08-17-2009 01:42 AM
Hello, I'm implementing MARS in my network. I have a 6500 switch for a core switch and 3560 for access switches. I use a FWSM with vlan interfaces. All vlans in my network use the FWSM as a layer 3 termination point.
I want to send netflow information to the MARS. However all interfaces on my switches are layer 2 and netflow is enabled on layer 3 interfaces. My FWSM does not support netflow for this. How and where can I use netflow to send to my MARS. Is there another way to implement MARS in my network. May be SNMP and where should i use this
08-17-2009 05:15 AM
I use mls netflow to accomplish what you are trying to do. Here are the commands I used to do it and the Cisco guide I initially found.
ip flow ingress layer2-switched vlan XX,XX-XX,XX-XX,XX
mls ip slb purge global
mls aging long 300
mls aging normal 60
mls netflow interface
mls flow ip interface-full
no mls flow ipv6
mls nde sender version 5
mls cef error action reset
ip flow-export source vlanXX
ip flow-export version 5
ip flow-export destination x.x.x.x 2055
08-19-2009 05:27 AM
Thank you very much for your help. I did what you suggested and now it seems to work fine.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: