cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
781
Views
0
Helpful
4
Replies

Netflow on Catalyst 6500

jpl861
Level 4
Level 4

*Hi Guys,

I'm trying to capture netflow traffic on a 6509 switch using Supervisor 720. I already enabled netflow on the MSFC and I do now know if I enabled all required configuration for the PFC. Here's my configuration.

mls flow ip destination-source

mls flow ipv6 full

mls nde sender version 5

interface vlan 1

ip route-cache flow

interface vlan 150

ip route-cache flow

I followed the configuration found on this link, http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml#confios1.

I cannot configure mls flow ip full and I do not know why. It's giving me this error. "% Unable to configure flow mask for ip protocol: full. Reset to the default flow mask type: none". So I have to stick with destination-source. Also, the command **ip flow ingress layer2-switched vlan 10,20 is not available.

I am trying to capture traffic that traverses the MSFC then the firewall. Is there other way I can configure IP accounting and traffic measurement like NetFlow on an ASA firewall? The traffic on the firewall displays 3 to 4Mbps of traffic but the Netflow reading on my Netflow Analyzer is too low. Around 1Mbps only. Can anyone help me please? Thanks in advance.

John

*

4 Replies 4

jpl861
Level 4
Level 4

I also have these configurations. Forgot to include on my email.

ip flow-export source Vlan1

ip flow-export version 5

ip flow-export destination 10.199.58.158 9996

ip flow-export destination 10.199.41.253 9996

John

Edison Ortiz
Hall of Fame
Hall of Fame

Please post the 'show mod' and 'show ver' output.

MSFC02#sh module

Mod Ports Card Type Model Serial No.

--- ----- -------------------------------------- ------------------ -----------

1 16 SFM-capable 16 port 1000mb GBIC WS-X6516A-GBIC SAL091386DR

2 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX SAL091387CJ

3 48 48-port 10/100 mb RJ45 WS-X6148-RJ-45 SAL0738LNC1

5 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAD090902YN

9 48 48-port 10/100 mb RJ45 WS-X6148-45AF SAL1026SR2W

Mod MAC addresses Hw Fw Sw Status

--- ---------------------------------- ------ ------------ ------------ -------

1 0013.7f4d.61c0 to 0013.7f4d.61cf 4.2 7.2(1) 8.3(0.156)RO Ok

2 0013.7f4d.5e50 to 0013.7f4d.5e7f 10.1 7.2(1) 8.3(0.156)RO Ok

3 000d.bc1e.b864 to 000d.bc1e.b893 1.3 5.4(2) 8.3(0.156)RO Ok

5 0011.21b9.ff84 to 0011.21b9.ff87 4.3 8.1(3) 12.2(18)SXD3 Ok

9 0018.1942.0590 to 0018.1942.05bf 3.1 8.3(1) 8.3(0.156)RO Ok

Mod Sub-Module Model Serial Hw Status

--- --------------------------- ------------------ ------------ ------- -------

5 Policy Feature Card 3 WS-F6K-PFC3B SAD090807KN 2.0 Ok

5 MSFC3 Daughterboard WS-SUP720 SAD085002UV 2.3 Ok

9 IEEE Voice Daughter Card WS-F6K-FE48-AF SAL1028UJTP 1.5 Ok

Mod Online Diag Status

--- -------------------

1 Pass

2 Pass

3 Pass

5 Pass

9 Pass

MSFC02#sh version

Cisco Internetwork Operating System Software

IOS (tm) s72033_rp Software (s72033_rp-PSV-M), Version 12.2(18)SXD3, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2004 by cisco Systems, Inc.

Compiled Thu 09-Dec-04 23:53 by pwade

Image text-base: 0x4002100C, data-base: 0x42030000

ROM: System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)

BOOTLDR: s72033_rp Software (s72033_rp-PSV-M), Version 12.2(18)SXD3, RELEASE SOFTWARE (fc1)

MSFC02 uptime is 23 weeks, 18 hours, 3 minutes

Time since MSFC02 switched to active is 23 weeks, 18 hours, 2 minutes

System returned to ROM by unknown reload cause - suspect boot_data[BOOT_COUNT] 0x0, BOOT_COUNT 0, BOOTDATA 19 (SP by break at PC 0x40452FE8)

System restarted at 01:28:09 GMT Tue Feb 3 2009

System image file is "sup-bootflash:s72033-psv-mz.122-18.SXD3.bin"

cisco WS-C6509 (R7000) processor (revision 3.0) with 458720K/65536K bytes of memory.

Processor board ID SMG0738A04H

SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache

Last reset from power-on

X.25 software, Version 3.0.0.

Bridging software.

26 Virtual Ethernet/IEEE 802.3 interface(s)

96 FastEthernet/IEEE 802.3 interface(s)

66 Gigabit Ethernet/IEEE 802.3 interface(s)

1917K bytes of non-volatile configuration memory.

8192K bytes of packet buffer memory.

65536K bytes of Flash internal SIMM (Sector size 512K).

Configuration register is 0x2102

I suggest upgrading to a newer IOS since a lot of the NetFlow new features were deployed after 12.2(18)SXE and you have 12.2(18)SXD.

For instance, 'ip flow layer2-switched':

http://www.cisco.com/en/US/docs/ios/netflow/command/reference/nf_01.html#wp1013084

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: