====== Do you really need Flexible NetFlow ======

Flexible NetFlow(r) (FNF)  is a feature available in Cisco routers and switches. If you are running IOS 15 or later you should have it.

We see a lot of customers struggle to configure FNF correctly because it is a much more involved process. Common mistakes

  * Forgetting to match the input interface
  * Forgetting to match the output interface
  * Forget to add the counters needed 
  * Error with matching the monitor to the exporter


What we found was most of these customers really did not need Flexible NetFlow at all. They just wanted a standard NetFlow telemetry. Instead they over complicated things with FNF. This article is for those customers who dont need the extra customization of FNF.



===== Go back to standard NetFlow =====


Here are instructions to revert the FNF and configure a standard NetfFlow v9 on all interfaces.



FNF has three objects 
  - Flow Records - defines the fields
  - Flow Exporters - defines the collectors (ie software like Trisul NetFlow) 
  - Flow Monitors - combines and record+exporter and links to an interface 

Use the following commands to list the above

<code cisco>
show flow monitor
show flow record
show flow exporter 
</code>


Remove all these 

<code cisco>
configure terminal
no flow monitor myFlowMonitor
no flow record myFlowRecord
no flow exporter myFlowExporter
exit

</code>

Then install the standard NetFlow v9 on all interfaces

<note tip>The standard in NetFlow is to enable NetFlow on ingress on all interfaces. Use the range command as shown below </note>


<code ios>
configure terminal
interface range GigabitEthernet0/1 - 24
ip flow ingress
exit
ip flow-export version 9
ip flow-export destination 192.0.2.1 2055
exit
</code>


Now you should have the NetFlow v9 configured.

It collects these fields which should be sufficient for most customers

When you enable traditional NetFlow v9 on a Cisco ASR router, the template fields typically include a variety of key and non-key fields. Here are some common fields that you might see in a NetFlow v9 template:

**Key Fields**  

  * Source IP address
  * Destination IP address
  * Source port
  * Destination port
  * Protocol
  * Input interface
  * Output interface

**Non-Key Fields**

  * Packet count
  * Byte count
  * Flow start timestamp
  * Flow end timestamp
  * Source AS (Autonomous System)
  * Destination AS
  * Source mask
  * Destination mask
  * TCP flags
  * Next hop IP address


That should do it for most folks. Use FNF only if required !!