ºÝºÝߣ

ºÝºÝߣShare a Scribd company logo

ACI Netflow ?? ???

?
?
W
Woo Hyung Choi

ACI ?? Netflow ?? ??????.

1 of 22
Downloaded 61 times
ACI Netflow ?? ??? 2017.04.06 (version 1.1) Cisco Systems Korea ? ? ? ???? (whchoi@cisco.com)
#1. LEAF Switch Netflow Enable 1 Fabric ¨C Fabric Policies ¨C Switch Policies ¨C Fabric Node Controls 1. Node control Name ?? 2. ¡°Feature Selection¡± ? Netflow Priority? ?? (Default? Analytics Priority) 2 Fabric ¨C Fabric Policies ¨C Switch Policies ¨C Policy Groups 1. Policy Group Name ?? 2. Node Control Policy ?? (1??? ??) 1 2
#1. LEAF Switch Netflow Enable 3 Fabric ¨C Fabric Policies ¨C Switch Policies ¨C Profiles 1. Switch Profile Name ?? 2. Switch Association ?? (Netflow Enable ??? EX ??? ??)3
#2. Netflow Configuration - Step Flow Monitor Flow Record Flow Exporter ? Source Address ? Destination Port ? Destination Address ? Netflow exporter version type ? EPG Type ? Tenant ? EPG ? VRF ? Collect Parameter ? Match Parameter 1 2 3
#2. Netflow Configuration ¨C Flow Exporters 1 Fabric ¨C Access Policies - Interface Porlices - Policies - Analytics - Netflow Exporters 1. Exporters Name ?? 2. Destination Port ?? (UDP Port) 3. Destination IP Address ?? (Flow Collector address) 4. Netflow version ?? 5. Flow Collector ?? ?? (?? ¨C App EPG, ?? ¨C L3 EPG) 6. Flow Collector ?? ?? ??
#2. Netflow Configuration ¨C Flow Records 2 Fabric ¨C Access Policies - Interface Porlices - Policies - Analytics - Netflow Records 1. Collect Parameters ?? 2. Match Parameters ??
#2. Netflow Configuration ¨C Flow Records Parameter ?? Address Family ?? Destination IPv4/6 IPv4/IPv6 IPv4 /IPv6 Destination IPv4 IPv4 IPv6 Destination IPv6 IPv6 IPv6 Destination MAC CE Non-IP traffic only Destination Port IPv4/IPv6 IPv4 / IPv6 Ethertype CE Non-IP traffic only IP Protocol IPv4/IPv6 IPv4 / IPv6 Source IPv4/6 IPv4/IPv6 IPv4 / IPv6 Source IPv4 IPv4 IPv4 Source IPv6 IPv6 IPv6 Source MAC CE Non-IP traffic only Source Port IPv4/IPv6 IPv4 / IPv6 IP TOS IPv4/IPv6 ?? ?? ?? VLAN CE/IPv4/IPv6 ?? ?? ??
#2. Netflow Configuration ¨C Flow Records Collection Parameters Flow Record ?? ?? Bytes counter ?? ?? (32bit) Pkts Counter ?? ?? (32bit) Pkt Disposition ???? ?? Sampler ID ???? ?? Source Interface ?? ?? TCP Flags IP Protocol matching ??? ?? First Pkt Timestamp ?? ?? Recent Pkt Timestamp ?? ??
#2. Netflow Configuration ¨C Flow Records 2 Fabric ¨C Access Policies - Interface Porlices - Policies - Analytics - Netflow Monitor 1. Netflow Monitor ?? ?? 2. Flow Record ?? 3. Flow Collector ??
#3. Netflow Interface Configuration Bridge Domain(SVI) L3OUT Logical Interface Profile Flow Monitor Flow Exporter Flow Record Logical Node Profile 1 Netflow ??? ??? Tenant? ???? ?? LEAF Interface Policy Group Flow Monitor Flow Exporter Flow Record 2 Netflow ??? ??? Interface? ???? ?? vPC, PC, Access Port
#3. Netflow Interface Configuration ¨C Interface ?? ?? 1 Fabric ¨C Access Policies - Interface Porlices - Policy Groups - Leaf Policy Groups - vPC or PC or Access Port 1. Netflow Monitor Polices (IP Filter Type ? Flow Monitor Policy ??)
#3. Netflow Interface Configuration ¨C L3 Outside ?? ?? 1 Tenant ¨C Networking - External Routed Networks - L3OUT EPG - Logical Node Profiles - Logical Interface Profiles 1. Netflow Monitor Polices (IP Filter Type ? Flow Monitor Policy ??) Netflow Monitor ??? Common? ?? Multi-Tenant? ?? ???? ?? ??
#3. Netflow Interface Configuration ¨C BD ?? ?? 1 Tenant ¨C Networking - Bridge Domain - BD - Netflow Monitor Polices (IP Filter Type ? Flow Monitor Policy ??) Netflow Monitor ??? Common? ?? Multi-Tenant? ?? ???? ?? ??
LEAF Switch?? Flow ?? ??
Flow Collector?? ??
Flow Collector VM?? ?? ????? ?? Tip. 1. Flow Collector ??? Private ??? ?? , Flow Collector? ??? ?? Tenant EPG? ??? 2. SMC?? ?? eth0? ????? ??
ACI?? ??? Netflow? StealthWatch?? ??
SMC?? Flow ?? ¨C Host List ACI EPG ?? BD subnet ??? StealthWatch Host Group ??
SMC?? Flow ?? ¨C Host List ACI EPG or BD Name = SMC Host Groups
SMC?? Flow ?? ¨C Host List ACI EPG or BD Name = SMC Host Groups ACI EP
SMC?? Flow ?? ¨C Host List ACI EPG or BD Name = SMC Host GroupsACI EP
ACI Netflow ?? ???

More Related Content

ACI Netflow ?? ???

  • 1. ACI Netflow ?? ??? 2017.04.06 (version 1.1) Cisco Systems Korea ? ? ? ???? (whchoi@cisco.com)
  • 2. #1. LEAF Switch Netflow Enable 1 Fabric ¨C Fabric Policies ¨C Switch Policies ¨C Fabric Node Controls 1. Node control Name ?? 2. ¡°Feature Selection¡± ? Netflow Priority? ?? (Default? Analytics Priority) 2 Fabric ¨C Fabric Policies ¨C Switch Policies ¨C Policy Groups 1. Policy Group Name ?? 2. Node Control Policy ?? (1??? ??) 1 2
  • 3. #1. LEAF Switch Netflow Enable 3 Fabric ¨C Fabric Policies ¨C Switch Policies ¨C Profiles 1. Switch Profile Name ?? 2. Switch Association ?? (Netflow Enable ??? EX ??? ??)3
  • 4. #2. Netflow Configuration - Step Flow Monitor Flow Record Flow Exporter ? Source Address ? Destination Port ? Destination Address ? Netflow exporter version type ? EPG Type ? Tenant ? EPG ? VRF ? Collect Parameter ? Match Parameter 1 2 3
  • 5. #2. Netflow Configuration ¨C Flow Exporters 1 Fabric ¨C Access Policies - Interface Porlices - Policies - Analytics - Netflow Exporters 1. Exporters Name ?? 2. Destination Port ?? (UDP Port) 3. Destination IP Address ?? (Flow Collector address) 4. Netflow version ?? 5. Flow Collector ?? ?? (?? ¨C App EPG, ?? ¨C L3 EPG) 6. Flow Collector ?? ?? ??
  • 6. #2. Netflow Configuration ¨C Flow Records 2 Fabric ¨C Access Policies - Interface Porlices - Policies - Analytics - Netflow Records 1. Collect Parameters ?? 2. Match Parameters ??
  • 7. #2. Netflow Configuration ¨C Flow Records Parameter ?? Address Family ?? Destination IPv4/6 IPv4/IPv6 IPv4 /IPv6 Destination IPv4 IPv4 IPv6 Destination IPv6 IPv6 IPv6 Destination MAC CE Non-IP traffic only Destination Port IPv4/IPv6 IPv4 / IPv6 Ethertype CE Non-IP traffic only IP Protocol IPv4/IPv6 IPv4 / IPv6 Source IPv4/6 IPv4/IPv6 IPv4 / IPv6 Source IPv4 IPv4 IPv4 Source IPv6 IPv6 IPv6 Source MAC CE Non-IP traffic only Source Port IPv4/IPv6 IPv4 / IPv6 IP TOS IPv4/IPv6 ?? ?? ?? VLAN CE/IPv4/IPv6 ?? ?? ??
  • 8. #2. Netflow Configuration ¨C Flow Records Collection Parameters Flow Record ?? ?? Bytes counter ?? ?? (32bit) Pkts Counter ?? ?? (32bit) Pkt Disposition ???? ?? Sampler ID ???? ?? Source Interface ?? ?? TCP Flags IP Protocol matching ??? ?? First Pkt Timestamp ?? ?? Recent Pkt Timestamp ?? ??
  • 9. #2. Netflow Configuration ¨C Flow Records 2 Fabric ¨C Access Policies - Interface Porlices - Policies - Analytics - Netflow Monitor 1. Netflow Monitor ?? ?? 2. Flow Record ?? 3. Flow Collector ??
  • 10. #3. Netflow Interface Configuration Bridge Domain(SVI) L3OUT Logical Interface Profile Flow Monitor Flow Exporter Flow Record Logical Node Profile 1 Netflow ??? ??? Tenant? ???? ?? LEAF Interface Policy Group Flow Monitor Flow Exporter Flow Record 2 Netflow ??? ??? Interface? ???? ?? vPC, PC, Access Port
  • 11. #3. Netflow Interface Configuration ¨C Interface ?? ?? 1 Fabric ¨C Access Policies - Interface Porlices - Policy Groups - Leaf Policy Groups - vPC or PC or Access Port 1. Netflow Monitor Polices (IP Filter Type ? Flow Monitor Policy ??)
  • 12. #3. Netflow Interface Configuration ¨C L3 Outside ?? ?? 1 Tenant ¨C Networking - External Routed Networks - L3OUT EPG - Logical Node Profiles - Logical Interface Profiles 1. Netflow Monitor Polices (IP Filter Type ? Flow Monitor Policy ??) Netflow Monitor ??? Common? ?? Multi-Tenant? ?? ???? ?? ??
  • 13. #3. Netflow Interface Configuration ¨C BD ?? ?? 1 Tenant ¨C Networking - Bridge Domain - BD - Netflow Monitor Polices (IP Filter Type ? Flow Monitor Policy ??) Netflow Monitor ??? Common? ?? Multi-Tenant? ?? ???? ?? ??
  • 16. Flow Collector VM?? ?? ????? ?? Tip. 1. Flow Collector ??? Private ??? ?? , Flow Collector? ??? ?? Tenant EPG? ??? 2. SMC?? ?? eth0? ????? ??
  • 17. ACI?? ??? Netflow? StealthWatch?? ??
  • 18. SMC?? Flow ?? ¨C Host List ACI EPG ?? BD subnet ??? StealthWatch Host Group ??
  • 19. SMC?? Flow ?? ¨C Host List ACI EPG or BD Name = SMC Host Groups
  • 20. SMC?? Flow ?? ¨C Host List ACI EPG or BD Name = SMC Host Groups ACI EP
  • 21. SMC?? Flow ?? ¨C Host List ACI EPG or BD Name = SMC Host GroupsACI EP