Flow collector general settings enable you to define settings common to all NetFlow sources. The process for classification and identification within the flow collector is in the following order: defined SS, followed by NBAR name, followed by port lookup in
To specify flow collector general settings, navigate to Configuration ► Global ► Flow Collector ► General to access the list of general configuration settings for the flow collector.
The list of options is organized into the following sections and includes:
Flow listening port (UDP)
In general, NetFlow-enabled devices can send flows over UDP or SCTP. NAM requires that UDP be used for flows sent to NAM Probe. The network device is configured with an IP address and port number of the NetFlow collector that will receive the records and process them. This is the port number that the NetFlow collector will listen to for incoming flow records.
2055 (This can be configured to something more suitable to your environment. Other but less commonly used ports are
Flow Source SNMP polling
The NetFlow collector actively polls the network devices from which it receives flow records. Information received through SNMP polling augments the information received through flows. In particular, it helps to associate the interface name and index, thus allowing for byte and packet counts to be calculated for the named interfaces.
The incoming flow records contain an interface index (decimal number) that, when correlated with the interface name, makes reading reports much easier. For example,
VPN to Tokyo is much easier than
26 to understand in the context of the reporting data. Also, interface index numbers can change across router and switch reboots, so without the name association you would constantly need to manually update a mapping table to really understand which link the interface index was referring to. By doing the SNMP query, the index and name are correlated automatically. In addition, when retrieving the byte counts over an interval time frame, the utilization for that link can be calculated and provided in the report.
SNMP read community name
This is a string used by SNMP V1 and V2 clients to authenticate with a SNMP agent. A common community string used is
public . Note that this allows read-only access and does not compromise the security of your switch.
The SNMP port to be used for SNMP polling.
This setting determines the number of seconds that the NetFlow collector will wait for an SNMP query request to return from a SNMP agent before it aborts the request.
The number of retries for attempting SNMP polling.
Remove inactive Flow Source from status update after
The number of days after which flow sources that have stopped reporting are removed from the table of flow sources.