Hello

Today we will demonstrate how simple it is to configure your Mikrotik router to export Netflow.

Here we have our Server information that will receive the Streams:

Source IP (Src-address): 192.168.210.49
Netflow's server: 192.168.210.47
Netflow port: 2055
Netflow version: 9

The first step to configure the Mikrotik is to access it through Winbox or if you prefer CLI, in this first example we will demonstrate through Winbox

Go to Menu: IP -> Traffic Flow

Menu: IP -> Traffic Flow

Inside the Traffic Flow menu you need to configure

Mark the Enabled option
Configure which interface(s) you will export Netflow
Cache Entries: Usually values are 1M to 4M (depending on your router’s memory)

By configuring these options your router is Netflow enabled, but you still need to configure Targets to export to your Netflow server.

Traffic Flow

Next step is to configure the Targes, they are the server(s) that will receive the Netflow data

Click on the Targets Option and then on Add

Set the options as configured in your Netflow Server

Src. Address (Source IP): 192.168.210.49
Dst. Address (Netflow Server IP): 192.168.210.47
Port: 2055
Version: 9

Configuring Targets within Traffic Flow

With these settings your router will already be exporting data, if you want to check it you can go into the Menu: IP -> Traffic Flow, into the Status Option and check if the Flows are finished or Active.

Traffic Flow Status

With these settings your router is already exporting Netflow information.

If you want to configure by CLI (command line) here are the commands used:

/ip traffic-flow
  set cache-entries=2M enabled=yes
/ip traffic-flow target
  add dst-address=192.168.210.47 src-address=192.168.210.49

Check out the video of Netflow configuration on RouterOS

Configuring Traffic Flow in Mikrotik

For more information access Mikrotik’s Documentation at: https://wiki.mikrotik.com/wiki/Manual:IP/Traffic_Flow

Subscribe to our newsletter and receive this and many other networking tips.

Big hug and see you next time.