[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1510
  • Last Modified:

6509 gigabit interface won't do NetFlow

Trying to enable NetFlow on a Cisco 6509 layer 2 switch with a 720 sup.  IOS (tm) s72033_rp Software (s72033_rp-PK9S-M), Version 12.2(18)SXD6, RELEASE SOFTWARE (fc1)

Ive enabled these global commands:

mls netflow
!
mls aging long 64
!
mls aging normal 32
!
mls flow ip interface-full
!
mls nde sender version 5
!
ip flow-export source GigabitEthernet1/46
!
ip flow-export destination 10.1.13.253 9995

I want to monitor interface GigabitEthernet1/46, but it wont except these commands on the interface.

ip route-cache flow
!
ip flow ingress

I'm i doing this correctly?  

Thanks,
Bob
0
gonzo117
Asked:
gonzo117
  • 3
  • 2
1 Solution
 
cstosgaleCommented:
Is Gig1/46 configured as a layer 3 interface? If it is a layer 2 interface it definitely won't work. You can configure netflow on layer 3 interfaces and SVIs only.

I would check any documentation related to the line card, and see if you can enable it on a different model of line card.
0
 
pdubeCommented:
Hello gonzo117,

It looks like there are a few global commands that are missing in your NetFlow configuration.  Add the following:

ip flow-export version 5
ip flow ingress layer2-switched vlan (insert vlans X,Y,X)
ip flow-cache timeout active 1
mls nde interface

After you've added these try adding 'ip route-cache flow' to your interfaces.
0
 
gonzo117Author Commented:
Hi tried to enter the global commands, it took all but this;

AMDFCS1(config)#ip flow ingress layer2-switched vlan 1
                        ^
% Invalid input detected at '^' marker.

This is available globally under ip flow
AMDFCS1(config)#ip flow?
flow-aggregation  flow-cache  flow-export


Interface would not take, ip route-cache flow


This is available on the interface under ip
AMDFCS1(config-if)#ip route-cache flow
                       ^
% Invalid input detected at '^' marker.

AMDFCS1(config-if)#ip ?
Interface IP configuration subcommands:
  access-group  Specify access control for packets
  address       Set the IP address of an interface
  arp           Configure ARP features
  dhcp          DHCP
  rsvp          RSVP interface commands
  rtp           RTP parameters
  vrf           VPN Routing/Forwarding parameters on the interface

Is there anything else to try?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
cstosgaleCommented:
Ip route-cache flow is a legacy command. You should now use ip flow ingress, but as far as I am aware this must be done on layer 3 interfaces.

You don't need any additional commandsnto enable netflow with a local cache on the switch. Can you post the config of the interface you are trying to enable netflow on?
0
 
gonzo117Author Commented:
!
interface GigabitEthernet1/46
 description WAN to SUREWEST COLO - PRODUCTION TRUNK
 no ip address
 speed 100
 duplex full
 mls qos trust dscp
 switchport
 switchport mode trunk
!
0
 
cstosgaleCommented:
Ok so this port is a layer 2 port. therefore you cannot enable netflow on it. You can enable netflow on layer 3 interfaces that go over this port, e.g. :-

int vlan 10
ip flow ingress

If you are on a very old IOS version, you may have to use ip route-cache flow instead.

By definition, netflow works at a layer 3 level, therefore you can only enable it on interfaces that have IP addresses, i.e. they are layer 3 interfaces.

The ip flow-export source command you used in your original post will only set the source address for the export packets. This will not enable netflow for that interface.

You can also enable the collection of layer 2 switched flows using:-

ip flow ingress layer2-switched vlan 1

if this command is not working for you, you are probably on an old IOS release, or do not have hardware that supports this command. Below is the relevant command reference that describes the restrictions:-

http://www.cisco.com/en/US/docs/ios/netflow/command/reference/nf_01.html#wp1012951
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now