Solved

Traffic monitoring on Tunnel

Posted on 2016-08-16
7
70 Views
Last Modified: 2016-09-07
Hi ;
We have an internet connection connecting the site to Data center. We are doing SNMP polling on the Tunnel interface of cisco router and are getting the capacity close to zero, but when the physical interface (Fa0/0) is monitored the traffic reading goes up substantially. Can anyone please explain why it is happening?
0
Comment
Question by:totaram
  • 4
  • 2
7 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 41759302
Perhaps you are seeing the network management system poll/monitor the device/interface.
You can easily check this with netflow data directly on the router.

enable netflow or add acls to capture the traffic

show ip cache flow - will display traffic flowing through the router


harbor235 ;}
0
 

Author Comment

by:totaram
ID: 41760411
Yes.. that is the issue.. why are we not able to see much data through the virtual tunnel int that we configured for the
IPSEC?

One small question: How do we enable netflow on the router? I have not done that before. Do we have to have netflow tool?

Thanks
0
 
LVL 21

Expert Comment

by:eeRoot
ID: 41760418
Do you see statistics on the tunnel interface if you use the "show interface ..." command?
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:totaram
ID: 41760562
Yes.. I see the stats on both sh int commands.. (Tunnel as well as Fa0/0)
0
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
ID: 41779772
You need a netflow collector to export the data, but you can view the currently cached netflow data that is kept on the router via show ip cache flow

To configure netflow do the following;

on the interface in which you want to capture netflow

ip flow ingress
ip flow egress

Validate with show ip cache flow - to view netflow stats

If you want to export that data top a collector add the following cmds

ip flow-export version 5 /9  - 5 is most common, 9 has additional capabilities and is newer
ip flow-export destination <collector_ip> <collector netflow port>
ip flow-export source loopback?   - source of traffic when exporting,

There are a couple additional options but this will get you going

Is that it?

harbor235 ;}
0
 

Author Comment

by:totaram
ID: 41788782
Thanks
0
 

Author Comment

by:totaram
ID: 41788783
Thanks
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now