Главная » 2012»Июль»15 » Пример конфигурации Flexible NetFlow для мониторинга производительности для TCP, VoIP и Cisco NBAR
01:26
Пример конфигурации Flexible NetFlow для мониторинга производительности для TCP, VoIP и Cisco NBAR
Это пример конфигурации Flexible NetFlow, где создается TCP-класс, который включает весь TCP-трафик. Это пример, а не жесткая рекомендация. Целью является идентификация бизнес-приложений, которые хотелось отслеживать для контроля их производительности. Если все задержки TCP являются желаемыми, все это нормально работает. Отметим, что конфигурация Flexible NetFlow в этом примере базируется на IOS 15.2(2)T и включает также конфигурацию деталей Cisco NBAR. Если используется более ранняя версия IOS, то просто игнорируйте ошибку при создании записей потоков.
!define standard FnF record flow record nbar-mon match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface input match interface output match flow direction match application name collect datalink dot1q vlan input collect datalink dot1q vlan output collect datalink mac source address input collect datalink mac source address output collect datalink mac destination address input collect datalink mac destination address output collect routing destination as collect routing next-hop address ipv4 collect ipv4 dscp collect ipv4 id collect ipv4 source prefix collect ipv4 source mask collect ipv4 destination mask collect transport tcp flags collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last !
!define specific record for TCP flows flow record type performance-monitor TCP match ipv4 protocol match ipv4 source address match ipv4 source prefix match ipv4 destination address match ipv4 destination prefix match transport source-port match transport destination-port collect routing forwarding-status collect routing next-hop address ipv4 collect ipv4 dscp collect ipv4 ttl collect ipv4 source mask collect ipv4 destination mask collect transport round-trip-time collect transport event packet-loss counter collect interface input collect interface output collect counter bytes collect counter packets collect counter bytes rate collect timestamp interval collect application name collect application media bytes counter collect application media packets rate collect application media event collect monitor event ! !Define record for VOIP flows flow record type performance-monitor RTP match ipv4 protocol match ipv4 source address match ipv4 source prefix match ipv4 destination address match ipv4 destination prefix match transport source-port match transport destination-port match transport rtp ssrc collect routing forwarding-status collect routing next-hop address ipv4 collect ipv4 dscp collect ipv4 ttl collect ipv4 source mask collect ipv4 destination mask collect transport packets expected counter collect transport packets lost counter collect transport packets lost rate collect transport event packet-loss counter collect transport rtp jitter mean collect transport rtp jitter minimum collect transport rtp jitter maximum collect interface input collect interface output collect counter bytes collect counter packets collect counter bytes rate collect timestamp interval collect application name collect application media bytes counter collect application media bytes rate collect application media packets counter collect application media packets rate collect application media event collect monitor event
!create VOIP flow monitor flow monitor type performance-monitor RTP description RTP stats record RTP exporter export-to-scrutinizer ! !create TCP flow monitor flow monitor type performance-monitor TCP description TCP stats record TCP exporter export-to-scrutinizer
!Standard FnF Monitor flow monitor nbar-mon description app traffic analysis exporter export-to-scrutinizer cache timeout active 60 record nbar-mon
!create access list to filter TCP only access-list 100 permit tcp any any
!create class to match voice traffic. "Cisco-Phone" usually means standard RTP voice traffic. Those 3 items should catch all the voice and video. class-map match-any realtime match protocol rtp audio match protocol rtp video match protocol cisco-phone
!use TCP ACL to create a class map class-map match-any TCP-class match access-group 100
policy-map type performance-monitor RTPMON !Apply monitors to perfotmance monitor Policy-Map class realtime flow monitor RTP monitor parameter interval duration 10 flows 100 class TCP-class flow monitor TCP monitor parameters flows 1000
!Apply ingress/egress monitors to an interface. Egress (output) commented out unless needed. interface XXXXXX service-policy type performance-monitor input RTPMON !service-policy type performance-monitor output RTPMON ip flow monitor nbar-mon input !ip flow monitor nbar-mon output
Если вам необходим хороший инструмент отчетности по Flexible NetFlow, то советуем посмотреть "Medianet 2.2 Deployment Guide".
Меню сайта