兰溪在线|lanxi.online|兰溪新闻|兰溪在线|兰溪论坛|兰溪信息|兰溪网|兰西网

 找回密码
 立即注册

微信登录

微信扫一扫,快速登录

搜索
热搜: 活动 交友 discuz

社区广播台

查看: 378|回复: 0

Cisco路由器基于协议及MAC的流量分析之Netflow

[复制链接]

508

主题

508

帖子

1526

积分

金牌会员

Rank: 6Rank: 6

积分
1526
发表于 2019-4-12 10:38:05 | 显示全部楼层 |阅读模式
这2天在研究,如何对Cio器进行协议及MAC流量分析,方法总结如下:
端口设置netflow (基于协议)
a,Enabling NetFlow Export
interface{interface}{interface_number}
ip route-cache flow
bandwidth kbps
b, Exporting NetFlow Data
Issue the following commands to export NetFlow data to the server on which NetFlow Analyzer is running
ip flow-export destination{hostname|ip_address}9996
ip flow-export source{interface}{interface_number}
ip flow-export version 5 [peer-as | origin-as]
snmp-server ifindex persist
c,Verifying Device Configuration
show ip flow export
show ip cache flow
show ip cache verbose flow
d,A Sample Device Configuration
router#enable
Password:*****
router#configure terminal
router-2621(config)#interface FastEthernet 0/1
router-2621(config-if)#ip route-cache flow
router-2621(config-if)#exit
router-2621(config)#ip flow-export destination 192.168.9.101 9996
router-2621(config)#ip flow-export source FastEthernet 0/1
router-2621(config)#ip flow-export version 5
router-2621(config)#ip flow-cache timeout active 1
router-2621(config)#ip flow-cache timeout inactive 15
router-2621(config)#snmp-server ifindex persist
router-2621(config)#^Z
router#write
router#show ip flow export
router#show ip cache flow
e,Turning off NetFlow
no ip flow-export destination{hostname|ip_address}{port_number}
no ip route-cache flow
测试实例:
CIO_PPPOE#show ip cache flow
IP packet size distribution (2667212 total packets):
1-32  64  96  128  160  192  224  256  288  320  352  384  416  448  480
.000 .342 .081 .015 .010 .002 .003 .003 .002 .002 .002 .003 .002 .003 .003
512  544  576 1024 1536 2048 2560 3072 3584 4096 4608
.003 .004 .006 .040 .464 .000 .000 .000 .000 .000 .000
IP Flow Switching Cac
1
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册 微信登录

本版积分规则

快速回复 返回顶部 返回列表