Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

gather Neflow statistic in LAN


we have some problems with gathering the Netflow statustic on our 6500 SUP720B and need some other solution. the problem is quite simple - netflow table on SUP720 goes full very fast, in 5-10 seconds and the netflow data statisctic is not fully exported.

Will e.g. NAM (or NAM2) sefvice card help us to gather the full netflow statistic? or is there other ways?

many Thanks.


Re: gather Neflow statistic in LAN

If you haven't customized the cache timeout values, that may be an option.

mls aging fast [threshold|time] ###

mls aging long ###

mls aging normal ###

ip flow-cache timeout inactive ###

ip flow-cache timeout active ##

Another option might be sampled netflow. Or, if you really only want to analyze certain traffic, you can try applying netflow filters. The latter two may require certain IOS code levels.

Re: gather Neflow statistic in LAN


thank you for the responce!

age doesn't help, i tried the minimal values.

sampled netflow doesn't help to reduce the Netflow table utilisation and we need to see all traffic.


Re: gather Neflow statistic in LAN

Hello Konstantin,

I'm following to our previous discussion...

Could you change flow mask? You will see less details, but all flows. (Maybe is solution change it to see only src/dst IP and not ports, etc...) I suppose that changed flowmask can save 25% of flowcache... (see about flowmasks) I think that a "Destination-Source-Interface" can be fine for you...


Re: gather Neflow statistic in LAN

Hello Jan,

actually dst-src-int flowmask is currently used and I don't think the flow mask has any influence on Netflow table size, because aggregation, flowmask and samples are applyied only to exported Netflow data but not to the data which is used to build up the Netflow able itself.

CreatePlease to create content