we have some problems with gathering the Netflow statustic on our 6500 SUP720B and need some other solution. the problem is quite simple - netflow table on SUP720 goes full very fast, in 5-10 seconds and the netflow data statisctic is not fully exported.
Will e.g. NAM (or NAM2) sefvice card help us to gather the full netflow statistic? or is there other ways?
Another option might be sampled netflow. Or, if you really only want to analyze certain traffic, you can try applying netflow filters. The latter two may require certain IOS code levels.
Could you change flow mask? You will see less details, but all flows. (Maybe is solution change it to see only src/dst IP and not ports, etc...) I suppose that changed flowmask can save 25% of flowcache... (see http://support.caligare.com/kb/entry/47/ about flowmasks) I think that a "Destination-Source-Interface" can be fine for you...
actually dst-src-int flowmask is currently used and I don't think the flow mask has any influence on Netflow table size, because aggregation, flowmask and samples are applyied only to exported Netflow data but not to the data which is used to build up the Netflow able itself.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
