Upgrading IOS and Netflow

sgoldschmidt · ‎03-31-2008

Hello,

I am new to cisco and am trying to get netflow working.

when i log into my router and do a show version i get the following information

_________________________________________

WASHINGTON#sh version

Cisco Internetwork Operating System Software

IOS (tm) C2600 Software (C2600-IS-M), Version 12.1(5)T10, RELEASE SOFTWARE (fc2

)

TAC Support: http://www.cisco.com/tac

Compiled Wed 08-Aug-01 08:52 by ccai

Image text-base: 0x80008088, data-base: 0x8101AD48

ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)

WASHINGTON uptime is 9 weeks, 5 days, 16 hours, 10 minutes

System returned to ROM by power-on

System image file is "flash:c2600-is-mz.121-5.T10.bin"

cisco 2620 (MPC860) processor (revision 0x600) with 36864K/4096K bytes of memory

.

Processor board ID JAD05390HV7 (1163454854)

M860 processor: part number 0, mask 49

Bridging software.

X.25 software, Version 3.0.0.

Basic Rate ISDN software, Version 1.1.

1 FastEthernet/IEEE 802.3 interface(s)

1 Serial network interface(s)

1 ISDN Basic Rate interface(s)

32K bytes of non-volatile configuration memory.

16384K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102

_________________________________________

Do i need to upgrade my IOS? if so how do i go about getting an upgrade for my IOS?

or can anyone tell help me out in setting up netflow on this router.

If you need config please let me know so that i can post.

Thank you in advance

royalblues · ‎03-31-2008

Your IOS supports netflow

These configurations will help you get this going

interface

ip route-cache flow

this needs to be configured under all the interfaces

ip flow-export version 5

ip flow-export destination

HTH

Narayan

sgoldschmidt · ‎03-31-2008

Thank you for getting back to me

Here is the FastEthernet configuration that is currently set

_____________________________________________

interface FastEthernet0/0.1

description Data

encapsulation dot1Q 1 native

ip address 10.43.80.1 255.255.240.0

no ip route-cache

no ip mroute-cache

bridge-group 1

_____________________________________________

when i go to enter the ip route-cache flow onto this interface i get the following message

_____________________________________________

WASHINGTON#config t

Enter configuration commands, one per line. End with CNTL/Z.

WASHINGTON(config)#in

WASHINGTON(config)#interface fa

WASHINGTON(config)#interface fastEthernet 0/0.1

WASHINGTON(config-subif)#ip rou

WASHINGTON(config-subif)#ip route-cache flow

^

% Invalid input detected at '^' marker.

WASHINGTON(config-subif)#

_____________________________________________

Am i doing anything wrong? or does something else have to be setup first?

Thanks again for your help

mattcalderon · ‎03-31-2008

Hmm it could be that you are enabling it on a subinterface. Not too sure if your version of IOS supports this. I did find the link below explaining this, but I do not have personal experience with a sub-interface. I may need to lab that one up and see.

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_nfsub.html#wp1035352

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hnf_c/ch05/nfb_bicf.htm#wp1046037

sgoldschmidt · ‎03-31-2008

Sorry here is my router config

_____________________________________________

WASHINGTON#sh run

Building configuration...

Current configuration : 3308 bytes

!

version 12.1

no service single-slot-reload-enable

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname WASHINGTON

!

logging buffered 4096 debugging

logging rate-limit console 10 except errors

enable secret 5

!

clock timezone EDT -5

clock summer-time EDT recurring

ip subnet-zero

!

no ip finger

ip tcp synwait-time 5

no ip domain-lookup

!

class-map match-all Voice

match ip dscp 46

!

policy-map Policy1

class Voice

priority 500

class class-default

fair-queue

!

isdn switch-type basic-dms100

call rsvp-sync

!

bridge crb

!

buffers middle permanent 1500

buffers middle max-free 1600

buffers middle min-free 1400

!

interface Loopback1

description Washington Loppback Interface

ip address 10.254.15.1 255.255.255.224

!

interface FastEthernet0/0

description Washington Local Area Network

no ip address

no ip route-cache

no ip mroute-cache

speed 100

full-duplex

!

interface FastEthernet0/0.1

description Data

encapsulation dot1Q 1 native

ip address 10.43.80.1 255.255.240.0

no ip route-cache

no ip mroute-cache

bridge-group 1

!

interface FastEthernet0/0.10

description Voice

encapsulation dot1Q 10

ip address 192.168.6.1 255.255.255.0

no ip route-cache

no ip mroute-cache

!

interface FastEthernet0/0.105

description VPN link to Checkpoint

encapsulation dot1Q 105

ip address 10.254.5.10 255.255.255.0

no ip route-cache

no ip mroute-cache

shutdown

!

interface Serial0/0

description T1 to RANDOLPH

bandwidth 1536

ip address 10.252.5.134 255.255.255.252

no ip route-cache

no ip mroute-cache

service-policy output Policy1

service-module t1 timeslots 1-24

bridge-group 1

!

interface BRI0/0

description Backup ISDN to RANDOLPH

no ip address

encapsulation ppp

shutdown

dialer rotary-group 1

isdn switch-type basic-dms100

no cdp enable

!

interface Dialer1

ip address 192.168.253.6 255.255.255.252

encapsulation ppp

shutdown

dialer in-band

dialer idle-timeout 100

dialer hold-queue 10

dialer load-threshold 1 outbound

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname RANDOLPH

ppp chap password xxx

ppp multilink

!

router eigrp 1

passive-interface Loopback1

network 10.0.0.0

network 192.168.6.0

no auto-summary

eigrp log-neighbor-changes

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.43.80.3 210

no ip http server

!

logging trap debugging

logging 10.43.144.26

logging 10.43.144.78

dialer-list 1 protocol ip list 101

snmp-server community cisco RW

snmp-server community Nagio5 RO

snmp-server chassis-id WASHINGTON

bridge 1 protocol ieee

bridge 1 route ip

!

dial-peer cor custom

!

banner login ^C

*************************************************************

* Unauthorized Access is Prohibited *

* Access is restricted to authorized Personel ONLY *

* Unauthorized access is Punishable by LAW *

*************************************************************

^C

!

line con 0

exec-timeout 5 0

password xxx

login

transport input none

line aux 0

password xxx

login

modem InOut

transport input all

line vty 0 4

exec-timeout 240 0

password xxx

logging synchronous

login

!

scheduler allocate 4000 6000

end

WASHINGTON#

royalblues · ‎03-31-2008

ip route-cache flow command is applicable only on the main interface and will track the flow of all the subinterfaces

IOS introduced the support of netflow on the subinterfaces using the command ip flow ingress & ip flow egress but i am not sure whehter your IOS supports this feature

Narayan

sgoldschmidt · ‎04-01-2008

Thank you,

I've added the following commands to my router onto interface fastethernet 0/0

_____________________________________________

WASHINGTON#config t

Enter configuration commands, one per line. End with CNTL/Z.

WASHINGTON(config)#in

WASHINGTON(config)#interface fa

WASHINGTON(config)#interface fastEthernet 0/0

WASHINGTON(config-if)#ip route

WASHINGTON(config-if)#ip route-cache flow

WASHINGTON(config-if)#exit

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-ex

WASHINGTON(config)#ip flow-export des

WASHINGTON(config)#ip flow-export destination 10.43.144.85 2055

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-ex

WASHINGTON(config)#ip flow-export so

WASHINGTON(config)#ip flow-export source fa

WASHINGTON(config)#ip flow-export source fastEthernet 0/0

WASHINGTON(config)#ip flo

WASHINGTON(config)#ip flow-ex

WASHINGTON(config)#ip flow-export ver

WASHINGTON(config)#ip flow-export version 5

WASHINGTON(config)#ip

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-c

WASHINGTON(config)#ip flow-cache tim

WASHINGTON(config)#ip flow-cache timeout ac

WASHINGTON(config)#ip flow-cache timeout active 5

WASHINGTON(config)#ip

WASHINGTON(config)#ip fl

WASHINGTON(config)#ip flow-c

WASHINGTON(config)#ip flow-cache ti

WASHINGTON(config)#ip flow-cache timeout in

WASHINGTON(config)#ip flow-cache timeout inactive 15

WASHINGTON(config)#sn

WASHINGTON(config)#snm

WASHINGTON(config)#snmp-server ifindex persist

WASHINGTON(config)#^Z

WASHINGTON#write

_____________________________________________

Once i added these my network seemed to stop working. my computers could not connect to my domain controllers back to my main site.

my phones could not connect to the call server back at my main site.

but i could ping all eqiupment, routers, servers, switches, but not my phones since they were not registering back to the main site.

What i am i doing wrong? is this normail?

could it be due to the ip flow-cache timeout active 5? should this be set longer?

any help would be appreciated.

Thanks

sgoldschmidt · ‎04-04-2008

Hello Again,

I've tried using ip flow ingress on the sub interface and i am not allowed to make this entry. when i do my research i see that i need ios 12.2 or higher and i only have 12.1.

how do i go about upgrading my ios? i am new to cisco and not sure on the steps i need to take to upgrade my ios so that i can support netflow correctly.

Thanks

mattcalderon · ‎04-04-2008

You need to have some type of support contract to be able to log in with your cco and download the ios you need. After you have the ios you then need to put it on your flash and change your boot statement. Probably the more complicated task will be obtaining the ios.

http://www-europe.cisco.com/univercd/cc/td/doc/product/access/acs_fix/800/800swcfg/upg_ios.htm