From monitoring it is possible to enable the NetFlow protocol on the portgroup. Once enabled, you can configure the NetFlow collection IP address and TCP Port number on the Netflow Settings of the Distributed Switch. By default NetFlow is disabled on the Distributed Portgroup.
To use NetFlow you will need a collector that gathers the statistics generated by the NetFlow protocol. There are number of free open-source Netflow Collectors as well as commercially available ones as well. This section uses a 30-day evaluation of Scrutinizer NetFlow & sFlow Analyzer from Plixer. They also have a free edition with some feature limitations. It Supports unlimited interfaces on up to 5 routers and stores data for just 24 hours. They also have a Virtual Appliance Edition for which you can apply for a license key.
1. Start by modifying the NetFlow Settings on Distributed Switch underneath the Manage tab, and Edit settings
2. In this configuration box you will need to set the IP address of the collector, together with the TCP port number the NetFlow Connector listens on for NetFlow traffic – typically Scrutinizer listens for devices on ports 2055, 2056, 4432, 4739, 9995, 9996, 6343 by default. The second IP address is a management address assigned to the Distributed Switch (this is not the IP address of the physical switches to which the VMware ESXi hosts are connected).
3. Next configure your Advanced Settings which control the rate of collection.
4. Finally, enabled the NetFlow Setting on the properties of a Distributed Portgroup
5. After a short while the NetFlow Collector should start receiving information from the distributed in the case of Scrutinizer its possible to create groupings – to gather your various Distributed Switch into single view separating from other devices reporting NetFlow information.
From the Reports within Scrutinizer node under the registered Distributed Switch its possible to run reports that cover different time periods and traffic types. For instance this 24-hour report shows traffic between various VMs configured for the Distributed Switch.
