NetFlow is an industry standard for collecting and analyzing network data. It is a collection of related network packets traveling in sequence in the same direction, sharing specific characteristics, including source IP address, target IP address, source port, target port, and type of service. Ethernet switches that support the NetFlow protocol can be configured to identify net flows and send data about the net flow to net flow receivers. NetFlow analyzers can be used to analyze the collected data and produce reports.
Some examples of NetFlow analysis products are Solarwinds NetFlow Traffic Analyzer and OptiView NetFlow Tracker.
NOTE: you can only configure NetFlow in Virtual Distributed Switch (vDS) and by default it is disable. It is not possible to configure it on Virtual Standard Switch (vSS).
I have downloaded and installed the Solarwind “Real time NetFlow Analyzer”.it free product. Let’s configure my vDS to send data on this NetFlor Analyzer.
To Configure the NetFlow on vDS.
From Webclient Home -> Networking -> Choose You vDS-> Manage -> Settings-> NetFlow -> Click “Edit”
First “IP Address and Port” is the NetFlow Analyzer Collector IP address and Port.
The Switch IP address is a management address assigned to the Distributed Switch (this is not the IP address of the physical switches to which the VMware ESXi hosts are connected).In other words Switch IP just present as device on NetFlow and with this IP address we can easily tell the traffic source on NetFlow. Leave reset of the setting as default-> Click “OK”
Next “Enable NetFlow”. You can enable/disable NetFlow on Per PortGroup basis at vDS. But I am going to enable it on my vDs Uplinks which are connected to all of my vDS PortGroups.
Right Click on the DvUplinks -> Click “Edit Settings”
In Monitoring -> From Dropdown Choose “Enabled” -> Click “OK”
Now everything is set from vDS end.