Solved

6509 gigabit interface won't do NetFlow

Posted on 2010-11-16
6
1,437 Views
Last Modified: 2012-05-10
Trying to enable NetFlow on a Cisco 6509 layer 2 switch with a 720 sup.  IOS (tm) s72033_rp Software (s72033_rp-PK9S-M), Version 12.2(18)SXD6, RELEASE SOFTWARE (fc1)

Ive enabled these global commands:

mls netflow
!
mls aging long 64
!
mls aging normal 32
!
mls flow ip interface-full
!
mls nde sender version 5
!
ip flow-export source GigabitEthernet1/46
!
ip flow-export destination 10.1.13.253 9995

I want to monitor interface GigabitEthernet1/46, but it wont except these commands on the interface.

ip route-cache flow
!
ip flow ingress

I'm i doing this correctly?  

Thanks,
Bob
0
Comment
Question by:gonzo117
  • 3
  • 2
6 Comments
 
LVL 10

Expert Comment

by:cstosgale
ID: 34150141
Is Gig1/46 configured as a layer 3 interface? If it is a layer 2 interface it definitely won't work. You can configure netflow on layer 3 interfaces and SVIs only.

I would check any documentation related to the line card, and see if you can enable it on a different model of line card.
0
 

Expert Comment

by:pdube
ID: 34159327
Hello gonzo117,

It looks like there are a few global commands that are missing in your NetFlow configuration.  Add the following:

ip flow-export version 5
ip flow ingress layer2-switched vlan (insert vlans X,Y,X)
ip flow-cache timeout active 1
mls nde interface

After you've added these try adding 'ip route-cache flow' to your interfaces.
0
 

Author Comment

by:gonzo117
ID: 34159657
Hi tried to enter the global commands, it took all but this;

AMDFCS1(config)#ip flow ingress layer2-switched vlan 1
                        ^
% Invalid input detected at '^' marker.

This is available globally under ip flow
AMDFCS1(config)#ip flow?
flow-aggregation  flow-cache  flow-export


Interface would not take, ip route-cache flow


This is available on the interface under ip
AMDFCS1(config-if)#ip route-cache flow
                       ^
% Invalid input detected at '^' marker.

AMDFCS1(config-if)#ip ?
Interface IP configuration subcommands:
  access-group  Specify access control for packets
  address       Set the IP address of an interface
  arp           Configure ARP features
  dhcp          DHCP
  rsvp          RSVP interface commands
  rtp           RTP parameters
  vrf           VPN Routing/Forwarding parameters on the interface

Is there anything else to try?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 10

Expert Comment

by:cstosgale
ID: 34160008
Ip route-cache flow is a legacy command. You should now use ip flow ingress, but as far as I am aware this must be done on layer 3 interfaces.

You don't need any additional commandsnto enable netflow with a local cache on the switch. Can you post the config of the interface you are trying to enable netflow on?
0
 

Author Comment

by:gonzo117
ID: 34160238
!
interface GigabitEthernet1/46
 description WAN to SUREWEST COLO - PRODUCTION TRUNK
 no ip address
 speed 100
 duplex full
 mls qos trust dscp
 switchport
 switchport mode trunk
!
0
 
LVL 10

Accepted Solution

by:
cstosgale earned 500 total points
ID: 34163374
Ok so this port is a layer 2 port. therefore you cannot enable netflow on it. You can enable netflow on layer 3 interfaces that go over this port, e.g. :-

int vlan 10
ip flow ingress

If you are on a very old IOS version, you may have to use ip route-cache flow instead.

By definition, netflow works at a layer 3 level, therefore you can only enable it on interfaces that have IP addresses, i.e. they are layer 3 interfaces.

The ip flow-export source command you used in your original post will only set the source address for the export packets. This will not enable netflow for that interface.

You can also enable the collection of layer 2 switched flows using:-

ip flow ingress layer2-switched vlan 1

if this command is not working for you, you are probably on an old IOS release, or do not have hardware that supports this command. Below is the relevant command reference that describes the restrictions:-

http://www.cisco.com/en/US/docs/ios/netflow/command/reference/nf_01.html#wp1012951
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question