Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15646
Views
5
Helpful
4
Replies

Enabling Netflow on a 6509

gginty
Level 1
Level 1

‎03-29-2010 08:40 AM - edited ‎03-06-2019 10:21 AM

We have a 6509 with supervisor engine 720. I am trying to enable Netflow and having some issues with the configuration. It is to my understanding that netflow is supported on the 6509 with sup engine 720 and IOS Version 12.2(33)SXI3

I  have entered the following commands in configuration mode:

ip flow-export source gig3/14

ip flow-export version 5

ip flow-export destination 192.168.51.61 2055

int gig3/14

ip flow egress 

    ^

% Invalid input detected at '^' marker

And this is as far as I can get.  It appears that when I switch to the actual interface I want to recieve data from, that the command is not supported?

Thanks

1 person had this problem
Labels:
4 Replies 4

droeun141
Level 1
Level 1

‎03-29-2010 09:11 AM

Since the 6509 is L3, you have to do it under the VLAN, or issue a 'no switchport' first to make it a routable interface.

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎03-29-2010 09:11 AM

Hello Gginty,

you should enable netflow on all interfaces you want to monitor

the source interface you use to send netflow accouting packets is a different matter.

see

http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/netflow.html#wp1158797

Hope to help

Giuseppe

0 Helpful

andrew.prince
Level 10
Level 10

‎03-30-2010 03:29 AM

Use the below config

!
ip flow-cache entries 131072
ip flow-cache timeout active 1
ip flow ingress layer2-switched vlan <>
mls flow ip interface-full
no mls flow ipv6
mls nde sender version 5

**VLAN/physical interface's**
ip flow ingress
ip route-cache flow


ip flow-export source <>
ip flow-export version 5
ip flow-export destination <> <>

This works on ALL x6 - 6509 Sup 720's.

0 Helpful

jakewilson
Level 1
Level 1

‎03-30-2010 07:34 AM

Hello Gginty,

I'm in the process of writing a document on exporting NetFlow and the Cisco Catalyst.  Scroll down about 2/3s of the way on this page:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6601/prod_white_paper0900aecd80406232.html

"Normally on Cisco Catalyst 6500 Series Switch both hardware and software based NetFlow is configured." The above explains how to configure both. 

Note: Either ip flow ingress or ip route-cache flow command can be used depending on the Cisco IOS Software version. Ip flow ingress is available in Cisco IOS Software Release 12.2(15)T or above.

Anyway, what caught my eye in your post was "ip flow egress".   I read:

"When both the ip flow ingress and ip flow egress are enabled on the BVI interface, then it leads to receive duplicate packets. Usually the netflow is configured either only in ingress or egress, since netflow works on a per interface basis."

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml

Make sure your NetFlow Reporting package can handle egress flows as many don't. 

Jake

www.scrutinizer.com

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card