Product Overview.

NetFlow Analyzer Drilldown to the root-QoS Product Overview.
Network Management: Accounting and Performance Strategies - Graphically Rich Book Network Management: Accounting and Performance Strategies by Benoit Claise.

Network Management: Accounting and Performance Strategies - Graphically Rich Book Network Management: Accounting and Performance Strategies by Benoit Claise.
Netflow Overview PacNOG 6 Nadi, Fiji. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation –Cisco.

Netflow Overview PacNOG 6 Nadi, Fiji. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation –Cisco.
Experiences in Analyzing Network Traffic Shou-Chuan Lai National Tsing Hua University Computer and Communication Center Nov. 20, 2003.

Experiences in Analyzing Network Traffic Shou-Chuan Lai National Tsing Hua University Computer and Communication Center Nov. 20, 2003.
TUNDRA The Ultimate Netflow Data Realtime Analysis Jeffrey Papen Yahoo! Inc.

TUNDRA The Ultimate Netflow Data Realtime Analysis Jeffrey Papen Yahoo! Inc.

Similar presentations

Ads by Google