Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2359
Views
0
Helpful
3
Replies

issues enable IP accounting

network770
Level 1
Level 1

‎12-08-2011 12:36 PM - edited ‎03-07-2019 03:48 AM

I have a 6500 and I would like to enable IP accounting on a wan interface.  I have done the following on the interface level

C6K(config-if)#ip accounting output-packets

and the switches gives me :

Accounting will exclude mls traffic when mls is enabled.

then when I do sh ip accounting I see nothing.  why?

How do I see all traffic going in & out of a given interface?

Labels:
0 Helpful
3 Replies 3

Edison Ortiz
Hall of Fame
Hall of Fame

‎12-08-2011 12:40 PM

ip accounting is not supported on that box.

if you want to capture traffic, please deploy and configure NetFlow.

Regards,

Edison

0 Helpful

network770
Level 1
Level 1
In response to Edison Ortiz

‎12-08-2011 12:53 PM

IP accounting is not supported a C6500? are you serious?

If that is the case do would Netflow get me the top talkers?

How do I configure it on a 6500?

0 Helpful

Don Jacob
Level 1
Level 1
In response to network770

‎12-08-2011 10:51 PM

Hi,

Refer the below link for details on this:

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af1.shtml#ip_accounting

In short, as Edison said, NetFlow will be a better option. And yes, NetFlow can give you information on top talkers, applications, port, protocol, etc. Unlike IP Accounting, you will probably need a NetFlow collector and analyzer software for better visibility and understanding of NetFlow data. A NetFlow configuration sample for the Cisco 6500 is as below:

mls netflow  // This enables NetFlow on the Supervisor.

mls nde sender version 7

mls aging long 64  // This breaks up long-lived flows into (roughly) one-minute segments.

mls aging normal 32  // This ensures that flows that have finished are exported in a timely manner.

If you have Supervisor Engine 720, you need to execute the below two commands to put the interface information in the netflow packets.

mls flow ip interface-full

mls nde interface

The next two commands will help to enable NetFlow data export for bridged traffic which is optional. You can specify the list of VLANs here to enable bridged traffic.

ip flow ingress layer2-switched vlan

ip flow export layer2-switched vlan

You can also find more information about these commands in the following Cisco link:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/nde.html#wp1047637

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml

Apart from this, the MSFC also has to be configued for NetFlow export. Sample config commands are below.

ip route-cache flow  // This command has to be executed on all the L3/VLAN interfaces.

ip flow-export destination {hostname|ip_address} 9996  // The hostname or IP address of the server where NetFlow Analyzer is installed

ip flow-export source {interface} // The interface through which NetFlow packets are exported. eg: FastEthernet 0/0

ip flow-export version 5

ip flow-cache timeout active 1

ip flow-cache timeout inactive 15

snmp-server ifindex persist

Regards,

Don Thomas Jacob

www.netflowanalyzer.com

NOTE: Please rate posts and close questions if your query has been answered

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card