12-14-2007 08:11 AM - edited 03-03-2019 07:56 PM
I currently have a site connected via a T1 and it is getting flooded. Is there a command that I can run on the 1721 Router that will show all connections so that I can identify the source / destination IP addresses of all traffic? I tried "show connections" but that didn't have the info that I needed.
Thanks in advance!
Solved! Go to Solution.
12-14-2007 09:00 AM
Sorry, I should've directed you to the 12.2 Doc
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fswtch_c/swprt2/xcfnfc.htm
12-14-2007 08:21 AM
Please post show version from this router as NetFlow may be a suggestion but it depends on the software release.
You can also turn ip accounting on the serial interface.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hiap_c/ichipip.htm#wp1050938
12-14-2007 08:23 AM
Attached is the 'show version'
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-K9O3SY7-M), Version 12.2(8)T1, RELEASE SOFTWARE (fc2)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Sat 30-Mar-02 14:18 by ccai
Image text-base: 0x80008108, data-base: 0x80D2C08C
ROM: System Bootstrap, Version 12.2(7r)XM1, RELEASE SOFTWARE (fc1)
pob-1721 uptime is 23 minutes
System returned to ROM by reload at 09:56:54 CST Fri Dec 14 2007
System restarted at 09:58:24 CST Fri Dec 14 2007
System image file is "flash:c1700-k9o3sy7-mz.122-8.T1.bin"
cisco 1721 (MPC860P) processor (revision 0x100) with 44237K/4915K bytes of memory.
Processor board ID FOC06150DEF (1625455792), with hardware revision 0000
MPC860P processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
1 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
1 Virtual Private Network (VPN) Module(s)
WIC T1-DSU
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
12-14-2007 08:39 AM
Your IOS supports NetFlow, please read the docs.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/honf_c/index.htm
12-14-2007 08:51 AM
I type the following :
config t
int se 0
ip flow ingress
--- Unknown command
I don't think my router supports netflow.
12-14-2007 09:00 AM
Sorry, I should've directed you to the 12.2 Doc
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fswtch_c/swprt2/xcfnfc.htm
12-14-2007 09:27 AM
Thank you so much! I was able to use the Netflow data to track down the culprit!
I can tell that I will be using this a lot in the future!
12-14-2007 08:30 AM
As far as IP Accounting, we don't have any ACLs on the system, and it looks like IP Accounting only tracks failures agains the ACLs. Is that correct?
Thanks
12-14-2007 08:36 AM
No, you can implement ip accounting without any ACLs.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: