Mars in existing topology

Unanswered Question
Aug 17th, 2009
User Badges:

Hello, I'm implementing MARS in my network. I have a 6500 switch for a core switch and 3560 for access switches. I use a FWSM with vlan interfaces. All vlans in my network use the FWSM as a layer 3 termination point.

I want to send netflow information to the MARS. However all interfaces on my switches are layer 2 and netflow is enabled on layer 3 interfaces. My FWSM does not support netflow for this. How and where can I use netflow to send to my MARS. Is there another way to implement MARS in my network. May be SNMP and where should i use this

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
patwill66_2 Mon, 08/17/2009 - 05:15
User Badges:

I use mls netflow to accomplish what you are trying to do. Here are the commands I used to do it and the Cisco guide I initially found.

ip flow ingress layer2-switched vlan XX,XX-XX,XX-XX,XX

mls ip slb purge global

mls aging long 300

mls aging normal 60

mls netflow interface

mls flow ip interface-full

no mls flow ipv6

mls nde sender version 5

mls cef error action reset

ip flow-export source vlanXX

ip flow-export version 5

ip flow-export destination x.x.x.x 2055

Dirks Wed, 08/19/2009 - 05:27
User Badges:

Thank you very much for your help. I did what you suggested and now it seems to work fine.


This Discussion