The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Intelligent Services Gateway (ISG) is a Cisco IOS XE software feature set that provides a structured framework in which edge devices can deliver flexible and scalable services to subscribers. This module describes the Layer 4 Redirect Logging feature.
The Layer 4 Redirect feature must be enabled. For configuration information, see the module “Redirecting Subscriber Traffic Using ISG Layer 4 Redirect” in the Intelligent Services Gateway Configuration Guide, Cisco IOS XE.
The Layer 4 Redirect Logging feature allows ISG to capture records of the creation and deletion events for Layer 4 redirect translation entries. These records can identify users who have applications that do not react to HTTP redirect.
The ISG router acts as an exporter of the Layer 4 redirect logging information, sending a UDP packet periodically to the configured external collector. The packet contains all of the Layer 4 redirect logging records, in the NetFlow version 9 export format, for IPv4, IPv6, and dual-stack sessions. The ISG router tracks every creation and deletion event for Layer 4 redirect translation entries on the router. A packet containing the logging records is generated and sent to the external collector after the first of one of the following events occurs:
A predefined amount of Layer 4 redirect logging data has accumulated in the local buffer.
A predefined amount of time has passed without the router sending any data records to the collector, and there are data records in the local buffer to be sent.
If more than one type of logging feature is configured on the same router (for example, network address translation (NAT) or Firewall), the number of events that can be generated at one time is shared among all of the logging features. Logging requests are served on a first-come first-serve basis.
Any external collector that supports the NetFlow version 9 or IP information export (IPFIX) protocol can be used to process Layer 4 redirect logging data exported by the ISG router.
The Layer 4 Redirect Logging records that the ISG router sends to the collector use a preconfigured template format. The NetFlow version 9 export packets include a NetFlow packet header followed by the data records and template records that define the structure of the data records, in a format corresponding to the configured template.
The following tables list the fields that are included in records sent to the external collector, in the basic and extended IPv4 and IPv6 templates. The fields are listed in the order in which they appear in the templates. All of the fields in the basic template are also included in the extended template. The last four fields listed in the tables below are the additional fields that are included only in the extended template.
|
Field Name |
Field Type |
Field Length (bytes) |
Description |
|---|---|---|---|
|
sourceIPv4Address |
8 |
4 |
Source IPv4 address. |
|
sourceTransportPort |
7 |
2 |
Source port number in the transport header. |
|
destinationIPv4Address |
12 |
4 |
Destination IPv4 address. |
|
destinationTransportPort |
11 |
2 |
Destination port number in the transport header. |
|
l4rServerIPv4Address |
44000 |
4 |
Layer 4 redirect server IPv4 address. |
|
l4rServerTransportPort |
44001 |
2 |
Layer 4 redirect server port number. |
|
protocolIdentifier |
4 |
1 |
Protocol number in the IP header. |
|
l4rEvent |
44003 |
1 |
1—Translation Entry Create event 2—Translation Entry Delete event |
|
l4rEventTimestamp |
44004 |
4 |
Time stamp for this Layer 4 Redirect event. |
|
inPackets |
2 |
4 |
Incoming packet counter. |
|
outPackets |
24 |
4 |
Outgoing packet counter. |
|
flowId |
148 |
4 |
ASR internal identifier (EVSI#) of the session or traffic class on which the Layer 4 Redirect feature is configured. |
|
Field Name |
Field Type |
Field Length (bytes) |
Description |
|---|---|---|---|
|
sourceIPv6Address |
27 |
16 |
Source IPv6 address. |
|
sourceTransportPort |
7 |
2 |
Source port number in the transport header. |
|
destinationIPv6Address |
28 |
16 |
Destination IPv6 address. |
|
destinationTransportPort |
11 |
2 |
Destination port number in the transport header. |
|
l4rServerIPv6Address |
44002 |
16 |
Layer 4 redirect server IPv6 address. |
|
l4rServerTransportPort |
44001 |
2 |
Layer 4 redirect server port number. |
|
protocolIdentifier |
4 |
1 |
Protocol number in the IP header. |
|
l4rEvent |
44003 |
1 |
1—Translation Entry Create event 2—Translation Entry Delete event |
|
l4rEventTimestamp |
44004 |
4 |
Time stamp for this Layer 4 redirect event. |
|
inPackets |
2 |
4 |
Incoming packet counter. |
|
outPackets |
24 |
4 |
Outgoing packet counter. |
|
flowId |
148 |
4 |
ASR internal identifier (EVSI#) of the session or traffic class on which the L4R feature is configured. |
| Command or Action | Purpose | |
|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode.
|
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
|
Step 3 |
flow exporter exporter-name Example: |
Creates the flow exporter and enters flow exporter configuration mode.
|
|
Step 4 |
destination {ip-address | hostname } [vrf vrf-name ] Example: |
Specifies the IP address or hostname of the destination system for the exporter. |
|
Step 5 |
source interface-type interface-number Example: |
Specifies the local interface from which the exporter will use the IP address as the source IP address for exported datagrams. |
|
Step 6 |
transport udp udp-port Example: |
Specifies the UDP port on which the destination system is listening for exported datagrams. |
|
Step 7 |
export-protocol netflow-v9 Example: |
(Optional) Specifies the version of the NetFlow export protocol used by the exporter.
|
|
Step 8 |
template data timeout seconds Example: |
(Optional) Configure resending of templates based on a timeout. |
|
Step 9 |
exit Example: |
Exits flow exporter configuration mode and returns to global configuration mode. |
|
Step 10 |
redirect log translations {basic | extended} exporter exporter-name Example: |
|
|
Step 11 |
exit Example: |
Exits global configuration mode and returns to privileged EXEC mode. |
|
Step 12 |
show flow exporter exporter-name Example: |
(Optional) Displays the current status of the specified flow exporter. |
The following example shows that a flow exporter named L4R-EXPORTER is enabled to send Layer 4 Redirect logging information to an external collector:
flow exporter L4R-EXPORTER
destination 172.16.10.2
source GigabitEthernet 0/0/0
transport udp 650
template data timeout 120
!
!
redirect log translations basic exporter L4R-EXPORTERSource IPv4 Address 10.1.1.1, Port 1024,
Destination IPv4 Address 10.10.1.1, Port 80,
L4R Server IPv4 Address 10.1.10.1, Port 8000,
Protocol TCP, Translation Entry Create Event
Source IPv6 Address 1000::1, Port 1024,
Destination IPv6 Address 2000::1, Port 80,
L4R Server IPv6 Address 2001:ABCD:14::6, Port 8000,
Protocol UDP, Translation Entry Delete Event
|
Related Topic |
Document Title |
|---|---|
|
Cisco IOS commands |
|
|
Configuring Layer 4 redirect |
“Redirecting Subscriber Traffic Using ISG Layer 4 Redirect” module in the Intelligent Services Gateway Configuration Guide, Cisco IOS XE |
|
ISG commands |
|
|
NetFlow commands |
|
Description |
Link |
|---|---|
|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.|
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
Layer 4 Redirect Logging Enhancement |
Cisco IOS XE Release 3.5S |
Allows ISG to export Layer 4 redirect logging information to an external collector. The following command was introduced: redirect log translations. |
|
RaBaPol Web Traffic L4 Redirect Logging Enhancement |
Cisco IOS XE Release 3.5S |
Allows ISG to export Layer 4 redirect logging information to an external collector. |
Feedback