Upgrading IOS and Netflow

Unanswered Question
Mar 31st, 2008

Hello,


I am new to cisco and am trying to get netflow working.


when i log into my router and do a show version i get the following information



_________________________________________


WASHINGTON#sh version

Cisco Internetwork Operating System Software

IOS (tm) C2600 Software (C2600-IS-M), Version 12.1(5)T10, RELEASE SOFTWARE (fc2

)

TAC Support: http://www.cisco.com/tac

Copyright (c) 1986-2001 by cisco Systems, Inc.

Compiled Wed 08-Aug-01 08:52 by ccai

Image text-base: 0x80008088, data-base: 0x8101AD48


ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)


WASHINGTON uptime is 9 weeks, 5 days, 16 hours, 10 minutes

System returned to ROM by power-on

System image file is "flash:c2600-is-mz.121-5.T10.bin"


cisco 2620 (MPC860) processor (revision 0x600) with 36864K/4096K bytes of memory

.

Processor board ID JAD05390HV7 (1163454854)

M860 processor: part number 0, mask 49

Bridging software.

X.25 software, Version 3.0.0.

Basic Rate ISDN software, Version 1.1.

1 FastEthernet/IEEE 802.3 interface(s)

1 Serial network interface(s)

1 ISDN Basic Rate interface(s)

32K bytes of non-volatile configuration memory.

16384K bytes of processor board System flash (Read/Write)


Configuration register is 0x2102


_________________________________________


Do i need to upgrade my IOS? if so how do i go about getting an upgrade for my IOS?


or can anyone tell help me out in setting up netflow on this router.


If you need config please let me know so that i can post.


Thank you in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
royalblues Mon, 03/31/2008 - 11:32

Your IOS supports netflow


These configurations will help you get this going


interface

ip route-cache flow


this needs to be configured under all the interfaces


ip flow-export version 5

ip flow-export destination


HTH

Narayan

sgoldschmidt Mon, 03/31/2008 - 11:46

Thank you for getting back to me


Here is the FastEthernet configuration that is currently set

_____________________________________________


interface FastEthernet0/0.1

description Data

encapsulation dot1Q 1 native

ip address 10.43.80.1 255.255.240.0

no ip route-cache

no ip mroute-cache

bridge-group 1


_____________________________________________


when i go to enter the ip route-cache flow onto this interface i get the following message


_____________________________________________



WASHINGTON#config t

Enter configuration commands, one per line. End with CNTL/Z.

WASHINGTON(config)#in

WASHINGTON(config)#interface fa

WASHINGTON(config)#interface fastEthernet 0/0.1

WASHINGTON(config-subif)#ip rou

WASHINGTON(config-subif)#ip route-cache flow

^

% Invalid input detected at '^' marker.


WASHINGTON(config-subif)#


_____________________________________________


Am i doing anything wrong? or does something else have to be setup first?



Thanks again for your help

mattcalderon Mon, 03/31/2008 - 11:54

Hmm it could be that you are enabling it on a subinterface. Not too sure if your version of IOS supports this. I did find the link below explaining this, but I do not have personal experience with a sub-interface. I may need to lab that one up and see.



http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_nfsub.html#wp1035352



http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hnf_c/ch05/nfb_bicf.htm#wp1046037


sgoldschmidt Mon, 03/31/2008 - 11:53

Sorry here is my router config

_____________________________________________


WASHINGTON#sh run

Building configuration...


Current configuration : 3308 bytes

!

version 12.1

no service single-slot-reload-enable

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname WASHINGTON

!

logging buffered 4096 debugging

logging rate-limit console 10 except errors

enable secret 5

!

clock timezone EDT -5

clock summer-time EDT recurring

ip subnet-zero

!

!

no ip finger

ip tcp synwait-time 5

no ip domain-lookup

!

!

class-map match-all Voice

match ip dscp 46

!

!

policy-map Policy1

class Voice

priority 500

class class-default

fair-queue

!

isdn switch-type basic-dms100

call rsvp-sync

!

!

!

!

!

bridge crb

!

!

buffers middle permanent 1500

buffers middle max-free 1600

buffers middle min-free 1400

!

interface Loopback1

description Washington Loppback Interface

ip address 10.254.15.1 255.255.255.224

!

interface FastEthernet0/0

description Washington Local Area Network

no ip address

no ip route-cache

no ip mroute-cache

speed 100

full-duplex

!

interface FastEthernet0/0.1

description Data

encapsulation dot1Q 1 native

ip address 10.43.80.1 255.255.240.0

no ip route-cache

no ip mroute-cache

bridge-group 1

!

interface FastEthernet0/0.10

description Voice

encapsulation dot1Q 10

ip address 192.168.6.1 255.255.255.0

no ip route-cache

no ip mroute-cache

!

interface FastEthernet0/0.105

description VPN link to Checkpoint

encapsulation dot1Q 105

ip address 10.254.5.10 255.255.255.0

no ip route-cache

no ip mroute-cache

shutdown

!

interface Serial0/0

description T1 to RANDOLPH

bandwidth 1536

ip address 10.252.5.134 255.255.255.252

no ip route-cache

no ip mroute-cache

service-policy output Policy1

service-module t1 timeslots 1-24

bridge-group 1

!

interface BRI0/0

description Backup ISDN to RANDOLPH

no ip address

encapsulation ppp

shutdown

dialer rotary-group 1

isdn switch-type basic-dms100

no cdp enable

!

interface Dialer1

ip address 192.168.253.6 255.255.255.252

encapsulation ppp

shutdown

dialer in-band

dialer idle-timeout 100

dialer hold-queue 10

dialer load-threshold 1 outbound

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname RANDOLPH

ppp chap password xxx

ppp multilink

!

router eigrp 1

passive-interface Loopback1

network 10.0.0.0

network 192.168.6.0

no auto-summary

eigrp log-neighbor-changes

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.43.80.3 210

no ip http server

!

logging trap debugging

logging 10.43.144.26

logging 10.43.144.78

dialer-list 1 protocol ip list 101

snmp-server community cisco RW

snmp-server community Nagio5 RO

snmp-server chassis-id WASHINGTON

bridge 1 protocol ieee

bridge 1 route ip

!

dial-peer cor custom

!

!

!

banner login ^C


*************************************************************

* Unauthorized Access is Prohibited *

* Access is restricted to authorized Personel ONLY *

* Unauthorized access is Punishable by LAW *

*************************************************************

^C

!

line con 0

exec-timeout 5 0

password xxx

login

transport input none

line aux 0

password xxx

login

modem InOut

transport input all

line vty 0 4

exec-timeout 240 0

password xxx

logging synchronous

login

!

scheduler allocate 4000 6000

end


WASHINGTON#

royalblues Mon, 03/31/2008 - 23:21

ip route-cache flow command is applicable only on the main interface and will track the flow of all the subinterfaces


IOS introduced the support of netflow on the subinterfaces using the command ip flow ingress & ip flow egress but i am not sure whehter your IOS supports this feature


Narayan

sgoldschmidt Tue, 04/01/2008 - 06:27

Thank you,


I've added the following commands to my router onto interface fastethernet 0/0


_____________________________________________


WASHINGTON#config t

Enter configuration commands, one per line. End with CNTL/Z.

WASHINGTON(config)#in

WASHINGTON(config)#interface fa

WASHINGTON(config)#interface fastEthernet 0/0

WASHINGTON(config-if)#ip route

WASHINGTON(config-if)#ip route-cache flow

WASHINGTON(config-if)#exit

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-ex

WASHINGTON(config)#ip flow-export des

WASHINGTON(config)#ip flow-export destination 10.43.144.85 2055

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-ex

WASHINGTON(config)#ip flow-export so

WASHINGTON(config)#ip flow-export source fa

WASHINGTON(config)#ip flow-export source fastEthernet 0/0

WASHINGTON(config)#ip flo

WASHINGTON(config)#ip flow-ex

WASHINGTON(config)#ip flow-export ver

WASHINGTON(config)#ip flow-export version 5

WASHINGTON(config)#ip

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-c

WASHINGTON(config)#ip flow-cache tim

WASHINGTON(config)#ip flow-cache timeout ac

WASHINGTON(config)#ip flow-cache timeout active 5

WASHINGTON(config)#ip

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-c

WASHINGTON(config)#ip flow-cache ti

WASHINGTON(config)#ip flow-cache timeout in

WASHINGTON(config)#ip flow-cache timeout inactive 15

WASHINGTON(config)#sn

WASHINGTON(config)#snm

WASHINGTON(config)#snmp-server ifindex persist

WASHINGTON(config)#^Z

WASHINGTON#write


_____________________________________________


Once i added these my network seemed to stop working. my computers could not connect to my domain controllers back to my main site.


my phones could not connect to the call server back at my main site.


but i could ping all eqiupment, routers, servers, switches, but not my phones since they were not registering back to the main site.


What i am i doing wrong? is this normail?


could it be due to the ip flow-cache timeout active 5? should this be set longer?


any help would be appreciated.


Thanks

sgoldschmidt Fri, 04/04/2008 - 12:11

Hello Again,


I've tried using ip flow ingress on the sub interface and i am not allowed to make this entry. when i do my research i see that i need ios 12.2 or higher and i only have 12.1.


how do i go about upgrading my ios? i am new to cisco and not sure on the steps i need to take to upgrade my ios so that i can support netflow correctly.


Thanks

Actions

This Discussion