croustimiel
asked on
Multicast on a LAN (Cisco 3750, 2950)
Hello,
I have actually 2 remote plant interconnected by 3750 layer 3 switch.
On the LAN, I have 2950 and 2960 layer 2 switch.
I have punctually many congestion problem. That's the reason why I plug Wireshark on a 2950 switch on the LAN and I see many many UDP packet with multicast destination address. I found that the source address is a video-camera. Punctually, the multicast flow are distributed on all switch port.
Then I have multicast flow which congest my network.
How can I manage these multicast flow on my cisco devices in order the flow just take the good way to the receiver (a video recorder) ?
Could you explain me how it works ?
Thanks in advance for your help.
I have actually 2 remote plant interconnected by 3750 layer 3 switch.
On the LAN, I have 2950 and 2960 layer 2 switch.
I have punctually many congestion problem. That's the reason why I plug Wireshark on a 2950 switch on the LAN and I see many many UDP packet with multicast destination address. I found that the source address is a video-camera. Punctually, the multicast flow are distributed on all switch port.
Then I have multicast flow which congest my network.
How can I manage these multicast flow on my cisco devices in order the flow just take the good way to the receiver (a video recorder) ?
Could you explain me how it works ?
Thanks in advance for your help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I don't really see the rapport with the multicast flow ......
I am assuming that the receiver is on the same LAN so you are not routing multicast at all. Here is the command to enter:
mac address-table static [mac-addr] vlan [vlan-id] interface [interface-id]
So for example is this was on vlan 10, the reciever is on port f0/12 and the multicast mac address is 0100.5e00.0010
the command would be
mac address-table static 0100.5e00.0010 vlan 10 interface f0/12
This will tell give the switch a static entry that the destination multicast mac address is to be found at port f0/12. Now it won't broadcast the traffic anymore.
mac address-table static [mac-addr] vlan [vlan-id] interface [interface-id]
So for example is this was on vlan 10, the reciever is on port f0/12 and the multicast mac address is 0100.5e00.0010
the command would be
mac address-table static 0100.5e00.0010 vlan 10 interface f0/12
This will tell give the switch a static entry that the destination multicast mac address is to be found at port f0/12. Now it won't broadcast the traffic anymore.
Remember though that if the receiver port changes, the new port will never receive the traffic until you fix the static entry.
ASKER
I see some topics with PIM protocol, what can you say about it ?
The receiver and the transmitter are not on a specific VLAN ......
The receiver and the transmitter are not on a specific VLAN ......
What do you mean they aren't on a specific vlan? You said they were on the same LAN and subnet? If you mean that you haven't configured vlans, then the default vlan is 1.
ASKER
It's That, i just have thé default vlan.
What do you know about pim protocol, it's a multicast protocol. Why you didn't mentioned it ?
What do you know about pim protocol, it's a multicast protocol. Why you didn't mentioned it ?
It only matters when you're routing multicast. Since you're not...
The only way to have the switch know which ports should receive the multicast packets is when there is a router involved. Then, the switch can listen in on the multicast messages and learn what to do. PIM is a part of multicast but it's configured on a router, not a switch.
The only way to have the switch know which ports should receive the multicast packets is when there is a router involved. Then, the switch can listen in on the multicast messages and learn what to do. PIM is a part of multicast but it's configured on a router, not a switch.
To enable NetFlow aggregation cache schemes, use the ip flow-aggregation cache command in global configuration mode. To disable NetFlow aggregation cache schemes, use the no form of this command.
ip flow-aggregation cache {as | as-tos | bgp-nexthop-tos | destination-prefix | destination-prefix-tos | prefix | prefix-port | prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos}
no ip flow-aggregation cache {as | as-tos | bgp-nexthop-tos | destination-prefix | destination-prefix-tos | prefix | prefix-port | prefix-tos | protocol-port | protocol-port-tos | source-prefix | source-prefix-tos}
Syntax Description
as
Configures the autonomous system aggregation cache scheme.
as-tos
Configures the autonomous system type of service (ToS) aggregation cache scheme.
bgp-nexthop-tos
Configures the BGP next hop ToS aggregation cache scheme.
destination-prefix
Configures the destination-prefix aggregation cache scheme.
destination-prefix-tos
Configures the destination prefix ToS aggregation cache scheme.
prefix
Configures the prefix aggregation cache scheme.
prefix-port
Configures the prefix port aggregation cache scheme.
prefix-tos
Configures the prefix ToS aggregation cache scheme.
protocol-port
Configures the protocol-port aggregation cache scheme.
protocol-port-tos
Configures the protocol port ToS aggregation cache scheme.
source-prefix
Configures the source-prefix aggregation cache scheme.
source-prefix-tos
Configures the source prefix ToS aggregation cache scheme.
Defaults
This command is disabled by default.
Command Modes
Global configuration
Command History
Release
Modification
12.0(3)T
This command was introduced.
12.0(15)S
This command was modified to include the ToS aggregation scheme keywords.
12.2(2)T
This command was modified to enable multiple NetFlow export destinations.
12.2(14)S
This command was integrated into Cisco IOS Release 12.2(14)S.
12.3(1)
The bgp-nexthop-tos aggregation scheme keyword was added.
Usage Guidelines
The ToS (Type of Service) aggregation cache scheme keywords enable NetFlow aggregation cache schemes that include the ToS byte in their export records. The ToS byte is an 8-bit field in the IP header. The ToS byte specifies the quality of service for a datagram during its transmission through the Internet.
You can enable only one aggregation cache configuration scheme per command line. In source-prefix aggregation mode, only the source mask is configurable. In destination-prefix aggregation mode, only the destination mask is configurable.
To enable aggregation (whether or not an aggregation cache is fully configured), you must enter the enabled command in aggregation cache configuration mode. (You can use the no form of this command to disable aggregation. The cache configuration remains unchanged even if aggregation is disabled.)
Examples
The following example shows how to configure an autonomous system aggregation scheme:
Router(config)# ip flow-aggregation cache as
Router(config-flow-cache)#
The following example shows how to configure multiple NetFlow export destinations on an aggregation cache:
Router(config)# ip flow-aggregation cache destination-prefix
Router(config-flow-cache)#
Router(config-flow-cache)#
Router(config-flow-cache)#
The following example shows how to enable an autonomous system ToS aggregation scheme:
Router(config)# ip flow-aggregation cache as-tos
Router(config-flow-cache)#
Router(config)# ip flow-aggregation cache bgp-nexthop-tos
Router(config-flow-cache)#
Router(config-flow-cache)#
Router(config-flow-cache)#
Related Commands
Command
Description
mask destination
Specifies the destination mask.
mask source
Specifies the source mask.
show ip cache flow aggregation
Displays the aggregation cache configuration.
show ip cache verbose flow aggregation
Displays the aggregation cache configuration in detailed format.
ip flow-cache entries
To change the number of entries maintained in the NetFlow cache, use the ip flow-cache entries command in global configuration mode. To return to the default number of entries, use the no form of this command.
ip flow-cache entries number
no ip flow-cache entries
Syntax Description
number
Number of entries to maintain in the NetFlow cache. The valid range is from 1024 to 524288 entries. The default is 65536 (64K).
Defaults
65536 entries (64K)
Command Modes
Global configuration
Command History
Release
Modification
12.0(3)T
This command was introduced.
Usage Guidelines
Normally the default size of the NetFlow cache will meet your needs. However, you can increase or decrease the number of entries maintained in the cache to meet the needs of your flow traffic rates. For environments with a high amount of flow traffic (such as an internet core router), a larger value such as 131072 (128K) is recommended. To obtain information on your flow traffic, use the show ip cache flow EXEC command.
The default is 64K flow cache entries. Each cache entry is approximately 64 bytes of storage. Assuming a cache with the default number of entries, approximately 4 MB of DRAM would be required. Each time a new flow is taken from the free flow queue, the number of free flows is checked. If only a few free flows remain, NetFlow attempts to age 30 flows using an accelerated timeout. If only one free flow remains, NetFlow automatically ages 30 flows regardless of their age. The intent is to ensure free flow entries are always available.
Caution We recommend that you do not change the NetFlow cache entries. Improper use of this command could cause network problems. To return to the default NetFlow cache entries, use the no ip flow-cache entries global configuration command.
Examples
The following example shows how to increase the number of entries in the NetFlow cache to 131,072 (128K):
ip flow-cache entries 131072
Related Commands
Command
Description
show mpoa client
Displays the routing table cache used to fast switch IP traffic.
ip flow-export
To enable the export of information in NetFlow cache entries, use the ip flow-export command in global configuration mode. To disable the export of information, use the no form of this command.
ip flow-export {destination {ip-address | hostname} udp-port | source {interface-name} | version {1 | [{5 | 9} [origin-as | peer-as] [bgp-nexthop]]} | template {refresh-rate packets | timeout-rate minutes} [options {export-stats | refresh-rate packets | sampler | timeout-rate minutes}]}
no ip flow-export {destination ip-address | hostname} udp-port | source | version | template {refresh-rate | timeout-rate } [options {export-stats | refresh-rate | sampler |
timeout-rate }]}
Syntax Description
destination ip-address | hostname udp-port
IP address or hostname of the workstation to which you want to send the NetFlow information and the number of the UDP port on which the workstation is listening on for this input.
source {interface-name}
IP address and interface type and number for the source address.
version 1
Specifies that the export datagram uses the Version 1 format. This is the default. The version field occupies the first two bytes of the export record. The number of records stored in the datagram is variable from 1 to 24 for Version 1.
version 5
Specifies that the export packet uses the Version 5 format. The number of records stored in the datagram is variable between 1 and 30 for version 5.
version 9
Specifies that the export packet uses the Version 9 format.
origin-as
(Optional) Specifies that export statistics include the originating autonomous system (AS) for the source and destination.
peer-as
(Optional) Specifies that export statistics include the peer AS for the source and destination.
bgp-nexthop
(Optional) Specifies that export statistics include Border Gateway Protocol (BGP) next-hop related information.
template
Enables the refresh-rate and timeout-rate keywords for configuring Version 9 export templates.
refresh-rate packets
(Optional) Specifies the number of export datagrams that are sent before the options and flow templates are resent. You can specify from 1 to 600 packets. The default is 20 packets.
Note This applies to the ip flow-export template refresh-rate packets command.
timeout-rate minutes
(Optional) Specifies the interval (in minutes) that the router will wait after sending the templates (flow and options) before they are sent again. You can specify from 1 to 3600 minutes. The default is 30 minutes.
Note This applies to the ip flow-export template timeout-rate minutes command.
options
Enables the export-stats, refresh-rate, sampler and timeout-rate keywords for configuring Version 9 export options.
export-stats
(Optional) Enables the export of statistics including the total number of flows exported and the total number of packets exported.
sampler
(Optional) When Version 9 export is configured, this enables the export of an option containing random-sampler configuration, including the sampler ID, sampling mode and sampling interval for each configured random sampler.
refresh-rate packets
(Optional) Specifies the number of datagrams that are sent before the configured options records are resent. You can specify from 1 to 600 packets. The default is 20 packets.
Note This applies to the ip flow-export template options refresh-rate packets command.
timeout-rate minutes
(Optional) Specifies the interval (in minutes) that the router will wait after sending the options records before they are sent again. You can specify from 1 to 3600 minutes. The default is 30 minutes.
Note This applies to the ip flow-export template options timeout-rate minutes command.
Defaults
Export of NetFlow information is disabled. When the Export of NetFlow information is enabled, the best source IP address for NetFlow datagrams will be picked automatically. The NetFlow Version 1 export format will be used. AS and BGP nexthop information will not be exported. No additional templates or options will be exported. When version 9 export is enabled, templates and options are resent every 20 export packets or 30 minutes, whichever is sooner.
Command Modes
Global configuration
Command History
Release
Modification
11.1 CA
This command was introduced.
11.1(15)CA
The ip flow-export ip-address udp-port syntax was changed to a hidden command in preparation for deprecating it. The new syntax ip flow-export destination ip-address udp-port was added.
12.0(24)S
This command was integrated into Cisco IOS Release 12.0(24)S, and the 9 keyword was added.
12.3(1)
This command was integrated into Cisco IOS Release 12.3(1), and the bgp-nexthop keyword was added.
12.0(26)S
The bgp-nexthop and sampler keywords were added.
12.2(2)T
This command was modified to enable multiple NetFlow export destinations to be used.
12.3(13)
The ip flow-export ip-address udp-port syntax was removed from the Command-Line Interface (CLI).
Usage Guidelines
•ip flow-export version
•ip flow-export destination
•ip flow-export source
•ip flow-export template options export-stats
•ip flow-export template options sampler
ip flow-export version
The ip flow-export version command supports three export data formats: Version 1, Version 5, and Version 9. Version 1 should only be used when it is the only NetFlow data export format version that is supported by the application that you are using to analyze the exported NetFlow data. Version 5 exports more fields than Version 1. Version 9 is the flexible export format.
The NetFlow bgp-nexthop command can be configured when either the Version 5 export format (ip flow-export version 5 bgp-nexthop) or the Version 9 export format (ip flow-export version 9 bgp-nexthop) is configured.
The following caveats apply to the bgp-nexthop command:
•The values for the BGP nexthop IP address are exported to a NetFlow collector only when the Version 9 export format is configured.
•In order for the BGP information to be populated in the main cache you must either have a NetFlow export destination configured or NetFlow aggregation configured.
Note The AS values for the peer-as and the origin-as keywords are only captured is you have configured an export destination with the ip flow-export destination command.
For more information on the available export data formats, see the "NetFlow Data Format" section in the "Configuring NetFlow Switching" chapter of the Cisco IOS Switching Services Configuration Guide. For more information on the Version 9 data format, see the Cisco IOS NetFlow Version 9 Export Format Feature Guide.
Caution Entering the ip flow-export or no ip flow-export command on the Cisco 12000 Series Internet routers and specifying any format version other than version 1 (in other words, entering the ip flow-export or no ip flow-export command and specifying either the version 5 or version 9 keyword) causes packet forwarding to stop for a few seconds while NetFlow reloads the route processor and line card Cisco Express Forwarding (CEF) tables. To avoid interruption of service to a live network, either apply this command during a change window or include it in the startup-config file to be executed during a router reboot.
ip flow-export destination
If NetFlow is switching a high volume of traffic on your router, the NetFlow cache may contain a large quantity of information. This can make it difficult to interpret the NetFlow statistics when you view them on your router with NetFlow commands such as show ip cache verbose flow. It is easier to interpret the NetFlow data when you export it to a network management system that supports the NetFlow data export formats (such as a system running CNS NetFlow Collection Engine (NFC)). CNS NetFlow Collection Engine provides a web-based reporting tool that will help you analyze the statistics captured by NetFlow.
When NetFlow switching is enabled with the ip route-cache flow command you can use the ip flow-export destination command to configure the router to export the flow cache entries to a destination system (such as a system running CNS NetFlow Collection Engine (NFC)). NetFlow exports the flow cache entries to the destination system when the flows in the cache expire. You can use this command to supply data for applications such as statistical analysis, billing, and security.
The ip flow-export destination command can support a maximum of two destination ip-address and udp-port combinations. The most common usage of the multiple-destination feature is to send the NetFlow cache entries to two different destinations for redundancy. Therefore, in most cases the second destination IP address is not the same as the first IP address. The udp-port numbers can be the same when you are configuring two unique destination IP addresses. If you want to configure both instances of the command to use the same destination IP address, you must use unique udp-port numbers. You receive a warning message when you configure the two instances of the command with the same IP address. The warning message you will see is %Warning: Second destination address is the same as previous address <ip-address>.
ip flow-export source
After you configure NetFlow data export, use the ip flow-export source interface command to specify the interface that NetFlow will use to obtain the source IP address for the NetFlow datagrams that it sends to destination systems, such as a system running CNS NetFlow Collection Engine (NFC). This will over-ride the default behavior of using the IP address of the interface that the datagram is transmitted over as the source IP address for the NetFlow datagrams. Some of the benefits of using a consistent IP source address for the datagrams that NetFlow sends are:
•The source IP address of the datagrams exported by NetFlow is used by the destination system to determine which router the NetFlow data is arriving from. If your network has two or more paths that can be used to send NetFlow datagrams from the router to the destination system, and you do not specify the source interface to obtain the source IP address from, the router will use the IP address of the interface that the datagram is transmitted over as the source IP address of the datagram. In this situation it is possible that the destination system will receive NetFlow datagrams from the same router with different source IP addresses. This will cause the destination system to treat the NetFlow datagrams as if they are being sent from different routers unless you have configured the destination system to aggregate the NetFlow datagrams it receives from all of the possible source IP addresses in the router into a single NetFlow flow.
•It is easier to create and maintain access-lists for permitting NetFlow traffic from known sources and blocking it from unknown sources when you limit the source IP address for NetFlow datagrams to a single IP address for each router that is exporting NetFlow traffic.
ip flow-export template options export-stats
The ip flow-export template options export-stats command enables the export of statistics for the total number of exported flows and the total number of exported packets.
Note The ip flow-export template options export-stats command requires that the NetFlow Version 9 export format be already configured on the router.
Note The ip flow-export template options sampler option is not available for NetFlow aggregation caches. However, the options will be sent to destinations configured under the aggregation cache, if they are configured for the main cache.
ip flow-export template options sampler
When Version 9 export is configured, this enables the export of an option containing random-sampler configuration, including the sampler ID, sampling mode and sampling interval for each configured random sampler.
Note The ip flow-export template options sampler command requires that the NetFlow Version 9 export format be already configured on the router.
Note The ip flow-export template options sampler option is not available for NetFlow aggregation caches.
NetFlow Data Export of Template Options
The ip flow-export template options refresh-rate command enables you to configure how frequently the export-stats and/or sampler options records are sent
Note The ip flow-export template refresh-rate command specifies how freqeuently the options templates will be sent.
Examples.
•ip flow-export version
•ip flow-export destination
•ip flow-export source
•ip flow-export template options export-stats
•ip flow-export template
•ip flow-export template sampler
ip flow-export version
The following example shows how to configure the networking device to use the NetFlow Version 9 format for the exported data and how to include the originating autonomous-system (origin-as) with its corresponding next BGP hop (bgp-nexthop):
Router(config)# ip flow-export version 9 origin-as bgp-nexthop
@@@
ip flow-export destination
The following example shows how to configure the networking device to export the NetFlow cache entry to a single export destination system:
Router(config)# ip flow-export destination 10.42.42.1 9991
The following example shows how to configure the networking device to export the NetFlow cache entry to multiple destination systems:
Router(config)# ip flow-export destination 10.42.42.1 9991
Router(config)# ip flow-export destination 10.0.101.254 9991
The following example shows how to configure the networking device to export the NetFlow cache entry to two different UDP ports on the same destination system:
Router(config)# ip flow-export destination 10.42.42.1 9991
Router(config)# ip flow-export destination 10.42.42.1 9992
%Warning: Second destination address is the same as previous address 10.42.42.1
ip flow-export source
The following example shows how to configure NetFlow to use a loopback interface as the source interface for NetFlow traffic:
Caution The interface that you configure as the ip flow-export source interface must have an IP address configured and it must be up.
Router(config)# ip flow-export source loopback0
ip flow-export template options export-stats
The following example shows how to configure NetFlow so that the networking device sends the export statistics (total flows and packets exported) as options data:
Router(config)# ip flow-export template options export-stats
ip flow-export template
The following example shows how to configure NetFlow to send 100 export packets before the templates are resent to the destination host:
Router(config)# ip flow-export template refresh-rate 100
The following example shows how to configure NetFlow so that the export statistics include the total number of flows exported and the total number of packets exported:
Router(config)# ip flow-export template option export-stats
ip flow-export template sampler
The following example shows how to configure NetFlow to enable the export of information about NetFlow random samplers:
Router(config)# ip flow-export template option sampler
Tip You must have a flow-sampler map configured before you can configure the sampler keyword for the ip flow-export template options command.
Related Commands
Command
Description
debug ip flow export
Enables debugging output for NetFlow data export.
ip route-cache flow
Enables NetFlow switching for IP routing.
show ip flow export
Displays the statistics for the NetFlow data export.
ip flow-export destination
The ip flow-export destination command is replaced by the ip flow-export command. See the ip flow-export command for more information.
ip flow-export source
The ip flow-export source command is replaced by the ip flow-export command. See the ip flow-export command for more information.
ip flow ingress
To configure NetFlow on an interface or subinterface, use the ip flow ingress command in interface or subinterface configuration mode. To disable NetFlow on an interface or subinterface, use the no form of this command.
ip flow ingress
no ip flow ingress
Syntax Description
This command has no arguments or keywords.
Defaults
This command is disabled by default.
Command Modes
Interface configuration
Subinterface configuration
Command History
Release
Modification
12.2(14)S
This command was introduced.
12.2(15)T
This command was integrated into Cisco IOS Release 12.2(15)T.
Usage Guidelines
If you configure the ip flow ingress command on a few selected subinterfaces and then configure the ip route-cache flow command on the main interface, enabling the main interface will overwrite the ip flow ingress command and data collection will start from the main interface as well as all the subinterfaces. In a scenario where you configure the ip flow ingress command and then configure the ip route-cache flow command on the main interface, you can restore subinterface data collection by using the no ip route-cache flow command. This configuration will disable data collection from the main interface and restore data collection to the subinterfaces you originally configured with the ip flow ingress command.
Examples
The following example shows how to configure NetFlow on a Fast Ethernet subinterface 6/3.0:
Router(config)# interface FastEthernet6/3.0
Router(config-subif)# ip flow ingress
Related Commands
Command
Description
ip route-cache flow
Enables NetFlow switching for IP routing.
show ip cache flow
Displays a summary of NetFlow statistics.
show ip interface
Displays the usability status of interfaces configured for IP
**************************
swi-e1.pdf