NetFlow Nat problem

Unanswered Question
Nov 16th, 2009
User Badges:

Hello,

Thank you in advance for any help.

I have a Cisco7021 which works as follows: ppoe-pptp users + NAT+ Statistics collection on NetFlow (ip flow ingress - egress).

In general all works, but 50% of the traffic downloaded under natted ip written on the Inside global IP from NAT pool.

Example:

I download a file from 79.165.189.116


If I Have a real ip: [YY.YY.YYY.66]


#sh ip cache flow | inc 79.165.189.116

Vi3.297 YY.YY.YYY.66 Gi0/0* 79.165.189.116 06 132B 99B4 534

Vi3.297 YY.YY.YYY.66 Gi0/0 79.165.189.116 06 132B 99B4 534

Gi0/0 79.165.189.116 Vi3.297* YY.YY.YYY.66 06 99B4 132B 82

Gi0/0 79.165.189.116 Vi3.297 YY.YY.YYY.66 06 99B4 132B 1023


All normal, traffic fully on the subscriber


If I have private ip (NAT) [172.16.80.60]:


#sh ip cache flow | inc 79.165.189.116

Gi0/0 79.165.189.116 Vi3.156 YY.YY.YYY.33 06 FA5C 217C 3464

Gi0/0 79.165.189.116 Vi3.156* 172.16.80.60 06 FA5C 0441 1697

Vi3.156 172.16.80.60 Gi0/0 79.165.189.116 06 0441 FA5C 1859

Vi3.156 YY.YY.YYY.33 Gi0/0* 79.165.189.116 06 217C FA5C 1883


In 2 flow record inside local IP has been substituted by inside global ip [YY.YY.YYY.33].


(

ip nat pool inet YY.YY.YYY.32 YY.YY.YYY.47 prefix-length 28

#sh ip nat translations | inc 79.165.189.116

tcp YY.YY.YYY.33:3187 172.16.80.60:3187 79.165.189.116:21 79.165.189.116:21

- - - - - -

)


I have downloaded 1G but on netflow statistic for my address I have downloaded only 500M.

It is normal? Can some one guide me i will be very obliged waiting for your response.

Thank you.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion