# Configuring Traffic Monitors Via Cisco SD-WAN

Cisco SD-WAN environments require a different configuration approach for network flow compared to standalone IOS-XE or Nexus devices. In SD-WAN deployments, you configure a centralized Cflowd policy through the Cisco SD-WAN Manager (formerly vManage), rather than manually configuring individual devices.

See the Cisco documentation titled [Cisco SD-WAN Policies Configuration Guide for Cisco IOS XE Release 17.x](https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/policies/ios-xe-17/policies-book-xe/traffic-flow-monitor.html#traffic-flow-mon-config) for instructions to set up and configure Cflowd. Refer to the example below to create a Cflowd policy for your sites.

{% hint style="info" %}
**Notes for Cisco SD-WAN networking platform:**

* For Cisco SD-WAN environments that use Cisco Catalyst SD-WAN, see [Traffic Monitor Requirements](https://docs.thousandeyes.com/product-documentation/traffic-insights/traffic-insights-system-requirements/traffic-monitor-requirements).
* The forwarder used for Traffic Insights must have **SNMP read-only** access to the devices that are sending Cflowd.
* If this is a new network device, you may have to create a feature template for it. Additionally, make sure sites are already created before following the steps listed below as they will be assigned to the Cflowd policy.
  {% endhint %}

## Create Cflowd Policy Via UI

### Locate or Create a Centralized Policy

Locate the centralized default policy in your Cisco SD-WAN manager. If you do not have one, you need to create one. In the following example, you create a policy called "Default\_Central\_Policy".

1. Go to **Configuration > Policies > Centralized Policies > Default\_Central\_Policy**.
2. Select "..." (ellipsis).
3. Click **Edit**.

   ![Cisco Catalyst SD-WAN Screen](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-3c61391470d1281352467208a8bf9cbe18cae92b%2Fconfig-guide-4.png?alt=media)
4. Select **Traffic Rules** as shown in the figure above.

   ![Traffic rules screen](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-700d00e008ce8b2499d058ac9afe674c860429bd%2Fconfig-guide-5.png?alt=media)
5. Select the **Cflowd** tab.
6. Click **Add Policy**.

   ![Add Cflowd policy screen](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-6b48eb2bd4a88ceb35e7e6fdb1516885f51ead75%2Fconfig-guide-6.png?alt=media)
7. In the Cflowd Policy screen, fill in the following fields:

* **Name**: Enter a policy name, in this example we use *ThousandEyes-ETM.*
* **Description**: Enter a simple description for the policy.
* **Active Flow Timeout**: 60
* **Inactive Flow Timeout**: 15
* **Flow Refresh**: 120
* **Sampling Interval**: 1
* **Protocol**: IPv4 (an additional policy can be created for IPv6).

11. Click **New Collector** and fill in the following fields:

* **VPN ID**: Use the VPN that will send traffic to the cflowd collector.
* **IP Address**: IP of the ThousandEyes Enterprise Agent that has Traffic Insights enabled.
* **Port**: 18089 (that can be customized for example 9995).
* **Transport Protocol**: TCP or UDP (this must match the forwarder settings in [Enabling and Managing Forwarders](https://docs.thousandeyes.com/product-documentation/traffic-insights/traffic-insights-configuration-guide/enabling-managing-forwarders)).
* **Source Interface**: Type the interface that will send Cflowd records to the forwarder. Use the dropdown to help select the interface type.

11. Click **Add**.
12. Click **Save Cflowd Policy**.

![Cflowd apply policy to sites](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-5761cd236118d6d832d4ec63c4f314e8cb0721bc%2Fconfig-guide-7.png?alt=media)

### Apply the Cflowd Policy to Sites

* Select **Policy Application**.
* Click the **Cflowd** tab.
* Click the **+ New Site List**.
  * Select your site(s) from the popup list.
  * Click **Add**.
  * Click **Save Policy Changes** to update your policy.

## Create Cflowd Policy Via Command-Line

Below is a command-line example of the Cflowd configuration; the IP address 192.168.100.176 and port 18089 refer to the Enterprise Agent that has been enabled as a forwarder.

```
#show sdwan policy from-vsmart cflowd-template 
  flow-active-timeout 60 
  flow-inactive-timeout 15 
  template-refresh 120 
  flow-sampling-interval 1 
  protocol ipv4 
  no collect-tloc-loopback 
  customized-ipv4-record-fields 
    no collect-tos 
    no collect-dscp-output 
  collector vpn 2 address 192.168.100.176 port 18089 transport transport_udp
    source-interface GigabitEthernet0/0/3 
    bfd-metrics-export  
    export-interval 60
```

Additionally, the command `show sdwan app-fwd cflowd statistics` can be used to verify flow statistics.