Latest

Home / Cisco / Viptela SDWAN / Cisco Viptela SDWAN: Cflowd Traffic Flow Monitoring via vManage

Cisco Viptela SDWAN: Cflowd Traffic Flow Monitoring via vManage

August 06, 2021 ,

 As we discussed on our earlier article on the cflowd, Today we are going to talk about Cflowd Traffic Flow Monitoring configuration procedure. Most of you guys who are working on the Cisco Viptela SDWAN environment knows about where to define the policies in the vManage. 

You need to go through the four different steps to enable the cflowd policy as shown below.

Fig 1.1- vManage cflowd Policy

Step 1: Configure the policy with "Create Applications or Groups of Interest"
In vManage NMS, select the Configure --> Policies screen

When you first open this screen, the Centralized Policy tab is selected by default, so you need to click on "Add Policy". It further opens and you will see "Create Applications or Groups of Interest screen".

What to define in Create Applications or Groups of Interest screen ?
Create a new list of Prefix, Site and VPN and click next. 

Step 2: Configure the Network Topology

Here you need to configure the network topology for which you need to go to the centralized policy.
In vManage NMS, select the Configure --> Policies screen.

Do what you did in Step 1, and when you see the Create Applications or Groups of Interest screen, just click next. You will see the Network Topology screen opens, and in the Topology bar, the Topology tab is selected by default.

What to define in Network Topology ?
So now you need to create the topology. It will be any of the topology type you can create 
Policy Type can be Hub and Spoke, Mesh ( Partial-mesh or full-mesh)

Step 3: Configure the Traffic rules
Here you need to configure the Traffic rules for which you need to go to the centralized policy.
In vManage NMS, select the Configure --> Policies screen.

Do what you did in Step 1 and followed by Step 2 and just click next. You will see that configure Traffic Rules screen opens, and in the Application-Aware Routing bar, the Application-Aware Routing tab is selected by default.

Now you need to configure the traffic rules

Step 3.1 : Go to the Application-Aware Routing bar, select the Cflowd tab and Click the Add Policy drop-down.

Step 3.2 : Select Create New. The Add Cflowd Policy popup opens.

Step 3.3.1 : Configure timer parameters for the cflowd template like Active Flow Timeout field (default is 600 seconds) and Inactive Flow Timeout field (default is 60 seconds)

Note: Active Flow Timeout is defined with how long to collect a set of flows on which traffic is actively flowing. 

Note: Inactive Flow Timeout is defined with how long to wait to send a set of sampled flows to a collector for a flow on which no traffic is flowing.

Step 3.3.2 : Configure timer parameters for the cflowd template like Flow Refresh Interval field (default is 90 seconds) and Sampling Interval field.

Note: Flow Refresh Interval is specify how often to send the cflowd template record fields to the collector

Note: Sampling Interval is specify how many packets to wait before creating a new flow

Step 3.4 : Add New Collector, and configure the location of the cflowd collector, As we discuss in our earlier article of Max 4 collectors.

What to define in Collector ?
You need to define VPN ID field (number of the VPN in which the collector is located), IP Address field (IP address of the collector), Port Number field (collector port number).

Step 3.4.1: Transport Protocol drop-down: Select TCP or UDP.

Step 3.4.2: Source Interface field: enter the name of the interface to use to send flows to the collector.

Now save policy. It is a cflowd policy.

Step 4: As we created the policy, now we need to add policy to the sites and VPNs used.
In vManage NMS, select the Configure --> Policies screen.

Fig 1.2- Adding Policy to Sites and VPNs

Do what you did in Step 1 (just click next after step 1), followed by Step 2(just click next after step 2) and step 3(just click next after step 3) and now you will see Apply Policies to Sites and VPNs screen opens.

Step 4.1 : In the Policy Name field, enter a name for the policy. 

Step 4.2 : Another field you will see is Policy Description field, enter a description of the policy.

Step 4.3 : Now you will see Topology bar, select the type of policy block. The table then lists policies that you have created for that type of policy block.

Step 4.4 : Add New Site List. Select one or more site lists, Click Add

Step 4.5 : Now Save Policy and view the policy you created 

Go to Configure --> Policies screen, policies table includes the newly created policy will be shown there.

Now as you gone through all the four steps to create the cflowd policy in the vManage, its time to activate that policy

Step 5: Activate a Centralized Policy
Activating a cflowd policy sends that policy to all connected vSmart controllers. Click the More Actions icon to the right of the row, and click Activate. The Activate Policy popup opens. It lists the IP addresses of the reachable vSmart controllers to which the policy is to be applied and at last click Activate.