Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            KB-001 How to Configure IPFIX Export on Nutanix AHV (OVS & Prism Central API)

            Created by Logic Insight Support, Modified on Thu, 18 Dec at 7:53 AM by Logic Insight Support

            How to Configure and Enable IPFIX Flow Export on Nutanix AHV (OVS & Prism Central API Guide)

            This definitive, step-by-step guide walks you through enabling **IPFIX network flow export on Nutanix AHV** using both the manual, host-level **Open vSwitch (OVS)** configuration and the centralized, persistent **Prism Central Networking v4 API** method. We provide full command examples, API requests, and essential tuning best practices for flow sampling, caching, and performance optimization.

            **Tags/Related Keywords:** Nutanix IPFIX, AHV flow export, configure IPFIX on Nutanix, Prism Central IPFIX API, OVS IPFIX setup, Nutanix traffic monitoring, Open vSwitch IPFIX.

            Overview: Why Use IPFIX on Nutanix AHV?

            **IPFIX** (Internet Protocol Flow Information Export) enables the collection of critical network traffic metadata — such as conversations between virtual machines, bandwidth usage, and **east-west traffic** patterns — directly from the **Nutanix AHV hypervisor**. This is essential for comprehensive **Nutanix traffic monitoring**.

            There are two supported methods to **enable IPFIX on Nutanix**:

            1. Manual host-level configuration via Open vSwitch (OVS)
            2. Centralized configuration using the Prism Central Networking v4 API (recommended for production)

            The official **Nutanix API reference for IPFIX exporters** is available at:
             Official Nutanix Networking v4 API Reference (IPFIX) 

            Prerequisites for AHV IPFIX Setup

            • Nutanix AHV cluster with Prism Central
            • Administrator SSH credentials or API credentials
            • **IP address and UDP port** of your IPFIX collector (example: 192.168.1.250:2055)
            • Prism Central networking API reachable on TCP 9440

            Method 1 — Configure IPFIX on Nutanix AHV Using OVS (For Testing)

            This method configures **IPFIX directly on each AHV host** using Open vSwitch. It is suitable for lab environments, temporary testing, or troubleshooting. **Important:** Configurations applied this way may be overwritten during AHV upgrades or host redeployments, making it unsuitable for production.

            Step 1 — SSH into an AHV Host

            ssh nutanix@<AHV_HOST_IP>

            Step 2 — Create the IPFIX Exporter

            Generic command template:

            ovs-vsctl -- --id=@ipfix create IPFIX \
    targets="collector-ip:port" \
    sampling=512 \
    obs_domain_id=1 \
    obs_point_id=1 \
    cache_active_timeout=60 \
    cache_max_flows=10000 \
    -- set Bridge br0 ipfix=@ipfix

            Example using collector 192.168.1.250:2055:

            ovs-vsctl -- --id=@ipfix create IPFIX \
    targets="192.168.1.250:2055" \
    sampling=512 \
    obs_domain_id=1 \
    obs_point_id=1 \
    cache_active_timeout=60 \
    cache_max_flows=10000 \
    -- set Bridge br0 ipfix=@ipfix

            Step 3 — Validate Configuration

            ovs-vsctl list IPFIX

            This confirms the **OVS exporter** is configured and that the sampling and cache parameters are active.

            Method 2 — Configure IPFIX Using Prism Central v4 API (Recommended for Production)

            Using the **Prism Central Networking API** ensures centralized, persistent IPFIX configuration across all AHV hosts.   This method is the safest and preferred approach for production clusters.

            API Endpoint

            https://<PRISM-CENTRAL-IP>:9440/api/networking/v4.0/config/ipfix-exporters

            The exporter object is defined in the Nutanix API as the **IPFIXExporter** model.

            Create IPFIX Exporter — PowerShell Example

            $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Ntnx-Request-Id", "8038d8df-b7bf-478d-aee2-ae77bc235206")
$headers.Add("Content-Type", "application/json")
$headers.Add("Authorization", "Basic <BASE64-ENCODED-CREDENTIALS>")

$body = @"
{
  `"name`": `"stats-exporter-PC`",
  `"collectorIp`": `"192.168.1.250`",
  `"protocol`": `"UDP`",
  `"collectorPort`": 2055,
  `"exportRateLimitPerNodeBps`": 56,
  `"exportScopes`": [
    {
      `"uuid`": `"8a0a027b-8769-4063-bfbe-ba1b48867a81`",
      `"scopeType`": `"PC"`
    }
  ],
  `"description`": `"Nutanix IPFIX exporter`"
}
"@

$response = Invoke-RestMethod `
  "https://<PRISM-CENTRAL-IP>:9440/api/networking/v4.0/config/ipfix-exporters" `
  -Method POST `
  -Headers $headers `
  -Body $body

$response | ConvertTo-Json

            Retrieve Existing Exporters

            Invoke-RestMethod `
"https://<PRISM-CENTRAL-IP>:9440/api/networking/v4.0/config/ipfix-exporters" `
-Method GET `
-Headers @{ Authorization = "Basic <BASE64-ENCODED-CREDENTIALS>" }

            Delete an IPFIX Exporter

            Invoke-RestMethod `
"https://<PRISM-CENTRAL-IP>:9440/api/networking/v4.0/config/ipfix-exporters/<EXPORTER-UUID>" `
-Method DELETE `
-Headers @{ Authorization = "Basic <BASE64-ENCODED-CREDENTIALS>" }

            Detailed Explanation of IPFIX OVS Parameters

            sampling=512
obs_domain_id=1
cache_active_timeout=60
cache_max_flows=10000
            ParameterDescription
            samplingPacket sampling rate for **Nutanix traffic monitoring**. 512 = approximately 1 out of every 512 packets is analyzed. Lower values increase accuracy but generate more records and CPU usage.
            obs_domain_idObservation Domain ID (ODID). Identifies which **IPFIX exporter domain** generated the flow data — useful when multiple hosts send flows to one collector.
            obs_point_idObservation Point ID (OPID). Identifies the bridge or collection point (e.g., **OVS bridge br0**) inside the observation domain.
            cache_active_timeoutMaximum number of seconds a flow is aggregated before being exported. Ensures long-running flows are periodically emitted instead of indefinitely stored.
            cache_max_flowsUpper limit on aggregated flow records. When reached, all cached flows are flushed to prevent high memory usage on the AHV host.

            Recommended Best-Practice Values for AHV IPFIX

            • **Sampling:** 512–1024 in most production deployments
            • **Active timeout:** 60 seconds
            • **Max cached flows:** 1,000 – 10,000 depending on scale
            • Use unique obs_domain_id or obs_point_id values if exporting from many hosts or multiple bridges

            Operational Best Practices

            • Use the **Prism Central API** for persistent configuration.
            • Validate exports after each change using the ovs-vsctl list IPFIX command or via API GET.
            • Monitor collector CPU and disk IO — adjust **sampling rate** if collector load increases.
            • Use a dedicated flow collector for large AHV clusters.

            Official References

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0