Enabling Netflow on a 6509

Unanswered Question
Mar 29th, 2010

We have a 6509 with supervisor engine 720. I am trying to enable Netflow and having some issues with the configuration. It is to my understanding that netflow is supported on the 6509 with sup engine 720 and IOS Version 12.2(33)SXI3

I  have entered the following commands in configuration mode:

ip flow-export source gig3/14

ip flow-export version 5

ip flow-export destination 192.168.51.61 2055

int gig3/14

ip flow egress 

    ^

% Invalid input detected at '^' marker

And this is as far as I can get.  It appears that when I switch to the actual interface I want to recieve data from, that the command is not supported?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
droeun141 Mon, 03/29/2010 - 09:11

Since the 6509 is L3, you have to do it under the VLAN, or issue a 'no switchport' first to make it a routable interface.

Use the below config

!
ip flow-cache entries 131072
ip flow-cache timeout active 1
ip flow ingress layer2-switched vlan <>
mls flow ip interface-full
no mls flow ipv6
mls nde sender version 5

**VLAN/physical interface's**
ip flow ingress
ip route-cache flow


ip flow-export source <>
ip flow-export version 5
ip flow-export destination <> <>

This works on ALL x6 - 6509 Sup 720's.

jakewilson Tue, 03/30/2010 - 07:34

Hello Gginty,

I'm in the process of writing a document on exporting NetFlow and the Cisco Catalyst.  Scroll down about 2/3s of the way on this page:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6601/prod_white_paper0900aecd80406232.html

"Normally on Cisco Catalyst 6500 Series Switch both hardware and software based NetFlow is configured." The above explains how to configure both. 

Note: Either ip flow ingress or ip route-cache flow command can be used depending on the Cisco IOS Software version. Ip flow ingress is available in Cisco IOS Software Release 12.2(15)T or above.

Anyway, what caught my eye in your post was "ip flow egress".   I read:

"When both the ip flow ingress and ip flow egress are enabled on the BVI interface, then it leads to receive duplicate packets. Usually the netflow is configured either only in ingress or egress, since netflow works on a per interface basis."

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml

Make sure your NetFlow Reporting package can handle egress flows as many don't. 

Jake

www.scrutinizer.com

Actions

This Discussion