NX-OS Netflow sampled mode – Explained & Configuration
Cisco NX-OS can gather NetFlow statistics in either full or sampled mode. Cisco NX-OS analyzes all packets on the interface or subinterface for full NetFlow mode. For sampled mode, you configure the rate at which Cisco NX-OS analyzes packets.
Samplers
Cisco NX-OS supports sampled NetFlow. This feature samples incoming and outgoing packets on an interface. The packets sampled then qualify to create flows.
Sampled NetFlow reduces the amount of export data sent to the collector by limiting the number of packets that create flows and the number of flows. It is essential when flows are created on a line card or external device, instead of on the forwarding engine. F2, F2e, F3, and M3 Series modules support only sampled NetFlow.
Support:
The sampling mode supported on F2, F2e, F3, M3, M1, and M2 modules is M out of N, where M packets are selected randomly out of every N packet for sampling, and only those packets can create flows.
- Beginning with Cisco NX-OS Release 6.1(2), sampled NetFlow is supported on F2 and F2e Series modules.
- Beginning with Cisco NX-OS Release 6.2(6), sampled NetFlow is supported on F3 Series modules.
Accuracy
The accuracy of the sampled NetFlow compared with the traditional NetFlow is dependent on the sampling rate configured. If the sampling rate is 1:1, the sampled NetFlow is exactly accurate as of the traditional NetFlow. And if the sampling rate is 1:100, the sampled NetFlow is less accurate than the traditional, but it still yields statistical patterns that allow you to monitor the device.
Configuration steps:
1- Enable Netflow
2- Create Flow record and exporter
3- Create Flow Monitor
4- Create Sampler & Apply it with the flow monitor to the interface
The first three steps are detailed in this article, we will dive into sampler configuration and applying it with Flow monitor to the interface
Sampler configuration
You can create a flow sampler to define the NetFlow sampling rate for a flow.
Procedure
| Command or Action | Purpose | |
|---|---|---|
| Step 1 | configure terminalExample:switch# configure terminal switch(config)# | Enters global configuration mode. |
| Step 2 | sampler nameExample:switch(config)# sampler testsampler | Creates a sampler and enters flow sampler configuration mode. You can enter up to 63 alphanumeric characters for the flow sampler name. |
| Step 3 | (Optional) description stringExample:switch(config-flow-sampler)# description samples | (Optional)(Optional) Describes this sampler. You can enter up to 63 alphanumeric characters for the description. |
| Step 4 | mode sample-number out-of packet-numberExample:switch(config-flow-sampler)# mode 1 out-of 128 | Defines the number of samples to take per the number of packets received. The sample-number range is from 1 to 64, and the packet-number range is from 1 to 65536 packets. |
| Step 5 | exitExample:switch(config-flow-sampler)# exit | Returns to global configuration mode. |
| Step 6 | (Optional) copy running-config startup-configExample:switch(config)# copy running-config startup-config | (Optional)Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
Applying a Flow Monitor to an Interface
 Note | You can not apply a flow monitor to an egress interface, only ingress Netflow is supported. |
Procedure
| Command or Action | Purpose | |
|---|---|---|
| Step 1 | configure terminal Example: switch# configure terminal | Enters global configuration mode. |
| Step 2 | interface interface-type slot/port Example: switch(config)# interface ethernet 2/1 | Enters interface configuration mode. The interface type can be Ethernet (including subinterfaces), port channel, or VLAN interface. |
| Step 3 | ip flow monitor name input sampler name Example: switch(config-if)# ip flow monitor testmonitor input sampler testsampler | Associates an IPv4 flow monitor and a sampler to the interface for input packets. You can enter up to 63 alphanumeric characters for the flow monitor name and the sampler name. |
| Step 4 | ipv6 flow monitor name input sampler name Example: switch(config-if)# ipv6 flow monitor testmonitorv6 input sampler testsamplerv6 | Associates an IPv6 flow monitor and a sampler to the interface for input packets. You can enter up to 63 alphanumeric characters for the flow monitor name and the sampler name. |
| Step 5 | layer2-switched flow monitor name input sampler name Example: switch(config-if)# layer2-switched flow monitor testmonitorl2 input sampler testsamplerl2 | Associates a Layer 2-switched flow monitor and a sampler to the interface for input packets. You can enter up to 63 alphanumeric characters for the flow monitor name and the sampler name. |
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/system-management/guide/b_Cisco_Nexus_7000_Series_NX-OS_System_Management_Configuration_Guide/b_Cisco_Nexus_7000_Series_NX-OS_System_Management_Configuration_Guide_chapter_011000.html
![OSPF DR and BDR Election Explained [with Configuration]](https://learnduty.com/wp-content/uploads/2022/03/image-33.png?v=1647900046)
![OSPF Neighbor Adjacency Requirements [With Configuration]](https://learnduty.com/wp-content/uploads/2022/03/image-23-418x450.png?v=1647900064)
![OSPF Neighbor States Explained [Step by Step]](https://learnduty.com/wp-content/uploads/2022/03/image-13.png?v=1647900076)
![OSPF Area Types Explained and Configuration [Demystified]](https://learnduty.com/wp-content/uploads/2022/03/image-8.png?v=1647900083)