Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

About the Netflow with PBR,result in Inconsistent flow

Hi all,
I am configuring Netflow on my GSR 12406 with PRP-1,for more detailed configuration please see below:


IOS (tm) GS Software (C12KPRP-P-M), Version 12.0(33)S1, RELEASE SOFTWARE (fc1)

ROM: System Bootstrap, Version 12.0(20020328:180436) [sumisra-rm1 3], DEVELOPMENT SOFTWARE

BOOTLDR: GS Software (C12KPRP-P-M), Version 12.0(33)S1, RELEASE SOFTWARE (fc1)

System image file is "disk0:c12kprp-p-mz.120-33.S1.bin"

cisco 12406/PRP (MPC7455) processor (revision 0x00) with 2097152K bytes of memory.
MPC7455 CPU at 665Mhz, Rev 2.1, 256KB L2, 2048KB L3 Cache
Last reset from mbus reset

2 Route Processor Cards
2 Clock Scheduler Cards
3 Switch Fabric Cards
2 Four Port Gigabit Ethernet/IEEE 802.3z controllers (8 GigabitEthernet).
2 Ethernet/IEEE 802.3 interface(s)
8 GigabitEthernet/IEEE 802.3 interface(s)
2043K bytes of non-volatile configuration memory.

62720K bytes of ATA PCMCIA card at slot 0 (Sector size 512 bytes).
65536K bytes of Flash internal SIMM (Sector size 256K).
Configuration register is 0x2102

WARNING: Old fab-loader in slot 4; use "upgrade fabric-downloader" to update


R-12406-2#show diags summ
SLOT 0  (RP/LC 0 ): Performance Route Processor
SLOT 3  (RP/LC 3 ): 4 Port ISE Gigabit Ethernet
SLOT 4  (RP/LC 4 ): 4 Port ISE Gigabit Ethernet
SLOT 5  (RP/LC 5 ): Performance Route Processor
SLOT 16 (CSC 0   ): Clock Scheduler Card(6) OC-192
SLOT 17 (CSC 1   ): Clock Scheduler Card(6) OC-192
SLOT 18 (SFC 0   ): Switch Fabric Card(6) OC-192
SLOT 19 (SFC 1   ): Switch Fabric Card(6) OC-192
SLOT 20 (SFC 2   ): Switch Fabric Card(6) OC-192
SLOT 24 (PS A1   ): Alarm Module(6)
SLOT 25 (PS A2   ): Alarm Module(6)
SLOT 28 (TOP FAN ): Standard Blower Module(6)
PEM  1  (POWER_A ): Standard AC PS [PWR-GSR6-AC=]
PEM  2  (POWER_B ): Standard AC PS [PWR-GSR6-AC=]


Here is my environment:

Problom.jpg

My configuration is:
interface GigabitEthernet3/1
ip address x.x.x.x y.y.y.y
no ip directed-broadcast
ip route-cache flow sampled input
ip policy route-map SDS-PBR
no negotiation auto

interface GigabitEthernet3/2
ip address x.x.x.x y.y.y.y

ip access-group DENY-ATTACK in
no ip directed-broadcast
ip route-cache flow sampled input
load-interval 60
no negotiation auto

interface GigabitEthernet3/3
no ip address
ip access-group DENY-ATTACK in
no ip redirects
no ip unreachables
no ip directed-broadcast
no ip proxy-arp
ip route-cache flow sampled input
load-interval 30
no negotiation auto
no cdp enable

interface GigabitEthernet3/3.102
encapsulation dot1Q 100
ip address x.x.x.x y.y.y.y
ip access-group DENY-ATTACK in
no ip redirects
no ip directed-broadcast
no ip proxy-arp
ip bgp fast-external-fallover permit
bfd interval 50 min_rx 50 multiplier 20

interface GigabitEthernet4/0
no ip address
no ip directed-broadcast
ip route-cache flow sampled input
load-interval 60
negotiation auto

interface GigabitEthernet4/0.101
encapsulation dot1Q 101
ip address x.x.x.x y.y.y.y
no ip directed-broadcast

interface GigabitEthernet4/1
ip address x.x.x.x y.y.y.y
no ip directed-broadcast
ip route-cache flow sampled input
ip policy route-map SDS-PBR
load-interval 60
no negotiation auto

R-12406-2#sh route-map SDS-PBR
route-map SDS-PBR, permit, sequence 10
  Match clauses:
    ip address (access-lists): ACL
  Set clauses:
    ip next-hop x.x.x.x(G4/0.101)

  Policy routing matches: 64093899126 packets, 36251499723829 bytes

R-12406-2#sh run | in flow
ip flow-cache timeout inactive 0
ip flow-cache timeout active 1
ip flow-sampling-mode packet-interval 128
ip flow-export source Loopback1
ip flow-export version 5 origin-as
ip flow-export destination x.x.x.x 9996


The following are my test results provide analysis and comparison:

InterfaceShow interfaceCollector Display
InputOutputInputOutput
G3/110Kbps86Mbps2Kbps82Mbps
G3/254Mbps58Mbps50Mbps45Mbps
G3/3.10217Mbps11Mbps18Mbps178Mbps
G4/0.10183Mbps166Mbps79Mbps0Mbps
G4/1227Mbps80Mbps226Mbps79Mbps

From the above data, you can see the interface G3/3.102, G4/0.101 flow,there is very large difference between the "Show interface" and "Collector Display".


I suspect the problem is caused by PBR

You have encountered similar problems?And how can I resolve this issue?

Look forward to your help,THANK YOU VERY VERY MUCH!!!

消息编辑者为:Zhi Xu

1 REPLY
Hall of Fame Super Silver

Re: About the Netflow with PBR,result in Inconsistent flow

Hello Zhi,

sorry for last reply

my first notes follow:

the command for enabling netflow should be given on a L3 interface, in the case of interface g3/3 and g4/0 the main interfaces have no ip address.

I would try to apply the command in the appropriate subinterface mode g3/3.102 and gi4/0.101

Hope to help

Giuseppe

565
Views
0
Helpful
1
Replies
CreatePlease login to create content