As an enterprise Administrator, you can configure Netflow settings at the Profile level.
Procedure
- From the SD-WAN Orchestrator, go to Configure > Profiles.
The Configuration Profiles page appears.
- Select a profile you want to configure Netflow settings and click the icon under the Device column.
The Device Setting page for the selected profile appears.
- From the Configure Segment drop-down menu, select a profile segment to configure Netflow settings.
- Go to the Netflow Settings area and configure the following details.
- Select the Netflow Enabled checkbox.
SD-WAN Orchestrator supports IP Flow Information Export (IPFIX) protocol version 10.
- From the Collector drop-down menu, select an existing Netflow collector to export IPFIX information directly from SD-WAN Edge, or click New Collector to configure a new Netflow collector.
For more information about how to add a new collector, see Configure Netflow Settings.Note: You can configure a maximum of two collectors per segment and eight collectors per profile by clicking the + button. When the number of configured collectors reaches the maximum allowable limit, the + button will be disabled.
- From the Filter drop-down menu, select an existing Netflow filter for the traffic flows from SD-WAN Edge, or click New Filter to configure a new Netflow filter.
For more information about how to add a new filter, see Configure Netflow Settings.Note: You can configure a maximum of 16 filters per collector by clicking the + button. However, the 'Allow All' filtering rule is added implicitly at the end of the defined filter list, per collector.
- Enable the Allow All checkbox corresponding to a collector to allow all segment flows to that collector.
- Under Intervals, configure the following Netflow export intervals:
- Flow Stats - Export interval for flow stats template, which exports flow statistics to the collector. By default netflow records of this template is exported every 60 seconds. The allowable export interval range is from 60 seconds to 300 seconds.
- FlowLink Stats - Export interval for flow link stats template, which exports flow statistics per link to the collector. By default netflow records of this template is exported every 60 seconds. The allowable export interval range is from 60 seconds to 300 seconds.
- VRF Table - Export interval for VRF option template, which exports segment related information to collector. The default export interval is 300 seconds. The allowable export interval range is from 60 seconds to 300 seconds.
- Application Table - Export interval for Application option template, which exports application information to the collector. The default export interval is 300 seconds. The allowable export interval range is from 60 seconds to 300 seconds.
- Interface Table - Export interval for Interface option template, which exports interface information to collector. The default export interval is 300 seconds. The allowable export interval range is from 60 seconds to 300 seconds.
- Link Table - Export interval for Link option template, which exports link information to the collector. The default export interval is 300 seconds. The allowable export interval range is from 60 seconds to 300 seconds.
- Tunnel Stats - Export interval for tunnel stats template. By default the statistics of the active tunnels in the edge are exported every 60 seconds. The allowable export interval range is from 60 seconds to 300 seconds.
Note: In an Enterprise, you can configure the Netflow intervals for each template only on the Global segment. The configured Netflow export interval is applicable for all collectors of all segments on an edge.For more information on various Netfow templates, see IPFIX Templates.
- Select the Netflow Enabled checkbox.
- Click Save Changes.