Appealing to CCIEs, hardware vendors copy Cisco's CLI and NetFlow to get into Cisco accounts

Any Cisco CCIE will tell you they prefer to configure a Cisco router via the CLI. They love the intuitive nature of this interface and often compare it with competitive hardware interfaces when considering a purchase. For this reason, Cisco's CLI has become a standard in the industry, which many hardware vendors copy and promote when trying to get into Cisco accounts (i.e. through the 600,000-plus certified individuals in the Cisco Career Certification Program).

Vendors such as Adtran not only have a Cisco-like CLI, but they also support some of Cisco's most important features such as Activating NetFlow. Adtran supports NetFlow v9 on most, if not all, of the NetVanta line. The commands to enable it are very similar to the Cisco CLI.

For example, to globally enable NetFlow v9 on an Adtran device, the following commands must be included (i.e. not all shown) with Adtran:

<i>(config)# ip flow export destination <IP Address> <port></i>

<i>(config)# ip flow cache timeout active 1</i>

<i>(config)# ip flow export template timeout-rate 15</i>

Similar to Cisco IOS, it must be enabled per interface with Adtran:

<i>(config)# interface Ethernet 0/1</i>

<i>(config-eth 0/1)# ip flow ingress <ACL></i>

On a Cisco Router, the above can be compared to:

<i>(config)# ip flow-export version 9 
(must be specified as Cisco supports version 5 as well)</i>

<i>(config)# ip flow-export destination <IP Address> <port></i>

<i>(config)# ip flow-cache timeout active 1</i>

<i>(config)# ip flow-export template timeout-rate 15</i>

NetFlow with Cisco routers is then enabled per interface:

<i>(config)# interface Ethernet 0/1</i>

<i>(config-if)# ip flow ingress</i>

Further details can be found at http://www.adtran.com

Enterasys Networks is another vendor touting a Cisco-like CLI. Their interface includes a couple enhancements such as the ability to enable NetFlow on all ports at once. Configure NetFlow on an Enterasys device as follows:

<i>(config)#netflow set interval 1</i>

<i>(config)#netflow set ports all-ports</i>

<i>(config)#netflow source <ip-address></i>

<i>(config)#netflow set collector 
<ip-address> flow-destination-port <port></i>

<i>(config)#netflow enable</i>

Further details can be found at http://www.enterasys.com

Riverbed Steelhead appliances for WAN acceleration also support NetFlow. "All of Riverbed's Steelhead appliances ship with NetFlow support to help improve traffic visibility for our customers," said Alan Saldich - vice president product marketing at Riverbed Technology. Below are the basic commands assuming that the defaults are taken:

<i>(config)# ip flow-export destination
<ip-addr> interface <int #></i>

<i>(config)# ip flow-export enable</i>

Further details can be found at http://www.riverbed.com/products/appliances/

With so many vendors supporting Cisco's NetFlow, CCIEs can evaluate several different solutions to manage their Cisco-like hardware. Solutions such as ntop, FlowScan and Scrutinizer can all be used to view the incredible traffic details that NetFlow offers.

"It's great that Cisco opened up NetFlow to other vendors, certainly the lion's share of our business for Scrutinizer is from Cisco customers." "However, we are seeing more customers calling in needing help when they try to activate NetFlow on their Enterasys or Nortel gear," said Michael Patterson - CEO of Plixer International, Inc.

Related story:

Have you tried another vendor's NetFlow CLI interface? How does it compare with Cisco's?

Related Stories: