cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1399
Views
4
Helpful
8
Replies

L3 Switch (3560G) Monitoring

rsabapathee
Level 1
Level 1

With Cisco routers, there is netflow which enables us to monitor traffic/applications/ports etc... This is very handy for network troubleshooting.

With cisco 3560G what can be used/what configuration to do to enable the same type of monitoring as a cisco router??

thx

8 Replies 8

Jan Nejman
Level 3
Level 3

Hello,

I thing that netflow is not supported by 3560.

I tried to configure it, but no netflow is exported. I found that Cisco doesn't support it on 3650. Is somebody from Cisco, here? thx for explaination. I think that netflow is not supported on: Cisco 2900, 3500 and 3750. NetFlow is supported on: Cisco 1800, 2800, 3800, 4500, 6500, 7200, 7300, 7500, 7600, 10000, 12000 and CRS-1.

Kind regards

Jan Nejman

Caligare, Co.

http://www.caligare.com/

Netflow is not supported on the smaller switches. The reason is that NetFlow is very demanding, and requires either a fast processor or dedicated silicon to the task. For instance, even on higher end switches there are some supervisors that do not support NetFlow - I know for sure that the new Sup VI for the 4500E do not support it. The same applies for another popular feature, "ip accounting" - it isn't support either on most switches.

what can be used to configure the cisco 3560 to have similar type of monitoring?

(perhaps a third party software?)

anyone plz

Is there abosolutely no way of getting any sort of statistical data from a L3 switch? (in similar fashion to netflow from a router)

Hello,

I think that NO. Third party application cannot helps, because the netflow is not implemented on these small boxes.

Kind regards

Jan Nejman

Caligare, Co.

http://www.caligare.com/

Sorry for the delay. Low end (29xx) and "mid-low" end switches (up to 3750 and 3560) are not designed for this kind of application. My suggestion is for you to mirror traffic to a fast PC and run something like NTOP. The main problem is the PC's speed, because it may limit the amount of data that can be processed . Some tools allow you to use "statistical sampling"; they do not process every single packet but instead look at a percentage of your traffic. The result isn't exactly the same but is a reasonable approximation in statistical terms.

There are some tools out on the web that will take a packet capture .pcap file and then export the traffic to a flow collector. However, that would require that you have the ability to mirror traffic from the the switches you wish to monitor to the collector.This could be acheived with matrix switches and/or some form of RSPAN tech. I have done this type of setup before with extreme switches (they didn't support netflow either) and it worked quite well.

Here is link i found on the web.

http://fprobe.sourceforge.net/

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: