Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
687
Views
0
Helpful
0
Replies

Flexible Netflow v9 on Q-in-Q (802.1q tunnelled) IPv4 flows

richard.thomas
Level 1
Level 1

‎08-02-2013 07:46 AM

Hi all,

Can anyone tell me whether Flexible Netflow (FNF) v9 can be configured to match on 802.1q Tunnelled IPv4 flows?

Basically we are using Q-in-Q accross our backbone and want to provide statistics on the the number of IPv4 flows (source/destination IP address pairs) running over it. The problem however is that these IPv4 flows are encapsulated by two 802.1q VLAN tags - the inner represnting the VLAN the customer uses and the outer representing the customer of the service provider.

From a snippet of documentation I found regarding  FNF for 6500 series switches, I came across this but i cannot see how this would help when using Q-in-Q as above:

"By default, NetFlow does not show statistics for traffic going across the same VLAN, but only for traffic that comes in from one VLAN and out to another. To view the statistics for traffic going across the same VLAN, disable software switched netflow, i.e. do not configure ip route-cache flow on the layer 3 interface.In order to enable the creation of switched, bridged, and Layer 2 IP flows for a specific VLAN, issue the ip flow layer2-switched.  " 

So basically, I'm not sure that it is even possible to do what I want FNF to do - can anyone help please?

Kind regards

Richard     

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents