c4506 SUP V-10GE Netflow Export Problems

Unanswered Question
May 29th, 2007
User Badges:

Hello!


We have activated Netflow Export on our new SUP5-10GE Supervisor Card. The following commands are added to the configuration.


#sh run | include flow


ip flow ingress

ip flow ingress layer2-switched

ip flow-cache timeout active 5

ip flow-export source Vlan250

ip flow-export version 5

ip flow-export destination xxx xxx

ip route-cache flow


Our device is ony used as a normal Switch, so we only see Layer2 Bridged Flows. Src/Dest Interfaces marked as "NULL". The Problem is that some of the Flows are very strange. It seems that some Src/Dst. IP Addresses are wrong composed.

For example:


NULL 0.96.207.32 Null 194.200.0.16 18 0000 0000 7


NULL 0.16.24.0 Null 104.76.0.96 CF 0000 0000 15

NULL 170.0.4.0 Null 16.44.170.0 04 0000 0000 1

NULL 170.0.4.0 Null 9.44.170.0 04 0000 0000 14K

NULL 170.0.4.0 Null 10.44.170.0 04 0000 0000 2255


Adresses which are never used in our environment. We have also activated netflow export on our core routers, and they dont see the flow on the layer3 svi interfaces. So we believe the problem relies on the Sup5.


We have tested both c450x IOS release Trains:


12.2(25)EWA9 and 12.2(37)SG


Both releases produce the same strange flows!


Please help!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion