AVC Minimum IOS Configurations
The minimum set of configurations for AVC consists of two parts. First, the flow exporter, flow record and flow monitor must be configured for MACE (Measurement, Aggregation, and Correlation Engine). Second, NBAR must be configured for protocol-discovery. An example is shown below.
!Configure flow exporter for the LiveNX server
flow exporter LIVENX
destination 172.16.67.141
transport udp 2055
template data timeout 15
option interface-table
option application-table timeout 20
!Configure MACE flow record
flow record type mace MACE-RECORD
collect ipv4 dscp
collect interface input
collect interface output
collect application name
collect counter client bytes
collect counter server bytes
collect counter client packets
collect counter server packets
collect art all
!
!Configure MACE flow monitor
flow monitor type mace MACE-MONITOR
record MACE-RECORD
exporter LIVENX
!
!Configure access-list and class-map for classification
!of traffic. This example, has a wide open ACL.
!This can be fine tuned for only traffic of interest.
ip access-list extended MACE-ACL
permit IP any any
class-map match-any MACE-TRAFFIC-CLASS
match access-group name MACE-ACL
!
!Configure MACE policy-map and apply flow-monitor action to thepolicy-map policy-map type macemace_global
class MACE-TRAFFIC-CLASS
flow monitor MACE-MONITOR
!
!Enable mace and nbar protocol-discovery on monitored interfaces
!note that ip nbar protocol-discovery may be applied through LiveNX
!during the add device process. Enable mace on the WAN edge interface. interface gig 0/1
description
ip nbar protocol-discovery
mace enable