NetFlow configuration On Cisco ASR 1000 Router

We need to create three types of map to configure NetFlow on Cisco ASR 100 router.

1. Exporter Map
2. Sampler Map and
3. flow Monitor Map

And finally it is to be applied on the interface which we have to monitor.

EXPORTER MAP

Below configuration shows how to create Exporter Map on router config mode: -

flow exporter TEST (Name of the Exporter)
 destination 10.10.10.100 (Ip address of Netflow collector)
 source Loopback10 (Interface through which Netflow enalyzer collects the logs)
 transport udp 9995 (Transmission protocol used to send the data)
 template data timeout 60 (Time in seconds when data will be resend)
 option interface-table timeout 60 (Time in seconds when SNMP index will be resend)


SAMPLER MAP

Creating sampler map on router config mode

sampler TEST
 mode random 1 out-of 10000

FLOW MONITOR MAP

Creating monitor on router config mode

flow monitor TEST
 exporter TEST
 cache timeout active 60
 record netflow-original
 cache timeout inactive 15


APPLY MAP TO THE INTERFACE

Now maps are defined, we need to apply the Flow Monitor and Sampler maps to each of the active interfaces: -

interface Gi0/0
 ip flow monitor TEST sampler TEST input (For ingress traffic)
 ip flow monitor TEST sampler TEST output (For egress traffic)
 exit

Once NetFlow configuration completed, we can analyze the data with NetFlow reporting using NetFlow Anysis tool.

Commands to check the Netflow Status:-

show ip cache flow

show ip cache flow 

GLBP Load Balancing Configuration Example

GLBP example with interface tracking

This document provide you the detail steps to configure GLBP between two locations. As we know that we can use GLBP for load balancing between two links or locations, so that there is no dependency on the single link.

If we have two links we can simply configure GLBP and load balancing works. But, if other location also have two links then how we will configure GLBP to achieve the same?

Refer the diagram above, In Core switch there is only one default route towards the router and the gateway will  be the  glbp ip. Now assume, if p2p link of router 1 of site A goes down then traffic will go through the router 2, but from site B they don't know that router 1 of site A is down and they will send traffic through both the router due to the default behavior (round robin) of GLBP and hence some systems from site B will not be able to access site A resources.

To resolve this issue we need to do IP SLA from both the side and need to track its gateway so that if any of the link goes down both the router connected through that link will know that there is no reachability let the traffic to go from other link.

So below is the configuration example

Configuration Details

Detailed Steps

Configuration on router 1

Enabling IP SLA

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# ip sla 1
Step 5	icmp-echo 10.10.1.2 source-interface GigabitEthernet0/1
Step 6	Router(config)# ip sla schedule 1 life forever start-time now

Track ip sla

To track the state of a Cisco IOS IP SLA operation and to enter tracking configuration mode, use the below command on configuration mode 

Step 7

router(config)#track 1 ip sla 1 reachability

GLBP Configuration

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# interface Gi 0/0
Step 5	Router(config)#ip address 10.10.10.9 255.255.255.0
Step 6	Router(config-if)# glbp 10 preempt
Step 7	Router(config-if)# glbp 10 ip 10.10.10.11
Step 8	Router(config-if)# glbp 10 weighting track 1 decrement 100
Step 9	Router(config-if)# exit

Configuration on router 2

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# ip sla 1
Step 5	icmp-echo 10.10.1.1 source-interface GigabitEthernet0/1
Step 6	Router(config)# ip sla schedule 1 life forever start-time now
Step 7	router(config)#track 1 ip sla 1 reachability

GLBP Configuration

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# interface Gi 0/0
Step 5	Router(config)#ip address 10.5.10.9 255.255.255.0
Step 6	Router(config-if)# glbp 10 preempt
Step 7	Router(config-if)# glbp 10 ip 10.5.10.11
Step 8	Router(config-if)# glbp 10 weighting track 1 decrement 100
Step 9	Router(config-if)# exit

Configuration on router 3

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# ip sla 1
Step 5	icmp-echo 10.10.2.1 source-interface GigabitEthernet0/1
Step 6	Router(config)# ip sla schedule 1 life forever start-time now
Step 7	router(config)#track 1 ip sla 1 reachability

GLBP Configuration

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# interface Gi 0/0
Step 5	Router(config)#ip address 10.10.10.10 255.255.255.0
Step 6	Router(config-if)# glbp 10 preempt
Step 7	Router(config-if)# glbp 10 ip 10.10.10.11
Step 8	Router(config-if)# glbp 10 weighting track 1 decrement 100
Step 9	Router(config-if)# exit

Configuration on router 4

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# ip sla 1
Step 5	icmp-echo 10.10.2.1 source-interface GigabitEthernet0/1
Step 6	Router(config)# ip sla schedule 1 life forever start-time now
Step 7	router(config)#track 1 ip sla 1 reachability

GLBP Configuration

Steps	Command or Action
Step 1	Ssh or telnet to router
Step 2	Router> enable
Step 3	Router# configure terminal
Step 4	Router(config)# interface Gi 0/0
Step 5	Router(config)#ip address 10.5.10.10 255.255.255.0
Step 6	Router(config-if)# glbp 10 preempt
Step 7	Router(config-if)# glbp 10 ip 10.5.10.11
Step 8	Router(config-if)# glbp 10 weighting track 1 decrement 100
Step 9	Router(config-if)# exit