1 © 2000, Cisco Systems, Inc. 2218 1203_05_2000_c3 Netflow Michael Lin.

Slides:



Advertisements
Similar presentations
NETFLOW & NETWORK-BASED APPLICATION RECOGNITION
Advertisements

Network Monitoring and Security Nick Feamster CS 4251 Spring 2008.
Geneva, 24 March 2011 Cisco experiences of IP traffic flow measurement and billing with NetFlow Benoit Claise, Distinguished Engineer, Cisco ITU-T Workshop.
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 1: Introduction to Scaling Networks
ICmyNet.Flow Network Traffic Analysis System If You Want to See Your Net
Addition of Virtual Interfaces in NetFlow Probe for the NetFPGA Muhammad Shahbaz Zaheer Ahmed Habibullah Jamal Asrar Ashraf Nadeem Yousaf Raania.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
Delivery and Forwarding of
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
1 © 2003 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco IOS NetFlow and Service Assurance Agent Paul Kohler ITD Product.
Monitoring a Large-Scale Network: Selecting the Right Tool Sayadur Rahman United International University & Network Manager, Financial Service.
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
NetFlow Analyzer Drilldown to the root-QoS Product Overview.
Network Management: Accounting and Performance Strategies - Graphically Rich Book Network Management: Accounting and Performance Strategies by Benoit Claise.
Netflow Overview PacNOG 6 Nadi, Fiji. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation –Cisco.
Experiences in Analyzing Network Traffic Shou-Chuan Lai National Tsing Hua University Computer and Communication Center Nov. 20, 2003.
TUNDRA The Ultimate Netflow Data Realtime Analysis Jeffrey Papen Yahoo! Inc.
1 Netflow 6/12/07. 2 Overview Why use netflow? What is a flow? Deploying Netflow Performance Impact.
Network Monitoring School of Electronics and Information Kyung Hee University. Choong Seon HONG Selected from ICAT 2003 Material of James W. K. Hong.
1 Version 3.1 Module 4 Learning About Other Devices.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:
Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.
NetfFow Overview SANOG 17 Colombo, Sri Lanka. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation.
Copyright © 2002 OSI Software, Inc. All rights reserved. PI-NetFlow and PacketCapture Eric Tam, OSIsoft.
Network Flow-Based Anomaly Detection of DDoS Attacks Vassilis Chatzigiannakis National Technical University of Athens, Greece TNC.
Copyright ©Universalinet.Com, LLC 2009 Implementing Secure Converged Wide Area Networks ( ISCW) Take-Aways Course 1: Cable (HFC) Technologies.
1 Course Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. Cisco CNS NetFlow Collection Engine Version 5.0.
Traffic Engineering for ISP Networks Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.
Module 4: Designing Routing and Switching Requirements.
POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 5. Passive Monitoring Techniques.
EMEA Partners XTM Network Training
© 2002, Cisco Systems, Inc. All rights reserved. NetFlow Overview, 2/03.
NetFlow: Digging Flows Out of the Traffic Evandro de Souza ESnet ESnet Site Coordinating Committee Meeting Columbus/OH – July/2004.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Identifying Application Impacts on Network Design Designing and Supporting.
LAN Switching and Wireless – Chapter 1
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
Geneva, 24 March 2011 Flow-based Traffic Accounting at SWITCH Simon Leinen Team Leader LAN, SWITCH ITU-T Workshop on IP Traffic Flow Measurement (Geneva,
Kiew-Hong Chua a.k.a Francis Computer Network Presentation 12/5/00.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
1 Directions in IPv6 Implementations Patrick Grossetete Cisco IOS IPv6 Product Manager Patrick Grossetete Cisco IOS IPv6 Product Manager.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Measurement COS 597E: Software Defined Networking.
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the.
April 4th, 2002George Wai Wong1 Deriving IP Traffic Demands for an ISP Backbone Network Prepared for EECE565 – Data Communications.
Project Requirements (NetFlow Generator) 정승화 분산 처리 및 네트워크 관리 연구실 포항 공과 대학교
Open-Eye Georgios Androulidakis National Technical University of Athens.
CCDA DESCRIBE THE METHODOLOGY USED TO DESIGN A NETWORK.
S7C7 – Multilayer Switching Design and Configuration.
PART3 Data collection methodology and NM paradigms 1.
Net Flow Network Protocol Presented By : Arslan Qamar.
Application Protocol - Network Link Utilization Capability: Identify network usage by aggregating application protocol traffic as collected by a traffic.
NetFlow Analyzer Best Practices, Tips, Tricks. Agenda Professional vs Enterprise Edition System Requirements Storage Settings Performance Tuning Configure.
Cisco CNS NetFlow Collection Engine Version 5.0
Instructor Materials Chapter 1: LAN Design
Network and Services Management
100% Exam Passing Guarantee & Money Back Assurance
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Data collection methodology and NM paradigms
Streaming Network Analytics System
NetFlow Analysis with Elastic Stack
Chapter 8: Monitoring the Network
Data collection methodology and NM paradigms
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Presentation transcript:

1 © 2000, Cisco Systems, Inc _05_2000_c3 Netflow Michael Lin

2 © 2000, Cisco Systems, Inc _05_2000_c3 Agenda What Is NetFlow? Application Discussion What’s New and Road Map Quickie on SLM/SAA—NetFlow Vision

3 © 2000, Cisco Systems, Inc _05_2000_c3 NetFlow Components What Is NetFlow? 3 © 2000, Cisco Systems, Inc _05_2000_c3

4 © 2000, Cisco Systems, Inc _05_2000_c3 NetFlow Enables NetFlow statistics empowers users with the ability to characterize their IP data flows The who, what, where, when, and how much IP traffic questions are answered Usage-Based Billing Traffic Analysis and Monitoring for Network Planning Router Feature Acceleration Router Feature Acceleration

5 © 2000, Cisco Systems, Inc _05_2000_c3 NetFlow’s Value NetFlow enables IP traffic flow analysis without probes Offers a rich data set to be mined for network management, traffic engineering, and value-added service offerings (i.e. marketing data, personal NMS data) Increasing margins on existing Cisco infrastructure is possible and economical with NetFlow usage based billing

6 © 2000, Cisco Systems, Inc _05_2000_c3 Flow-Based Analysis 1. Source Address 2. Destination Address 3. Source Port 4. Destination Port 5. Layer 3 Protocol 6. TOS Byte (DSCP) 7. Input Interface 1. Source Address 2. Destination Address 3. Source Port 4. Destination Port 5. Layer 3 Protocol 6. TOS Byte (DSCP) 7. Input Interface Seven Keys Define a Flow: NetFlow Data Exported

7 © 2000, Cisco Systems, Inc _05_2000_c3 Source IP Address Destination IP Address Source IP Address Destination IP Address Next Hop Address Source AS Number Dest. AS Number Source Prefix Mask Dest. Prefix Mask Next Hop Address Source AS Number Dest. AS Number Source Prefix Mask Dest. Prefix Mask Input Interface Port Output Interface Port Input Interface Port Output Interface Port Type of Service TCP Flags Protocol Type of Service TCP Flags Protocol Packet Count Byte Count Packet Count Byte Count Start Timestamp End Timestamp Start Timestamp End Timestamp Source TCP/UDP Port Destination TCP/UDP Port Source TCP/UDP Port Destination TCP/UDP Port Usage QoS Time of Day Application Routing and Peering Port Utilization From/To NetFlow Data Record

8 © 2000, Cisco Systems, Inc _05_2000_c3 Configuring NetFlow in 12.0 code (partial command list) Enable an interface for flow switching ip route-cache flow Set the export destination ip flow-export destination ip flow-export version [origin-as | peer-as] Set as 5, it is 1 by default. Set the source address to use for export packets ip flow-export source default is the ip address of the interface with the best route to the destination (collection device) ip flow-cache feature-accelerate show ip cache flow Router Based Aggregation ip flow-aggregation cache cache timeout active [15 minutes is the default] sh ip cache flow aggregation export destination enable

9 © 2000, Cisco Systems, Inc _05_2000_c3 NetFlow Infrastructure Network Data Analyzer: Data Presentation NFC Control and Configuration Partner Applications NetFlow Accounting: Data Switching Data Export Data Aggregation NetFlow FlowCollector: Data Collection Data Filtering Data Aggregation Data Storage File System Management RMON Probe Accounting/Billing Network Planning

10 © 2000, Cisco Systems, Inc _05_2000_c3 Platform Support in Cisco IOS ® Release 12.0T and 12.0S Cisco GSR 12.0(6)S Cisco GSR 12.0(6)S Cisco MGX ™ 8850/ Cisco BPX8650 Cisco MGX ™ 8850/ Cisco BPX8650 Cisco 7200/ 7500/ uBR7200 Available Since 11.1CC/CA Cisco 7200/ 7500/ uBR7200 Available Since 11.1CC/CA Cisco 1720 Cisco 2500/ 2600 Cisco 3600 Cisco AS5300/ 5800 Cisco 4500/ 4700 Cisco 1400/ 1600 Cisco 1400/ 1600 Catalyst ® 5000/6000 with NFFC

11 © 2000, Cisco Systems, Inc _05_2000_c3 NetFlow FlowCollector Flow record reception Data volume reduction Filtering Aggregation Flat file, binary, and/or compressed file storage File cleanup Solaris and HP-UX Applications NetFlow FlowCollector

12 © 2000, Cisco Systems, Inc _05_2000_c3 Network Data Analyzer Graphical display of NetFlow data Consumes from NetFlow FlowCollector(s) Time-based analysis ands data sorting Configure routers and FlowCollectors Histograms, bar charts, and pie charts Spreadsheet data export NetFlow FlowCollectors NetFlow FlowCollectors NetFlow FlowAnalyzer NetFlow FlowAnalyzer

13 © 2000, Cisco Systems, Inc _05_2000_c3 Applications 13 © 2000, Cisco Systems, Inc _05_2000_c3

14 © 2000, Cisco Systems, Inc _05_2000_c3 NetFlow Users E-commerce companies Large and medium enterprises ISPs of all sizes CLECs Service providers

15 © 2000, Cisco Systems, Inc _05_2000_c3 Applications Mine NetFlow Data and Find: Who are my top N talkers What percentage of traffic are they? How many users are on the network at any given time? When will upgrades effect the least number of users? How long do my users surf? Where do they go? Where did they come from? Are users staying within an acceptable usage policy (AUP)? Alarm DOS attacks like smurf, fraggle, and SYN flood Will watch for these attacks destined for anywhere or coming from anywhere!

16 © 2000, Cisco Systems, Inc _05_2000_c3 Public Routers 1, 2, 3 Month of September—Outbound Traffic Used For Traffic Engineering and Capacity Planning 20% 32% 4% 6% 8% 10% 1% 2% 1%

17 © 2000, Cisco Systems, Inc _05_2000_c3 Web Hosting and ASP Users Up-sale opportunities Larger and more servers needed More bandwidth into location Sell value-added services Marketing data Usage-based billing Use this Valuable Information:

18 © 2000, Cisco Systems, Inc _05_2000_c3 IP Accounting/Billing Many Different Flavors! Flat-rate billing doesn’t always scale Competitive pricing models can be created with usage-based billing Usage-based billing considerations Time of dayWithin my network or off ApplicationDistance-based QoS/CoSBandwidth usage Transit or peerData transferred Traffic class (i.e. going through a secure tunnel, high-speed link, or special arrangement)

19 © 2000, Cisco Systems, Inc _05_2000_c3 POP NetFlow Data Collection Carrier A Carrier Z Network Core Edge Aggregation NFC Access Devices Head End, MUX, Customers, Routers??? Access Devices Head End, MUX, Customers, Routers???

20 © 2000, Cisco Systems, Inc _05_2000_c3 Server Farm—Access Router Carrier ACarrier X Server NFC

21 © 2000, Cisco Systems, Inc _05_2000_c3 Metered Service Collector Can Be at Customer Site or POP Depending on POP Ownership/Co-Location Issues On-net Internet Off-net NFC

22 © 2000, Cisco Systems, Inc _05_2000_c3 Road Map Direction 22 © 2000, Cisco Systems, Inc _05_2000_c3

23 © 2000, Cisco Systems, Inc _05_2000_c3 Charter Built in IP Accounting Mechanism MPLS support Multicast support

24 © 2000, Cisco Systems, Inc _05_2000_c3 Recent Deliveries and Roadmap Scalability Sampled NetFlow for GSR (Engine 0 and 1) Minimum prefix RBA/TOS support Availability ifIndex persistence Redundant data streams MPLS support Phase 1 egress PE only and no label information provided Phase 2, MPLS details—definition phase 12.0(11)S 12.1(2)T 12.0(11)S 12.1(2)T August EFT August EFT 12.1(2)T 12.0(11)S 12.1(4)T 12.0(11)S 12.1(4)T 12.0(10)ST

25 © 2000, Cisco Systems, Inc _05_2000_c3 Partnership 25 © 2000, Cisco Systems, Inc _05_2000_c3

26 © 2000, Cisco Systems, Inc _05_2000_c3 Infrastructure NetFlow Partners Mediation Traffic Analysis Traffic Analysis Billing Consulting * Bought by Amdocs

27 © 2000, Cisco Systems, Inc _05_2000_c3

28 © 2000, Cisco Systems, Inc _05_2000_c3 NetFlow Platform Support (Not Presented) *Support for NetFlow Export v1, v5, and v8 on 1600 and 2500 platforms is targeted for Cisco IOS software release 12.0(5)T. NetFlow support for these platforms will not be available in the Cisco IOS 12.0 mainline release. Cisco IOS ™ Software Release Version Supported NetFlow Export Version(s) Supported Cisco Hardware Platforms 11.1CA, 11.1CC 11.2, 11.2P 11.2P 11.3, 11.3T T 12.0S 12.0(3)T and later 12.0(3)S and later 12.04XE N/A 12.0(6)S 11.1CA, 11.1CC 11.2, 11.2P 11.2P 11.3, 11.3T T 12.0S 12.0(3)T and later 12.0(3)S and later 12.04XE N/A 12.0(6)S v1, v5 v1 v1, v5 v1, v5, v8 v7 v8 v1, v5 v1 v1, v5 v1, v5, v8 v7 v8 7200, 7500, RSP7000 Route Switch Module (RSM), 11.2(10)P and later 7200, 7500, RSP , 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM 1720, 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM, MGX 8800 RPM, BPX *, 1600*, 1720, 2500*,2600, 3600, 4500, 4700, AS5800, AS5300**, 7200, uBR7200, 7500, RSP7000, RSM, MGX8800 RPM, BPX Catalyst 5K NetFlow Feature Card (NFFC) Catalyst 6K with MSFC card , 7500, RSP7000 Route Switch Module (RSM), 11.2(10)P and later 7200, 7500, RSP , 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM 1720, 2600, 3600, 4500, 4700, AS5800, 7200, uBR7200, 7500, RSP7000, RSM, MGX 8800 RPM, BPX *, 1600*, 1720, 2500*,2600, 3600, 4500, 4700, AS5800, AS5300**, 7200, uBR7200, 7500, RSP7000, RSM, MGX8800 RPM, BPX Catalyst 5K NetFlow Feature Card (NFFC) Catalyst 6K with MSFC card **Support for NetFlow Export v1, v5, and v8 on AS5300 platform is targeted for Cisco IOS software release 12.0(7)XR.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.