Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

gather Neflow statistic in LAN

Hello,

we have some problems with gathering the Netflow statustic on our 6500 SUP720B and need some other solution. the problem is quite simple - netflow table on SUP720 goes full very fast, in 5-10 seconds and the netflow data statisctic is not fully exported.

Will e.g. NAM (or NAM2) sefvice card help us to gather the full netflow statistic? or is there other ways?

many Thanks.

4 REPLIES
Blue

Re: gather Neflow statistic in LAN

If you haven't customized the cache timeout values, that may be an option.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/command/reference/I1.html#wp1271726

mls aging fast [threshold|time] ###

mls aging long ###

mls aging normal ###

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hnf_c/ch05/nfb_bmch.htm#wp1047359

ip flow-cache timeout inactive ###

ip flow-cache timeout active ##

Another option might be sampled netflow. Or, if you really only want to analyze certain traffic, you can try applying netflow filters. The latter two may require certain IOS code levels.

Re: gather Neflow statistic in LAN

hi,

thank you for the responce!

age doesn't help, i tried the minimal values.

sampled netflow doesn't help to reduce the Netflow table utilisation and we need to see all traffic.

Bronze

Re: gather Neflow statistic in LAN

Hello Konstantin,

I'm following to our previous discussion...

Could you change flow mask? You will see less details, but all flows. (Maybe is solution change it to see only src/dst IP and not ports, etc...) I suppose that changed flowmask can save 25% of flowcache... (see http://support.caligare.com/kb/entry/47/ about flowmasks) I think that a "Destination-Source-Interface" can be fine for you...

Jan

Re: gather Neflow statistic in LAN

Hello Jan,

actually dst-src-int flowmask is currently used and I don't think the flow mask has any influence on Netflow table size, because aggregation, flowmask and samples are applyied only to exported Netflow data but not to the data which is used to build up the Netflow able itself.

126
Views
0
Helpful
4
Replies
CreatePlease to create content