Hello
Today we will demonstrate how simple it is to configure your Mikrotik router to export Netflow.
Here we have our Server information that will receive the Streams:
Source IP (Src-address): 192.168.210.49
Netflow's server: 192.168.210.47
Netflow port: 2055
Netflow version: 9
The first step to configure the Mikrotik is to access it through Winbox or if you prefer CLI, in this first example we will demonstrate through Winbox
Go to Menu: IP -> Traffic Flow
Inside the Traffic Flow menu you need to configure
Mark the Enabled option
Configure which interface(s) you will export Netflow
Cache Entries: Usually values are 1M to 4M (depending on your router’s memory)
By configuring these options your router is Netflow enabled, but you still need to configure Targets to export to your Netflow server.
Next step is to configure the Targes, they are the server(s) that will receive the Netflow data
Click on the Targets Option and then on Add
Set the options as configured in your Netflow Server
Src. Address (Source IP): 192.168.210.49
Dst. Address (Netflow Server IP): 192.168.210.47
Port: 2055
Version: 9
With these settings your router will already be exporting data, if you want to check it you can go into the Menu: IP -> Traffic Flow, into the Status Option and check if the Flows are finished or Active.
With these settings your router is already exporting Netflow information.
If you want to configure by CLI (command line) here are the commands used:
/ip traffic-flow
set cache-entries=2M enabled=yes
/ip traffic-flow target
add dst-address=192.168.210.47 src-address=192.168.210.49
Check out the video of Netflow configuration on RouterOS
For more information access Mikrotik’s Documentation at: https://wiki.mikrotik.com/wiki/Manual:IP/Traffic_Flow
Subscribe to our newsletter and receive this and many other networking tips.
Big hug and see you next time.
