Apart from other Cisco Physical switches, Cisco Nexus 1000 V
is a virtual switch which is custom made for VMware Vsphere environment. The
NetFlow export from Cisco 1000V helps in analyzing the traffic between VMware
Host and traffic to other part of network from these Hosts.

The earlier blog was regarding deployment of Cisco Nexus
1000V on ESX host and this is about configuring 1000V for NetFlow export.

Once the Routing, switching, Policing has been done on Cisco
Nexus 1000V, the next step is to monitor traffic using NetFlow export. To
configure Cisco Nexus 1000V from the scratch, visit the following link.

NetFlow Configuration on 1000V:

Cisco Nexus 1000 V can be configured to export Flexible
NetFlow. The process of configuring Flexible NetFlow consists of four major
steps:

• Flow Record Creation
• Flow Exporter Configuration
• Flow Monitoring Configuration
• Attaching the Flow monitor to all Interfaces

Flow Record :-

Flow record defines collection of Pre-Defined fields that
NetFlow can gather. Given below is the configuration for creating flow records
with Pre-Defined fields.

Nexus1000v(config)# flow record ManageEngine

Nexus1000v(config-flow-record)# match ipv4 source address

Nexus1000v(config-flow-record)# match ipv4 destination
address

Nexus1000v(config-flow-record)# match ip protocol

Nexus1000v(config-flow-record)# match ip tos

Nexus1000v(config-flow-record)# match transport source-port

Nexus1000v(config-flow-record)# match transport
destination-port

Nexus1000v(config-flow-record)# match interface input

Nexus1000v(config-flow-record)# match interface output

Nexus1000v(config-flow-record)# match flow direction

Nexus1000v(config-flow-record)# collect routing source as

Nexus1000v(config-flow-record)# collect routing destination
as

Nexus1000v(config-flow-record)# collect routing next-hop
address ipv4

Nexus1000v(config-flow-record)# collect transport tcp flags

Nexus1000v(config-flow-record)# collect counter bytes

Nexus1000v(config-flow-record)# collect counter packets

Nexus1000v(config-flow-record)# collect timestamp sys-uptime
first

Nexus1000v(config-flow-record)# collect timestamp sys-uptime
last

Flow Exporter Configuration:

Flow exporter is the one which exports NetFlow packets to
server where NetFlow Analyzer is installed. Find the configuration for flow
exporter.

Nexus1000V(config)# flow exporter ManageEngine

Nexus1000V(config-flow-exporter)# destination 192.0.2.1 //
NetFlow Analyzer listener port

Nexus1000V(config-flow-exporter)# source mgmt 0

Nexus1000V(config-flow-exporter)# transport udp 9996 //
Default listener port for NetFlow Analyzer

Nexus1000V(config-flow-exporter)# version 9

Nexus1000V(config-flow-exporter-version-9)# option
exporter-stats timeout 60

Nexus1000V(config-flow-exporter-version-9)# template data
timeout 60

Flow Monitor Configuration:-

A flow monitor is the one which caches all the traffic
passing through the applied interface and the flow exporter will export all the
traffic as UDP datagram to NetFlow Analyzer server.

Nexus1000V(config)# flow monitor ManageEngine

Nexus1000V(config-flow-monitor)# description Ipv4Monitor

Nexus1000V(config-flow-monitor)# exporter ManageEngine

Nexus1000V(config-flow-monitor)# record ManageEngine

Nexus1000V(config-flow-monitor)# timeout active 60

Nexus1000V(config-flow-monitor)# timeout inactive 60

Attaching to the Interface:-

In order to enable NetFlow export on the interfaces, you
need to attach the flow monitor to each interfaces

Example :-

Nexus1000V(config)# interface ehternet0

Nexus1000V(config)# ip flow monitor ManageEngine input

Already deployed Nexus 1000 V on ESX Host ? Now start
monitoring the Nexus 1000 V using NetFlow Analyzer for detail traffic analysis.

Praveen Kumar
NetFlow Analyzer
Technical Team

Download | Interactive
Demo | Twitter |
Customers

You Can Learn More About the ManageEngine Product Line By Going to manageengine.optrics.com

The original article/video can be found at Cisco Nexus 1000 V and NetFlow Traffic monitoring