Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

 

 

 

Home > Success Center > Netflow Traffic Analyzer (NTA) > NTA 4.2.2 Administrator Guide > Common tasks and user scenarios > Prepare to monitor autonomous systems

Prepare to monitor autonomous systems

SolarWinds NTA collects and stores information regarding autonomous systems that network devices send in the NetFlow packets they export. You set up a network device for exporting autonomous system information as part of setting up the device to export NetFlow.

Since in sFlow BGP/AS information is provided in a special and extended header, SolarWinds NTA does not collect and process BGP/AS data for sFlow.

SolarWinds NTA collects NetFlow data, by default on port 2055, only if a network device is specifically configured to send to it. As a NetFlow collector, SolarWinds NTA can receive exported NetFlow version 5 data and NetFlow version 9 data that includes all fields of the NetFlow version 5 template. Once it collects NetFlow traffic data, SolarWinds NTA analyzes device bandwidth usage in terms of the source and destination endpoints of conversations reflected in the traffic.

All of these things need to be done for SolarWinds NTA to correctly monitor autonomous system networks through BGP:

  • Each device must be configured as part of an autonomous system network, with specified connections to all neighbors within the system.
  • Each device must be configured to export NetFlow data to SolarWinds NTA. For more information about required fields, see Autonomous system requirements.
  • Each device must be configured to include one of the following statistics into the NetFlow exports:
    • origin-as command includes the origin AS for the source and destination.
    • peer-as command includes the peer AS for the source and destination.

      You cannot include both origin and peer statistics.

  • Each device that exports NetFlow data to SolarWinds NTA must be monitored in SolarWinds NPM.

Traffic from a device that is not monitored in SolarWinds NPM appears only in aggregate as part of the traffic from all unmonitored devices. If the device is setup to export data to SolarWinds NTA, but is unmonitored in SolarWinds NPM, the collector may receive the data without being able to analyze it meaningfully.

The specific interface through which a device exports NetFlow data must be monitored in SolarWinds NPM, and the interface index number for this interface in the SolarWinds Orion database (interface table) must match the index number in the collected flow data.

Set up a device for monitoring by SolarWinds NTA as part of an autonomous system

  1. Log in to the network device.
  2. Based on the documentation of the device, you would minimally do these things, adding the appropriate commands to the configuration file:
    1. Enable a BGP routing process, which places you in router configuration mode.
    2. Flag a network as local to this autonomous system and enter it to the BGP table. Enter as many networks as needed.
    3. Specify BGP neighbors. Enter as many neighbors as needed.

      For example, for detailed information on BGP configuration for Cisco devices, see this Cisco documentation.

  3. Enable NetFlow export from your device.
  4. Add the device exporting NetFlow to SolarWinds NPM for monitoring.

    If you are adding a large number of NetFlow enabled nodes, use Orion Network Sonar. For more information, see Discovering and Adding Network Devices in the SolarWinds Network Performance Monitor Administrator Guide.

    If you are only adding a few nodes, it may be easier to use Web Node Management in the Orion Web Console. For more information, see Adding Devices for Monitoring in the Orion Web Console in the SolarWinds Network Performance Monitor Administrator Guide.

  5. Verify that the device is exporting NetFlow data as expected and that the device is monitored in SolarWinds NPM.

    To verify that data are exported correctly, use a packet capture tool, such as WireShark, to search for packets sent from the network device to the Orion server.

    Example

    If you successfully add a NetFlow enabled device with IP address 10.199.14.2 to SolarWinds NPM, and the device is actively exporting NetFlow data to the Orion server, you will see in WireShark a packet like the one (49) highlighted below in gray:

    File:Success_Center/Reusable_content_-_InfoDev/NTA/NTA-Mindtouch-CHM/070/050/03000026_440x210.png

     

    As expected, we see in the packet details that 10.199.14.2 is its source IP address and 10.110.6.113 is the destination, which is the Orion server. This correlates with the node details on the device in Orion, as highlighted in yellow.

    To verify that the IP address of the exporting interface on the network device is the one being monitored in Orion:

    • Open a command line interface, log into the network device, and then type show run to see the running configuration of the device.
    • Page down to the lines where the export source interface is defined. In this case, we see ip flow-export source Ethernet0/0.

    To discover the IP address for this interface, type show run int Ethernet0/0. We see that the IP address of the interface, 10.199.14.2, is being monitored by the Orion server.

  6. Click My Dashboards > NetFlow > NTA Summary.

    Under NetFlow Source, verify the NetFlow-enabled nodes listed with a recent time posted for collected flow.

  7. Click My Dashboards > NetFlow > BGP. You should see chart statistics in the Top XX Autonomous Systems and Top XX Autonomous Systems Conversations resources.
 
Last modified
05:30, 24 Mar 2017

Tags

Classifications

Public