I would like to know if you have any tips on how to configure Cisco routers in order to monitor the same via PRTG.
Created on Feb 4, 2010 3:56:03 PM by
Last change on Feb 11, 2010 3:23:28 PM by
This article includes several tips&tricks for your Cisco router configuration when using PRTG Network Monitor with SNMP or NetFlow.
The following command makes sure that the router does not change the numbering of the interfaces when interfaces are added or removed so you do not have to edit your PRTG sensor setup:
snmp-server ifindex persist
See also: The interface numbers on my switch keep changing. What can I do?
Using the Netflow protocol you can monitor the bandwidth usage of all packets going through a router. For each flow of data the router sends a netflow packet with connection and bandwidth information to a monitoring system running PRTG. In PRTG you must create a Netflow Collector that accepts these packets and does the accounting.
The advantage of using NetFlow is that it only requires little CPU load on the router itself (e.g. 10,000 active flows create about 7% additional CPU load, 45,000 active flows account for about 20% additional CPU load, see Cisco's performance white paper) and also on the machine running PRTG, especially much less than a Packet Sniffing sensor.
You must edit your router's setup and save it as new startup configuration:
The following command must be repeated for each single interface to enable Netflow for each one (replace "FastEthernet 0/1" with the names of the interfaces on your router):
interface FastEthernet 0/1 ip route-cache flow exit
See the code section below. You may want to copy the script, edit it with your IPs and paste it into your router telnet session. When you are done and have tested the new configuration remember to copy the new configuration to the startup configuration
copy running-config startup-config
This command will tell the router not to send any netflow packets to the specified address:
no ip flow-export destination (address) (port)
To disable Netflow for a specific interface use these commands:
interface (interface) (interface number) no ip route-cache flow Exit
! ! Step 1: Enabling NetFlow ! ! Note: For PRTG we need NetFlow versions 5 or 9 or IPFIX, ! no other NetFlow version is supported currently ! ip flow-export version 5 ! or ! ip flow-export version 9 ! ! Note: We recommend these values for the timeouts: ! ! timeout active value is in minutes ip flow-cache timeout active 5 ! ! timeout inactive value is in seconds ip flow-cache timeout inactive 10 ! ! Step 2: Setting the target address for NetFlow Packets: ! ! Replace 10.0.0.200 with the IP address of your machine running PRTG ! Replace 9991 with another port number of your choice if desired ! ip flow-export destination 10.0.0.200 9991 ! ! Step 3: You can optionally send all NetFlow packets to one other machine, too ! ip flow-export destination 10.0.0.201 9991 ! ! Step 4: Create a "NetFlow Sensor" in PRTG (V7 or later) and enter the port number set above ! ! That's it
Created on Feb 4, 2010 3:58:52 PM by
Last change on Jul 5, 2016 1:50:50 PM by
In case you need to send netflows over ipsec tunnels to the collecting probe, you might need to configure Flexible Netflows. This is described pretty well here:
If you have the condition that you see the flows get generated on the cisco device but do not reach the pingable probe machine (check by wireshark) via an ipsec tunnel, try this.
Also check the netflow version of the Cisco device. Some older firmwares seem to uses v9 by default while newer versions seem to use v5.
I created a device template for Cisco Routers and, with the exception of one of the items below, all of the following items are preconfigured. I have been able to use this on all IOS devices, irrespective of their model number, which was really nice. The device template was created on Version 13.3.7.3114 as 13.3.6.3110 lacked some functionality for creating device templates. This has worked very well with auto discover using a device template.
Ping Sensor: Send multiple ping requests, ping count = 10 Channel: Packet Loss, Enable Limits, Warning Upper = 20 (%) All Interface Sensors: Additional channels, Errors In & Out = True; Connection state handling = Show alarnm when disconnected Channel: Total Traffic, Show in charts = disabled, Show in tables = disabled Channel: Errors In, Enable Limits, Warning Upper = 0.1 Channel: Errors Out, Enable Limits, Warning Upper = 0.1 Uptime Sensor: Channel: System Uptime, Enable Limits, Warning Lower = 86400 (1 day) System Health CPU: Channel: CPU 1, Enable Limits, Warning Upper = 90
EDIT: I forgot to mention that I manually edited the device template file for a couple of tweaks. Nothing that was rocket science, albeit those files get slightly scary when you really start digging throuhg them.
Created on Nov 18, 2013 6:34:18 PM by
Last change on Nov 22, 2013 12:47:45 PM by
The solution mentioned from maengling saved my day.
Here is the code I used
Conf t
flow exporter FlowExporter1
destination <PRTG Server IP>
source gi0/1
transport udp 9991
export-protocol netflow-v9
output-features
flow monitor FlowMonitor1
record netflow ipv4 original-input
exporter FlowExporter1
cache timeout active 5
exit
int gi0/0
ip flow monitor FlowMonitor1 input
int gi0/1
ip flow monitor FlowMonitor1 input
exit
exit
wr mem
Created on Sep 30, 2015 10:32:05 AM by
Last change on Oct 9, 2015 11:28:50 AM by
Please log in or register to enter your reply.
Add comment