cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
632
Views
0
Helpful
7
Replies

Netflow Configuration Issue

everestm
Level 1
Level 1

Hello All,

I'm trying to configure netflow on my 6509. It works and exports data for layer 3 interfaces fine.

I'm trying to monitor layer 2 interfaces (both access and trunk). Is this possible?

In some locations I've seen reference to the commands

ip flow ingress layer2-switched vlan <vlanlist>

ip flow export layer2-switched vlan <vlanlist>

however when I try to put the commands in at global config they are rejected. ("ip flow" is rejected).

Is this possible, am I doing something wrong?

6509/Sup 720/3BXL

12.2(18)SXF8

7 Replies 7

Jan Nejman
Level 3
Level 3

Try to configure: mls nde

It enable layer 2 accounting...

layer2-switched vlan comman activates sending information about communication in the same vlan, i.e. from port 1 in vlan A to port 2 in swame vlan A. More about layer2-switched commands you can find on our web page: http://support.caligare.com/kb/7

More info abou mls nde configuration can be found on the url: http://netflow.caligare.com/configuration_native.htm

Bye

Jan

Thanks for the reply's

The above sites just mention using the

ip flow ingress layer2-switched vlan

ip flow export layer2-switched vlan

commands ... which unfortunatly my 6509 won't take. Has anyone else run into a switch rejecting the commands? From what I can tell with my IOS and the 3BXL, I should be fine, it just doesn't work.

I have the same problem did anyone have a solution?

Hello,

could you send me exact error message when you try "ip flow" commands? Why it is rejected?

Do you using NAT on the box? What is mls flow mask setting?

Kind regards,

Jan

dannyf
Level 1
Level 1

Command rejected, it does not even parse, I have the right hardware version 3B (6509 sup720-3B)and supported IOS version 12.2(33)SXH2a.

any ip flow xxx commands are not allowed only the ip flow-xxxx commands work.

ip flow-cache timeout active 1

ip multicast-routing

no ip domain-lookup

no ipv6 mld snooping

ipv6 mfib hardware-switching replication-mode ingress

!

no mls acl tcam share-global

mls aging long 128

mls aging normal 32

mls netflow interface

mls flow ip interface-full

no mls flow ipv6

mls nde sender version 5

mls qos

mls cef error action freeze

ip flow-export source Loopback0

ip flow-export version 5

ip flow-export destination x.x.x.x 2055

Hello,

I tried version 12.2(18)SXF14 and there is not problem with SUP720-3B.

See:

Lan2(config)#ip flow ingress layer2-switched vlan 100 ?

, comma

- hyphen

Maybe the problem is in the IOS version... I saw several problems with mls flow mask when I used NAT/PAT. But the problem with "ip flow" command I have never seen in the past. I'll more investigate in to this problem or try contact your engeneer from Cisco. I've no idea why the command is not supported at this time.

Jan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco