Using the GoToManage NetFlow traffic analysis application
The GoToManage NetFlow application includes an interactive, Flash-based display of the network and traffic patterns. The application also collects detailed data via NetFlow for deep analysis of how bandwidth is being consumed (NetFlow is a network protocol that was developed by Cisco Systems for collecting IP traffic information).
Installing the NetFlow application
Install your GoToManage NetFlow application from the Applications page:
To install the NetFlow application on your GoToManage system:
- On the left-hand navigation box, click Applications.
- Under Applications Available, in the NetFlow pane, click Install.
Using your GoToManage NetFlow application
GoToManage provides detailed bandwidth usage reports that show top conversations
between users and hosts that are consuming bandwidth and stores the data for trend analysis.
Because GoToManage is offered on-demand, it provides valuable insight into bandwidth usage across
the enterprise without the complexity and expense involved with deploying dedicated hardware
and software probes.
How to set up your Cisco router to send NetFlow data to the GoToManage Crawler
If you need to configure your Cisco router to export NetFlow data to the GoToManage crawler here are the commands you need to configure your router.
ip flow-export destination <ip address of crawler> 9996
This exports the NetFlow cache entries to the specified IP address. Use the IP address of the machine that the GoToManage Crawler is running on here. The Crawler listens for NetFlow on port 9996.
ip flow-export version 5
The GoToManage Crawler understands version 5 NetFlow packets.
ip flow-cache timeout active 1
By default the router will send NetFlow information to your GoToManage Crawler for long lived flows every 30 minutes. However, you are likely to want more immediate information about the flow while it is happening. This will break up long-lived flows into 1-minute fragments.
You can choose any number of minutes between 1 and 60. If you leave it at the default of 30 minutes your traffic reports will have spikes.
It is important to set this value to 1 minute in order to generate alerts and view detailed data for troubleshooting purposes.
ip flow-cache timeout inactive 15
Ensures that flows that have finished are periodically exported. The default value is 15 seconds. You can choose any number of seconds between 10 and 600. However, if you choose a value greater than 250 seconds, the NetFlow analyzer may report traffic levels that are too low.
snmp-server ifindex persist
This sets ifIndex persistence (interface names) globally. This ensures that the ifIndex values are persisted during device reboots. Otherwise after a reboot, the flow data may appear iconsistent or reversed compared to previous values.
An actual dialog with your router to setup NetFlow may look like this:
router>enable Password: <your enable password goes here> router#configure terminal router(config)#interface FastEthernet 0/1 router(config-if)#ip route-cache flow router(config-if)#exit router(config)#ip flow-export destination <crawler ip goes here> 9996 router(config)#ip flow-export source FastEthernet 0/1 router(config)#ip flow-export version 5 router(config)#ip flow-cache timeout active 1 router(config)#ip flow-cache timeout inactive 15 router(config)#snmp-server ifindex persist router(config)#^Z router#write
NOTE: Select the interface you want to actually gather NetFlow data on. This is likely to be the WAN interface if you have a single router between your company and the internet.
To see your actual configuration, you should issue the following commands:
show ip flow export
and
show ip cache flow
