Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Configuring Netflow on 6500 Switch

Hello All,

I have never worked on a 6500 prior to now and i was tasked to configure netflow and export data to Orion Solarwinds.

The config i entered on the switch is show below

All vlan and lo 0 have ip addresses

Switch(config)mls netflow

Switch(config)mls netflow ip interface-full

Switch(config)int vlan 2

Switch(config-if) ip route-cache flow

Switch(config-if) exit

Switch(config)int vlan 6

Switch(config-if) ip route-cache flow

Switch(config-if) exit

Switch(config)int vlan 7

Switch(config-if) ip route-cache flow

Switch(config-if) exit

Switch(config) ip netflow ingress layer2-switched vlan 2,6,7

Switch(config) mls nde sender version 5

Switch(config) ip flow-export source lo 0

Switch(config) ip flow-export destination 10.20.86.137 2055

Switch(config) ip flow-export layer2-switched vlan 2,6,7

Still, the data is not being exported to Orion NPM.

I have checked other documentations and configs differ slighty but no concrete solution.

Please any suggestions

Everyone's tags (1)
4 REPLIES

Configuring Netflow on 6500 Switch

Hi,

which IOS version are you running?

What do show mls netflow ip and  show mls nde commands display?

See  http://www.cisco.com/en/US/customer/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml#veri_

Best regards,

Milan

New Member

Configuring Netflow on 6500 Switch

ROM: System Bootstrap, Version 12.2(17r)SX5, RELEASE SOFTWARE (fc1)

Displaying Netflow entries in Active Supervisor EARL in module 5

DstIP           SrcIP           Prot:SrcPort:DstPort  Src i/f          :AdjPtr

-----------------------------------------------------------------------------

Pkts         Bytes         Age   LastSeen  Attributes

---------------------------------------------------

10.20.69.47     10.208.33.140   tcp :23168  :1529     Gi5/2            :0x0

1            52            12    16:23:40   L3 - Dynamic

10.20.71.84     176.32.98.230   tcp :www    :1545     Gi5/1            :0x0

13           14037         13    16:23:39   L3 - Dynamic

10.20.68.242    10.208.33.142   tcp :7833   :1373     Gi5/1            :0x0

1            52            13    16:23:39   L3 - Dynamic

10.64.4.158     10.20.6.16      tcp :5557   :1631     Vl6              :0x0

591          65306         24    16:23:52   L3 - Dynamic

10.48.132.87    140.207.54.36   tcp :8080   :34975    Gi5/1            :0x0

9            1836          61    16:23:23   L3 - Dynamic

10.32.9.11      10.20.31.70     udp :5000   :5100     Vl28             :0x0

12           552           28    16:23:49   L3 – Dynamic

hh-core-2#sh mls nde

Netflow Data Export enabled

Exporting flows to  10.18.69.137 (2055)

Version: 5

Layer2 flow creation is enabled on vlan 2,4,6-7,10,12,14,20,28

Layer2 flow export is enabled on vlan 2,4,6-7,10,12,14,20,28

Include Filter not configured

Exclude Filter not configured

Total Netflow Data Export Packets are:

    542551 packets, 0 no packets, 15733692 records

Total Netflow Data Export Send Errors:

        IPWRITE_NO_FIB = 0

        IPWRITE_ADJ_FAILED = 0

        IPWRITE_PROCESS = 0

        IPWRITE_ENQUEUE_FAILED = 0

        IPWRITE_IPC_FAILED = 0

        IPWRITE_OUTPUT_FAILED = 0

        IPWRITE_MTU_FAILED = 0

        IPWRITE_ENCAPFIX_FAILED = 0

        IPWRITE_CARD_FAILED = 0

Netflow Aggregation Disabled

Configuring Netflow on 6500 Switch

Hi,

I can see

hh-core-2#sh mls nde

Netflow Data Export enabled

Exporting flows to  10.18.69.137 (2055)

but

Switch(config) ip flow-export destination 10.20.86.137 2055

in your config.

Are you exporting to the correct collector on the correct port?

If yes, isn't there any FW or an ACL blocking the NetFlow traffic on the path?

Bets regards,

Milan

New Member

Configuring Netflow on 6500 Switch

Hello Milan,

Thanks for your reply.

The correct endpoint is 10.18.69.137 2055.

There is no ACL on the switch denying traffic.

I added an ACL to allow netflow traffic aswell.

Still traffic is not being exported.

Thanks for you help

Mike

643
Views
5
Helpful
4
Replies