[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

6509 gigabit interface won't do NetFlow

Posted on 2010-11-16
6
Medium Priority
?
1,492 Views
Last Modified: 2012-05-10
Trying to enable NetFlow on a Cisco 6509 layer 2 switch with a 720 sup.  IOS (tm) s72033_rp Software (s72033_rp-PK9S-M), Version 12.2(18)SXD6, RELEASE SOFTWARE (fc1)

Ive enabled these global commands:

mls netflow
!
mls aging long 64
!
mls aging normal 32
!
mls flow ip interface-full
!
mls nde sender version 5
!
ip flow-export source GigabitEthernet1/46
!
ip flow-export destination 10.1.13.253 9995

I want to monitor interface GigabitEthernet1/46, but it wont except these commands on the interface.

ip route-cache flow
!
ip flow ingress

I'm i doing this correctly?  

Thanks,
Bob
0
Comment
Question by:gonzo117
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 10

Expert Comment

by:cstosgale
ID: 34150141
Is Gig1/46 configured as a layer 3 interface? If it is a layer 2 interface it definitely won't work. You can configure netflow on layer 3 interfaces and SVIs only.

I would check any documentation related to the line card, and see if you can enable it on a different model of line card.
0
 

Expert Comment

by:pdube
ID: 34159327
Hello gonzo117,

It looks like there are a few global commands that are missing in your NetFlow configuration.  Add the following:

ip flow-export version 5
ip flow ingress layer2-switched vlan (insert vlans X,Y,X)
ip flow-cache timeout active 1
mls nde interface

After you've added these try adding 'ip route-cache flow' to your interfaces.
0
 

Author Comment

by:gonzo117
ID: 34159657
Hi tried to enter the global commands, it took all but this;

AMDFCS1(config)#ip flow ingress layer2-switched vlan 1
                        ^
% Invalid input detected at '^' marker.

This is available globally under ip flow
AMDFCS1(config)#ip flow?
flow-aggregation  flow-cache  flow-export


Interface would not take, ip route-cache flow


This is available on the interface under ip
AMDFCS1(config-if)#ip route-cache flow
                       ^
% Invalid input detected at '^' marker.

AMDFCS1(config-if)#ip ?
Interface IP configuration subcommands:
  access-group  Specify access control for packets
  address       Set the IP address of an interface
  arp           Configure ARP features
  dhcp          DHCP
  rsvp          RSVP interface commands
  rtp           RTP parameters
  vrf           VPN Routing/Forwarding parameters on the interface

Is there anything else to try?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 10

Expert Comment

by:cstosgale
ID: 34160008
Ip route-cache flow is a legacy command. You should now use ip flow ingress, but as far as I am aware this must be done on layer 3 interfaces.

You don't need any additional commandsnto enable netflow with a local cache on the switch. Can you post the config of the interface you are trying to enable netflow on?
0
 

Author Comment

by:gonzo117
ID: 34160238
!
interface GigabitEthernet1/46
 description WAN to SUREWEST COLO - PRODUCTION TRUNK
 no ip address
 speed 100
 duplex full
 mls qos trust dscp
 switchport
 switchport mode trunk
!
0
 
LVL 10

Accepted Solution

by:
cstosgale earned 2000 total points
ID: 34163374
Ok so this port is a layer 2 port. therefore you cannot enable netflow on it. You can enable netflow on layer 3 interfaces that go over this port, e.g. :-

int vlan 10
ip flow ingress

If you are on a very old IOS version, you may have to use ip route-cache flow instead.

By definition, netflow works at a layer 3 level, therefore you can only enable it on interfaces that have IP addresses, i.e. they are layer 3 interfaces.

The ip flow-export source command you used in your original post will only set the source address for the export packets. This will not enable netflow for that interface.

You can also enable the collection of layer 2 switched flows using:-

ip flow ingress layer2-switched vlan 1

if this command is not working for you, you are probably on an old IOS release, or do not have hardware that supports this command. Below is the relevant command reference that describes the restrictions:-

http://www.cisco.com/en/US/docs/ios/netflow/command/reference/nf_01.html#wp1012951
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question