×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Unable to use Microflow policing along with Netflow Data Export (NDE) in Catalyst 6500 Series Switches running Cisco IOS Software

Document

Wed, 07/22/2009 - 19:43
Jul 1st, 2009
User Badges:
  • Gold, 750 points or more

Core Issue

The issue happens when you want to run Netflow and Microflow policing at the same time.

It is sometimes observed that Netflow fails to start exporting when a Microflow policer is already active. The Microflow policer continues to work. Alternatively, a Microflow policer does not function when Netflow is already enabled on a Catalyst 6500 and the policer configuration is applied. Netflow continues to function since it was enabled first.

The following are the limitations regarding NDE and microflow policers:

  1. Full flow microflow policer works only when NDE is configured to Src, Dest, Dest-Src or Full.
  2. Src-only / Dest-only Microflow policer will not work, when NDE is configured.


For addtional information refer to, Flow Masks.

Resolution

The only condition that allows the NDE and Microflow policer to work is to use the mls flow ip full command in global configuration mode which configures the flow mask for NDE. The Microflow policers do not match any IPv6 traffic.


Note : If you use mls flow ip full command it will consume more memory in MLS because it will have more entries based on layer 4 information. It is recommended to keep the size of the MLS cache below 32K entries. To keep the size of the MLS cache down, enable mls aging fast.


For additional information refer to, Configuring NetFlow Data Export (NDE).

Loading.

Actions

This Document

Related Content