Netflow with in Vlan on 6513

Unanswered Question
Sep 23rd, 2008
User Badges:

Hi;


We have a 6513 equiped with a WS-X6K-SUP2-2GE a WS-F6K-PFC2 and a WS-F6K-MSFC2.


The switch is running IOS Version 12.2(18)SXF1.


I'm able to obtain netflow readings of traffing going across the different Vlans but nothing with in a Vlan.


Here is the configuration so far.


ip flow-cache timeout active 5

ip flow ingress layer2-switched vlan 2-5

mls aging normal 32

mls flow ip full

mls flow ipx destination

mls nde sender


ip flow-export source Vlan3

ip flow-export version 5

ip flow-export destination 172.17.XX.XXX 2055



on each Vlan Interface;

ip route-cache flow


Can anyone point me in the right direccion? I'm not sure if I am missign a command or if this is not supported. Bu so far in the Cisco documentation i've read Bridge Flow Statistics is supported by this particular IOS and Hardware convination.


Thanks in advance.






  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
yjdabear Wed, 09/24/2008 - 06:02
User Badges:
  • Gold, 750 points or more

ip flow export layer2-switched vlan


http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml


"In order to enable the collection of switched, bridged, and IP flows in Layer 2, issue the ip flow ingress layer2-switched vlan {num | vlanlist} command. In order to enable the export of switched, bridged, and IP flows in Layer 2, issue the ip flow export layer2-switched vlan {num | vlanlist} command.


The command is supported on Supervisor Engine 720 in PFC3B and PFC3BXL mode only and on Supervisor Engine 2 with a PFC2."

cbulleri Wed, 09/24/2008 - 13:45
User Badges:

Thanks for the tip.


I've actually been able to apply the IP flow ingress/export layer2 command to the appropiate vlans. But the one I can't seem to apply is the ip route-cache flow. according tot he document this is the one generating the netflow information.


I know that I comply with hardware specs (Sup2 PCF2) so I wonder if i need to be in a particular Global mode to apply the command.


Thanks for your Help.



I remember there was some difference between "ip route-cache" and "ip flow ingress", but i forgot what Try using "ip flow ingress" (there is another command "ip flow egress" for traffic going out, but that is not required if you have configured the far end (in your case the gateway interface).. do let me know the results

yjdabear Wed, 09/24/2008 - 18:53
User Badges:
  • Gold, 750 points or more

"ip route-cache flow" is applied per interface, so it'd be configured in interface config mode.


"ip route-cache flow" has been deprecated in 12.2(18)SXD, while the replacement "ip flow ingress" is supported in that release and higher. However, "ip route-cache flow" still works for us in >12.2(18)SXD IOS just fine.

cbulleri Wed, 09/24/2008 - 21:52
User Badges:

you are right route-cache is apply on the Vlan interface directlly, but the documentation indicates that in order to obtain Layer 2 flow with in a single Vlan we need to apply the IP flow layer 2 command and I can't do it. In the Global Config mode the "Layer2" portion requires he "ingress" portion before it and I think that while I'm programming the router to capture the information it's failing to actually generate it, at least al Layer 2. I'm still getting info on packets going across the Vlans.


Again thanks for everyones input.


i'll post the solution if I found it.


Actions

This Discussion