07-14-2009 09:02 AM - edited 03-06-2019 06:45 AM
*Hi Guys,
I'm trying to capture netflow traffic on a 6509 switch using Supervisor 720. I already enabled netflow on the MSFC and I do now know if I enabled all required configuration for the PFC. Here's my configuration.
mls flow ip destination-source
mls flow ipv6 full
mls nde sender version 5
interface vlan 1
ip route-cache flow
interface vlan 150
ip route-cache flow
I followed the configuration found on this link, http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml#confios1.
I cannot configure mls flow ip full and I do not know why. It's giving me this error. "% Unable to configure flow mask for ip protocol: full. Reset to the default flow mask type: none". So I have to stick with destination-source. Also, the command **ip flow ingress layer2-switched vlan 10,20 is not available.
I am trying to capture traffic that traverses the MSFC then the firewall. Is there other way I can configure IP accounting and traffic measurement like NetFlow on an ASA firewall? The traffic on the firewall displays 3 to 4Mbps of traffic but the Netflow reading on my Netflow Analyzer is too low. Around 1Mbps only. Can anyone help me please? Thanks in advance.
John
*
07-14-2009 09:12 AM
I also have these configurations. Forgot to include on my email.
ip flow-export source Vlan1
ip flow-export version 5
ip flow-export destination 10.199.58.158 9996
ip flow-export destination 10.199.41.253 9996
John
07-14-2009 10:27 AM
Please post the 'show mod' and 'show ver' output.
07-14-2009 11:31 AM
MSFC02#sh module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 16 SFM-capable 16 port 1000mb GBIC WS-X6516A-GBIC SAL091386DR
2 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX SAL091387CJ
3 48 48-port 10/100 mb RJ45 WS-X6148-RJ-45 SAL0738LNC1
5 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAD090902YN
9 48 48-port 10/100 mb RJ45 WS-X6148-45AF SAL1026SR2W
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
1 0013.7f4d.61c0 to 0013.7f4d.61cf 4.2 7.2(1) 8.3(0.156)RO Ok
2 0013.7f4d.5e50 to 0013.7f4d.5e7f 10.1 7.2(1) 8.3(0.156)RO Ok
3 000d.bc1e.b864 to 000d.bc1e.b893 1.3 5.4(2) 8.3(0.156)RO Ok
5 0011.21b9.ff84 to 0011.21b9.ff87 4.3 8.1(3) 12.2(18)SXD3 Ok
9 0018.1942.0590 to 0018.1942.05bf 3.1 8.3(1) 8.3(0.156)RO Ok
Mod Sub-Module Model Serial Hw Status
--- --------------------------- ------------------ ------------ ------- -------
5 Policy Feature Card 3 WS-F6K-PFC3B SAD090807KN 2.0 Ok
5 MSFC3 Daughterboard WS-SUP720 SAD085002UV 2.3 Ok
9 IEEE Voice Daughter Card WS-F6K-FE48-AF SAL1028UJTP 1.5 Ok
Mod Online Diag Status
--- -------------------
1 Pass
2 Pass
3 Pass
5 Pass
9 Pass
MSFC02#sh version
Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-PSV-M), Version 12.2(18)SXD3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Thu 09-Dec-04 23:53 by pwade
Image text-base: 0x4002100C, data-base: 0x42030000
ROM: System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-PSV-M), Version 12.2(18)SXD3, RELEASE SOFTWARE (fc1)
MSFC02 uptime is 23 weeks, 18 hours, 3 minutes
Time since MSFC02 switched to active is 23 weeks, 18 hours, 2 minutes
System returned to ROM by unknown reload cause - suspect boot_data[BOOT_COUNT] 0x0, BOOT_COUNT 0, BOOTDATA 19 (SP by break at PC 0x40452FE8)
System restarted at 01:28:09 GMT Tue Feb 3 2009
System image file is "sup-bootflash:s72033-psv-mz.122-18.SXD3.bin"
cisco WS-C6509 (R7000) processor (revision 3.0) with 458720K/65536K bytes of memory.
Processor board ID SMG0738A04H
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from power-on
X.25 software, Version 3.0.0.
Bridging software.
26 Virtual Ethernet/IEEE 802.3 interface(s)
96 FastEthernet/IEEE 802.3 interface(s)
66 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102
07-15-2009 05:30 AM
I suggest upgrading to a newer IOS since a lot of the NetFlow new features were deployed after 12.2(18)SXE and you have 12.2(18)SXD.
For instance, 'ip flow layer2-switched':
http://www.cisco.com/en/US/docs/ios/netflow/command/reference/nf_01.html#wp1013084
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: