Content deleted Content added
m Fix ref whitespace. |
Citation bot (talk | contribs) Add: date, title, s2cid, authors 1-1. Changed bare reference to CS1/2. Removed parameters. Some additions/deletions were parameter name changes. | Use this bot. Report bugs. | Suggested by BrownHairedGirl | Linked from User:BrownHairedGirl/Articles_with_bare_links | #UCB_webform_linked 341/2195 |
||
Line 2:
[[File:NetFlow Architecture 2012.png|thumb|right|512px|NetFlow architecture]]
'''NetFlow''' is a feature that was introduced on [[Cisco]] routers around 1996 that provides the ability to collect IP network traffic as it enters or exits an interface. By analyzing the data provided by NetFlow, a network administrator can determine things such as the source and destination of traffic, class of service, and the causes of congestion. A typical flow monitoring setup (using NetFlow) consists of three main components:<ref name="Flow_Monitoring_Tutorial">{{cite journal
|
| last2 = Čeleda | first2 = Pavel
| last3 = Trammell | first3 = Brian
Line 21:
| doi = 10.1109/COMST.2014.2321898
| year = 2014
| s2cid = 14042725
}}</ref>
Line 194 ⟶ 195:
}}</ref>
Also flow-tools collection of software<ref>{{Cite web|url=https://github.com/adsr/flow-tools|title = Adsr/Flow-tools|date = 5 October 2021}}</ref> allows to process and manage NetFlow exports from Cisco and Juniper routers.<ref>{{Cite web|url=https://github.com/adsr/flow-tools/blob/master/README|title = Adsr/Flow-tools|date = 5 October 2021}}</ref>
=== Support ===
Line 298 ⟶ 299:
|-
! | Mikrotik RouterOS
| | RouterOS 3.x, 4.x, 5.x, 6.x <ref>{{Cite web|url=http://wiki.mikrotik.com/wiki/Manual:IP/Traffic_Flow|title = Manual:IP/Traffic Flow - MikroTik Wiki}}</ref>
| | v1, v5, v9, IPFIX (>6.36RC3)
| | Software and Routerboard hardware
Line 330 ⟶ 331:
NetFlow was originally a Cisco packet switching technology for Cisco routers, implemented in [[Cisco IOS|IOS]] 11.x around 1996.
It was originally a software implementation for the Cisco 7000, 7200 and 7500,<ref name="netflow switching">http://www.cisco.com/en/US/docs/ios/11_2/feature/guide/netflow.html</ref> where it was thought as an improvement over the then current Cisco Fast Switching. Netflow was invented by Darren Kerr and Barry Bruin<ref>{{Cite web|url=https://www.cisco.com/c/dam/en/us/products/collateral/security/ios-network-foundation-protection-nfp/prod_presentation0900aecd80311f49.pdf|title=Cisco - Networking, Cloud, and Cybersecurity Solutions}}</ref> from Cisco (U.S. patent # 6,243,667).
The idea was that the first packet of a flow would create a NetFlow switching record. This record would then be used for all later packets of the same flow, until the expiration of the flow. Only the first packet of a flow would require an investigation of the route table to find the most specific matching route. This is an expensive operation in software implementations, especially the old ones without [[Forwarding information base]]. The NetFlow switching record was actually some kind of route cache record, and old versions of IOS still refer to the NetFlow cache as '''ip route-cache'''.
| |||