Talaia has become renowned for giving detailed insight into networks worldwide, and to that end Talaia needs accurate data. Here's how to make sure your Cisco router is sending us nothing but the truth.

The most important data that must be correct are the date and time. It's basic, but it's crucial. It's critically important for the clock and the timezone to be set correctly on all devices from which you'll be sending us data, and that the clocks on all such devices are in sync with each other.

Failure to adhere to this hard requirement can lead to unpredictable results such as incorrect visualisation or no data being displayed, so here's how to do it right.

0:  Overview

This guide will walk you through some steps to:

  • Enable DNS lookups so names like pool.ntp.org are usable;
  • Make sure the date, time, and timezone are correctly set;
  • Enable NTP synchronisation to make sure the date and time don't drift, but rather remain correct over time;
  • Enable NetFlow export to Talaia.

If you're ever not sure how to complete a command, press the ? key and IOS will display the options available to you at that point.

1:  Enabling DNS Lookups

First, you'll want to ensure you've enabled DNS lookup functionality on your router. The following commands will achieve this; replace 8.8.8.8 and 8.8.4.4 with the DNS servers you'd like to use:

enable
ip domain lookup
ip name-server 8.8.8.8 8.8.4.4
exit

2:  Date, Time, Timezone, and NTP Configuration

NetFlow and its brethren include timestamp information that increases the level of insight Talaia can provide, so it's important for these timestamps to be correct.

Once the clock in your equipment is right, it's the job of the Network Time Protocol, or NTP for short, to keep it that way.

Below are some configuration snippets which you can customise as needed. (At the very minimum you'll need to substitute the correct date and time, accurate to within a few minutes, for NTP synchronisation to be successful.)

If none of these snippets reflect the correct timezone in your location, you must edit the timezone and summer-time rules accordingly.

If daylight saving time is not observed in your location, omit the clock summer-time command.

  • North America (specifically Eastern Time, UTC-5):
enable
configure terminal
clock set 09:00:00 1 Jan 2018  ! Adjust this so it's basically correct
clock timezone EST -5 0
clock summer-time EDT recurring 2 Sun Mar 02:00 1 Sun Nov 02:00
ntp server pool.ntp.org prefer
ntp update-calendar
exit
  • Europe (specifically Central European Time, UTC+1):
enable
configure terminal
clock set 09:00:00 1 Jan 2018  ! Adjust this so it's basically correct
clock timezone CET +1 0
clock summer-time CEST recurring last Sun Mar 02:00 last Sun Oct 03:00
ntp server pool.ntp.org prefer
ntp update-calendar
exit
  • Brazil (specifically Brasília, UTC-3):
enable
configure terminal
clock set 09:00:00 1 Jan 2018  ! Adjust this so it's basically correct
clock timezone BRT -3 0
clock summer-time BRST recurring 3 Sunday October 00:00 3 Sunday February 00:00
ntp server pool.ntp.org prefer
ntp update-calendar
exit
  • Australia (specifically Sydney, UTC+11):
enable
configure terminal
clock set 09:00:00 1 Jan 2018  ! Adjust this so it's basically correct
clock timezone AEST +11 0
clock summer-time AEDT recurring 1 Sunday October 02:00 1 Sunday April 03:00
ntp server pool.ntp.org prefer
ntp update-calendar
exit


More info about NTP configuration on Cisco routers is available here; more information on pool.ntp.org is available here.

Now you'll want to make sure the settings to the date, time, and timezone took effect:

show clock detail

Let's make sure the unit has synchronised with an NTP server:

show ntp status

If you see Clock is synchronized, you're good to go; lock in your changes so they'll survive a reboot of the router:

copy running-config startup-config

Now you've got a great foundation from which you'll send us valid data; onward!

3:  Enabling NetFlow Export

At this point, you're ready to enable NetFlow export.

First, sign in to the Talaia Dashboard and make note of the IP address and port shown where you should export NetFlow.

Let's get a few things set up first (substituting IPADDRESS and PORT as appropriate):

enable
configure terminal
ip flow-cache timeout active 1
ip flow-cache timeout inactive 15
ip flow-capture vlan-id
ip flow-capture mac-addresses
ip flow-export version 9 origin-as
ip flow-export destination IPADDRESS PORT

Now let's enable NetFlow collection on the interface(s) from which you want to capture information.

Assuming your router is running at least version 12.0(22)S, 12.2(14)S, or 12.2(15)T of IOS, and you want to capture information from one main external interface called GigabitEthernet0/1, you'd use the following:

interface GigabitEthernet0/1
ip flow ingress

If you're using a version of IOS older than 12.0(22)S, 12.2(14)S, or 12.2(15)T, you'll want to use the following instead to enable NetFlow collection on that interface:

interface GigabitEthernet0/1
ip route-cache flow

Then let's exit configuration mode and make sure our changes took effect:

exit
show ip cache flow
show ip flow interface
show ip flow export
show ip flow export template

If so, great! Let's save our changes:

copy running-config startup-config


More info on NetFlow export configuration on Cisco routers is available here.

  • If you run into trouble, we'd be happy to examine the current configuration of the router and provide the exact commands needed to ensure proper integration with your specific network. If you'd like us to do so, please perform the following commands, which will dump the complete running configuration of the router. Redact any security-sensitive information as you see fit, then send us the output.
enable 
terminal length 0
show run
Did this answer your question?