I need some advice regarding getting some "eyes" onto the traffic on my WAN/LAN.
We are mainly a 100% cisco shop. we just put in a Cisco 3750 as a layer 3 switch. This switch has links to many of our other switches (2900/3500) and routers (2600). This 3750, we consider it our core switch.
We have an MPLS circuit and (2) multilinked T1s for internet access. the MPLS is running on a 2600 series router, and the internet is on a 2800 series router.
I have a new CCNA i just hired two months ago whom i asked to get NETFLOW working to send flows to NTOP. After a bit, he came back to me and said that the 3750 does not support NETFLOW.
Now i'm in a position to not have enough knowledge to challenge him on this. As IT Manager, i'm NOT a router/switch expert.
My hopes was to be able to collect the netflows from the devices and bring the data into NTOP for analysis. (we're using NTOP because like many firms, I have no budget for real monitoring equipment).
We are about to put a new $300k Mitel VOIP system in by december. I wanted to be able to look at endpoint traffic on our wire to judge what's going over the wire between my main site and our remote site via the MPLS circuit. This route is the main one in which some of the new VOIP traffic will be going over.
So i wanted to perform analysis of the traffic. Not full packet sniffing. but what protocols, nodes, top talkers, etc. are consuming that bandwidth.
My CCNA said this:
"As per Cisco Netflow is not supported on the 3750 due to hardware limitations. That is what I have been waiting for and took so long to hear back from them on."
anyways, is his statement correct? if so, is it as simple as upgrading memory / IOS? or is it NOT really capable of handling NETFLOW.
if that is the case, what else can I do? Is there support for RMON2 for layer3 data to be had from this device?
Kudos to your CCNA. He is correct in saying that the 3750 does not support Netflow. As a matter of fact, it there aren't any future plans at this time to support it. However, one suggestion is that most likely your 3750 Metro connects to a device that does. What you can do is monitor the traffic on the port(s) that the traffic will be traversing before or after it gets to the 3750.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...