Join Lazaro Diaz for an in-depth discussion in this video Disecting network traffic with NetFlow, part of CCNA Cert Prep: ICND2.
- Okay here we are with NetFlow, the last of the three monitoring protocols that we're going to talk about. Now NetFlow is a protocol developed by Cisco for collecting IP information and traffic, but NetFlow is the fun protocol because this tells us everything that's going on on your network. NetFlow not only tracks the flow of information but it tells us the why and the who is slowing down a network.
When I say why, image if we were looking at bandwidth. But why is my bandwidth slow? I need to justify this to my boss. Listen our bandwidth is slow, well yeah why? Well now NetFlow will tell us why it's slow. Because an individual is passing information that's huge and there's no need for it. Whether it be across a wider network or the local network. This protocol, this NetFlow, tells us all that information. So it's very good. You can't get away from NetFlow.
Now what does it actually look at? Well it's going to track, it's going to keep looking at IP addresses. So you can't hide your IP address, it knows who you are. And it's going to look at the protocol that you're using. So whatever protocol you set to use, it's going to look at that. It's going to look at the port number. Now you know how they get you. They know which port you came out of. And your MAC address which you can't change right? That's your MAC address, it's burned in. So you know they know your IP address, your MAC address, your protocol, your port number, they know everything where that information came from.
So again, NetFlow would be the way to go. Now NetFlow tables they're unreadable. Just like the rest of these two protocols that you can't really understand them unless you use what? Third-party applications such as, Wireshark, or SolarWinds. These two applications will put your information in nice little pie charts and bar graphs and line graphs and percentages. And that way you can look at something that's understandable.
Because it's color coded and what have you. So definitely keep this in mind, you want to look at third-party applications such as Wireshark so you can go ahead and understand what you're looking at. And for your certification there are three points that you need to remember. One, NetFlow monitors network traffic. Keep that drilled in your head. Two, captures identifying details as we saw, IP address, protocols, port numbers, MAC addresses, all that. And the final and third point is it knows the why the network conditions are present so you can go ahead and then go to the higher ups and justify the need to increase your bandwidth, your memory, or whatever it is.
So these are your final three points to assure vacation that you need to remember. And there you go, there's your NetFlow.
- LAN switching
- The Spanning-Tree Protocol
- Backing up and restoring Cisco devices
- IP services (FHRP, syslog, GLBP, and SNMP v2 and v3)
- Configuring EIGRP
- IP routing via OSPF
- Setting up wide area networks (WANs) with PPP and frame relay
- Understanding virtual private networks (VPNs)
Using Packet Tracer and cabling, you'll learn how to combine these protocols and technologies to create redundant switch networks that are stable and fast. Along the way, Laz provides practical examples of networking challenges that you'll encounter in the exam and in real life.