01-12-2007 09:10 AM
I would like to get NetFlow information from individual layer 2 switch ports.
I have read many conversations and many Cisco docs. I know that I need to configure NetFlow on the PFC and the MSFC but I can't seem to do it. I read that I need to enable CEF but "ip cef" (not available) and "ip cef distributed" have no effect.
The switchports have no "ip route-cache" commands. Only "ip {address|rsvp|rtp|vrf}"
Here are my current settings:
ip flow-cache timeout active 1
ip flow-export source Vlan1
ip flow-export version 5 origin-as
ip flow-export destination 172.24.0.138 9996
mls aging long 64
mls aging normal 32
mls flow ip interface-full
mls flow ipx destination
mls nde sender
interface Serial8/0/0
ip address xx.yy.zz.198 255.255.255.252
encapsulation ppp
ip route-cache flow
<snip>
Here I try to enable CEF:
IL02-B1F00DCC1-SW01#sh run | inc cef
IL02-B1F00DCC1-SW01#
IL02-B1F00DCC1-SW01#conf t
Enter configuration commands, one per line. End with CNTL/Z.
IL02-B1F00DCC1-SW01(config)#ip cef distributed
IL02-B1F00DCC1-SW01(config)#exit
IL02-B1F00DCC1-SW01#sh run | inc cef
IL02-B1F00DCC1-SW01#
IL02-B1F00DCC1-SW01#conf t
Enter configuration commands, one per line. End with CNTL/Z.
IL02-B1F00DCC1-SW01(config)#no ip cef dist
%Cannot disable CEF on this platform
IL02-B1F00DCC1-SW01(config)#exit
IL02-B1F00DCC1-SW01#
Here is another command that is not available:
Switch(config)#ip flow ingress layer2-switched vlan 10,20
What am I missing here? Bad IOS Version?
Thanks, Scott
01-19-2007 09:41 AM
Scott,
6500s in our environment are exporting L2 flow information just fine from the PFCs. The only difference I see from your environment is the following:
-mls nde sender version 5
Yours doesn't specify the flow version. Perhaps it defaults to 5 if not specified, I am not sure.
-ip flow ingress
Your L3 interfaces specify 'ip route-cache flow' which I believe is deprecated and will soon be removed. This shouldn't have any bearing on the PFC exports though.
What do you see when you issue the command 'show mls nde'? Do you see exported flow stats?
BTW, 'ip cef distributed' is enabled by default and, as you can see, can not be disabled. For this reason you will not see it in the running configuration.
-m2
01-19-2007 10:30 AM
Didn't know "ip route-cache flow" had been deprecated in the newer IOS. Did a search, and found it's indeed true:
01-19-2007 12:10 PM
Scott,
The commands you need for layer2-switched traffic:
ip flow ingress layer2-switched vlan
ip flow export layer2-switched vlan
However, from the IOS guide: A PFC3B or PFC3BXL running 12.2(18)SXE or higher is required for this command, which enables NDE for all traffic within the specified VLANs rather than just inter-VLAN traffic.
HTH
Steve
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: