Skip to main content

Configuring Cisco Catalyst 2960-X Series Switches with ObserveOps Flow Explorer

Using Motadata NetFlow technology, network administrators can efficiently monitor bandwidth usage for capacity planning and resource allocation. Cisco's NetFlow-Lite is a lightweight, packet-based sampling technology that allows monitoring of switching traffic in widely-used switches, including the Cisco Catalyst 2960-X Series.

Configuring NETFLOW-Lite

Follow the steps below to configure your Cisco Catalyst 2960-X switch to export NetFlow-Lite flows to a ObserveOps Flow Explorer server.

Creating a Flow Record in Switch Config Mode

Enter the switch configuration mode:

Switch(config)# flow record NfliteRecord

Add flow record configurations:

Switch(config-flow-record)# collect counter bytes long
Switch(config-flow-record)# collect counter packets long
Switch(config-flow-record)# collect flow sampler
Switch(config-flow-record)# collect interface input
Switch(config-flow-record)# collect timestamp sys-uptime first
Switch(config-flow-record)# collect timestamp sys-uptime last
Switch(config-flow-record)# collect transport tcp flags ack
Switch(config-flow-record)# collect transport tcp flags fin
Switch(config-flow-record)# collect transport tcp flags rst
Switch(config-flow-record)# match datalink ethertype
Switch(config-flow-record)# match datalink mac source address input
Switch(config-flow-record)# match datalink mac destination address input
Switch(config-flow-record)# match ipv4 protocol
Switch(config-flow-record)# match ipv4 destination address
Switch(config-flow-record)# match ipv4 source address
Switch(config-flow-record)# match ipv4 tos
Switch(config-flow-record)# match ipv6 protocol // optional : for IPv6 only
Switch(config-flow-record)# match ipv6 destination address // optional : for IPv6 only
Switch(config-flow-record)# match ipv6 source address // optional : for IPv6 only
Switch(config-flow-record)# match ipv6 tos // optional : for IPv6 only
Switch(config-flow-record)# match transport destination-port
Switch(config-flow-record)# match transport source-port

Creating a Flow Exporter in Switch Config Mode

Create the flow exporter:

Switch(config)# flow exporter NfliteExporter

Configure the flow exporter:

Switch(config-flow-exporter)# destination 10.10.10.10 // MFE server IP
Switch(config-flow-exporter)# export-protocol MOTADATA_NETFLOW-v9
Switch(config-flow-exporter)# option interface-table
Switch(config-flow-exporter)# option exporter-stats
Switch(config-flow-exporter)# option sampler-table
Switch(config-flow-exporter)# source loopback 0 // source interface can be any L3 interface
Switch(config-flow-exporter)# template data timeout 60
Switch(config-flow-exporter)# transport udp 2055

Creating a Flow Monitor in Switch Config Mode

Configure the flow monitor:

Switch(config)# flow monitor NfliteMonitor
Switch(config-flow-monitor)# record NfliteRecord
Switch(config-flow-monitor)# exporter NfliteExporter
Switch(config-flow-monitor)# cache timeout active 60
Switch(config-flow-monitor)# cache timeout inactive 15
Switch(config-flow-monitor)# cache type normal
Switch(config-flow-monitor)# statistics packet protocol

Creating a Flow Sampler in Switch Config Mode

Set up the flow sampler:

Switch(config)# sampler NfliteSampler
Switch(config-sampler)# mode random 1 out-of 32 // The range can be 32 to 1022

Applying Flow Monitor to an Interface in Interface Config Mode

Access the interface configuration mode:

Switch(config)# interface gigabitethernet 0/0

Apply the flow monitor:

Switch(config-if)# ip flow monitor NfliteMonitor sampler NfliteSampler input // Repeat this command on all interfaces.

After completing the configuration, navigate to Menu > Flow Explorer and select Explorer to view the active flow data.