02-12-2008 01:15 AM
Hi,
I have enabled netflow on a Cisco 1800 router. All the interfaces are showing inbound and outbound traffic apart from Fastethernet 0. It is showing Traffic for inbound only.
when I run show ip flow interface, I noticed that it created a subinterface for fastethernet0 even though I did not create it manually. Also sh ip cache flow is reporting traffic to be Local (not sure if this is of any relevance)
Some output:
ittcrt03-perurt01#sh ip cache flow | inc Fa
Fa0 192.168.254.100 Local 192.168.254.26 2F 0000 0000 1
Fa0 192.168.254.100 Local 192.168.254.26 2F 0000 0000 145
Fa0 192.168.254.100 Local 192.168.254.26 2F 0000 0000 2
ittcrt03-perurt01#
ittcrt03-perurt01#sh ip flow interface
FastEthernet0
ip route-cache flow
ip flow ingress
ip flow egress
FastEthernet0.1
ip flow ingress
ip flow egress
Thanks
Anwar
02-13-2008 08:37 AM
Hello,
I recommend not using 'ip flow egress' and using 'ip flow ingress' on all interfaces on your router. Using netflow on egress is used only for several special cases, but normal configuration is 'ip route-cache flow' (deprecated command) or 'ip flow ingess' on all L3 interfaces. Do you using NAT?
Kind regards,
Jan Nejman
Caligare, Co.
02-15-2008 06:31 AM
Jan
Thanks for the info.
I enabled egress for testing purposes only. I took it out of the config. We do not use any NAT. I still do not see any output traffic on netflow. Any suugestions?
Thanks
Anwar
02-15-2008 07:55 AM
Hello,
did you enable 'ip flow ingess' on all interfaces? i.e Fast 0/1, 0/2 ... Could you send me output of the:
show ip interface brief
show runn | inc flow
Kind regards,
Jan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: