On Fri, Jul 20, 2001 at 12:21:59PM -0500, David Spindler wrote:
> The sup2 still supports version 1 which should have sour and dest ip set.
Version 1 exports should not be used for anything important since without
a sequence number it is not possible to detect lost flows.
The ifIndex (input/output) fields are left 0. v1 exports will not fix
this. It's either a bug or hardware limitation of the 65xx.
mark
>
>
> On Thu, 19 Jul 2001, Jeffrey Papen wrote:
>
> > I just replied to this issue for Luca Deri. I'll repeat it here for you.
> >
> > It depends on if you're using a sup1a w/ MSFC then you configure ip route-cache flow
> > on each vlan you want flows exporting from. Then in the global router config setup
> > the export ip, version, etc.
> >
> > If you have a sup2 with MSFC2 then it's ankle-grabbing time. Cisco changed NetFlow on
> > the MSFC2 to support only version 7. This means that dest IP, port, protocol, AS, and
> > some other cool fields are always set to zero. Now both the router and the switch
> > will be exporting to your collector where the router does a flow for the first packet
> > and the switch does a lobotomized flow for the remainder of the data.
> >
> > The commands you're looking for are:
> > SUP config
> > -----------
> >
> > set mls agingtime 256 (or whatever values)
> > set mls agingtime fast 10 5 (or whatever values)
> > set mls flow full
> > set mls nde 172.17.246.225 9996
> > set mls nde version 7 (version 7 not 5)
> > set mls nde enable
> >
> > MSFC config
> > -----------
> >
> > interface vlanx
> > ip route-cache flow
> >
> > ip flow-export destination 172.17.246.225 9996
> > ip flow-export version 5
> > ip flow-export source vlan 1
> >
> >
> > Here is a URL that may help.
> >
> > http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd/nde.htm#xtocid220905
> >
> >
> > If you end up opening a Cisco TAC case on this, we had case #B464927 on this issue.
> > Referencing it may help you out. The case was about an sup1a/MSFC working great and a
> > sup2/MSFC2 working like poop.
> >
> > Let me know if you have any other questions.
> >
> > Thanks,
> > - Jeffrey
> >
> > Vladimir Kotal wrote:
> >
> > > Hello,
> > >
> > > I'm trying to setup netflow on 'Cat6k-MSFC2 (R7000)' with MSFC2 cards.
> > > IOS ver is Version 12.1(3r)E2.
> > > Relevant configuration entries are:
> > >
> > > ip flow-cache entries 65536
> > > ip flow-cache timeout active 1
> > > ip flow-export source Vlan155
> > > ip flow-export version 5 peer-as
> > > ip flow-export destination a.b.c.d 9995
> > >
> > > and 'ip route-cache flow' on several interfaces. The box is running ~50M
> > > ATM line and various FEth based Vlan interfaces.
> > >
> > > The problem is that I no longer get the number of netflow packets I used
> > > to get when running the same lines on c75xx machine. The netlflow packet
> > > rate on 75xx with 12.1.x was usually hundreds packets per second, now it
> > > is hardly tens. I suspect it is caused by layer 3 switching.
> > > Could someone acknowledge my suspicion ?
> > >
> > > some useful links (which gave me no answer on this):
> > >
> > > http://www.cisco.com/univercd/cc/td/doc/product/lan/index.htm
> > > http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/msfc2_ds.htm
> > >
> > > please reply to my personal mail addr as well.
> > >
> > > Regards
> > >
> > > V. Kotal
> > > --
> > > cflowd mailing list
> > > cflowd@caida.org
> >
> > --
> > Yahoo! BGP/Peering Engineer
> > email: jeffrey@papen.com beep: page-jeffrey@papen.com
> > work: 408-349-3897 fax: 408-349-5307
> > cell: 650-580-2684 page: 877-701-1126
> > Yahoo Messenger ID: jpapen
> >
> >
> >
> >
> > --
> > cflowd mailing list
> > cflowd@caida.org
> >
>
> --
> David Spindler
> TIS-UTnet/THEnet
> 512-475-9299
> 512-415-1434
>
> --
> cflowd mailing list
> cflowd@caida.org
-- cflowd mailing list cflowd@caida.org
This archive was generated by hypermail 2b29 : Sat Jul 21 2001 - 20:40:21 PDT