12-14-2007 08:11 AM - edited 03-03-2019 07:56 PM
I currently have a site connected via a T1 and it is getting flooded. Is there a command that I can run on the 1721 Router that will show all connections so that I can identify the source / destination IP addresses of all traffic? I tried "show connections" but that didn't have the info that I needed.
Thanks in advance!
Solved! Go to Solution.
12-14-2007 09:00 AM
Sorry, I should've directed you to the 12.2 Doc
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fswtch_c/swprt2/xcfnfc.htm
12-14-2007 08:21 AM
Please post show version from this router as NetFlow may be a suggestion but it depends on the software release.
You can also turn ip accounting on the serial interface.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hiap_c/ichipip.htm#wp1050938
12-14-2007 08:23 AM
Attached is the 'show version'
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-K9O3SY7-M), Version 12.2(8)T1, RELEASE SOFTWARE (fc2)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Sat 30-Mar-02 14:18 by ccai
Image text-base: 0x80008108, data-base: 0x80D2C08C
ROM: System Bootstrap, Version 12.2(7r)XM1, RELEASE SOFTWARE (fc1)
pob-1721 uptime is 23 minutes
System returned to ROM by reload at 09:56:54 CST Fri Dec 14 2007
System restarted at 09:58:24 CST Fri Dec 14 2007
System image file is "flash:c1700-k9o3sy7-mz.122-8.T1.bin"
cisco 1721 (MPC860P) processor (revision 0x100) with 44237K/4915K bytes of memory.
Processor board ID FOC06150DEF (1625455792), with hardware revision 0000
MPC860P processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
1 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
1 Virtual Private Network (VPN) Module(s)
WIC T1-DSU
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
12-14-2007 08:39 AM
Your IOS supports NetFlow, please read the docs.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/honf_c/index.htm
12-14-2007 08:51 AM
I type the following :
config t
int se 0
ip flow ingress
--- Unknown command
I don't think my router supports netflow.
12-14-2007 09:00 AM
Sorry, I should've directed you to the 12.2 Doc
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fswtch_c/swprt2/xcfnfc.htm
12-14-2007 09:27 AM
Thank you so much! I was able to use the Netflow data to track down the culprit!
I can tell that I will be using this a lot in the future!
12-14-2007 08:30 AM
As far as IP Accounting, we don't have any ACLs on the system, and it looks like IP Accounting only tracks failures agains the ACLs. Is that correct?
Thanks
12-14-2007 08:36 AM
No, you can implement ip accounting without any ACLs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide