NetFlow is a feature that allows network devices such as routers or switches to export information about their inbound and outbound IP traffic. The so-called IP flows are transmitted by UDP. An IP flow contains information about the source IP address, destination IP address, ports, timestamp and packet counters, among others. This information is received, stored and processed on a NetFlow collector. NetFlow can be used either permanently or temporarily for network analysis.
LANCOM supports the standards NetFlow 9 (RFC 3954) as well as IPFIX (RFC 7011), which is an extension of NetFlow Version 9, via the transport protocol UDP.
- You need an external NetFlow collector that supports NetFlow 9 or IPFIX.
- The firewall must be activated.
- The only flow information collected with IPv4 is that being passed from one logical interface to another logical interface. Packets generated by or addressed to the router itself are not captured. For IPv6, this restriction does not apply.
- Only unicast IP flow information is collected, multicast (e.g. IPTV) is not supported.
- Depending on the scenario, using NetFlow/IPFIX increases CPU load and reduces the overall performance of the router.