Trisul Network Analytics
Developer Zone

User Tools

Site Tools

You are here: Home » NetFlow » Simple NetFlow server configuration for ISP
Trace: Simple NetFlow server configuration for ISP
netflow:config

This is an old revision of the document!

Simple NetFlow server configuration for ISP

This page describes a simple connection between Trisul NetFlow Server and an ISP Gateway router/switch. We use Cisco ASR as a sample device.

Key features:

- Using a public IP for the NetFlow server - Using ACL to restrict access - Using a separate IP for the DRAC (Remote management)

Diagram

The scenario is very simple.

We allocate a free public IP 205.0.118.32 with a 255.255.255.254 netmask /31 (point to point) and assign one to the port and another to the NetFlow server.

The config : 

interface GigabitEthernet0/2
  ip address 203.0.118.32 255.255.255.254
  ip access-group RestrictedAccess
  no shutdown

Create and apply the ACL to these IP subnets - these would represent the customers subnets and support IPs of vendor. 

ip access-list extended RestrictedAccess
   permit ip 103.23.228.81 255.255.255.255 any 
   permit ip 203.0.118.0 255.255.255.0 any
   permit ip 123.23.93.88 255.255.255.255 any
   deny ip any way

On the Trisul NetFlow server set the other IP in the /31 subnet. Say the interface name is eth0 

 ip addr add 203.0.118.33/31 dev eth0
 ip route add default via 203.0.118.0 dev eth0
netflow/config.1743509407.txt.gz · Last modified: 2025/04/01 17:40 by veera