This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Netflow Config On 6509

jeff.stewart over 16 years ago

Just thought I'd post this since it seemed confusing during our install.

To config our 6509 for netflow data to be sent we added the following commands.

mls flow ip full

mls nde sender version 5

ip flow-export source blahblah

ip flow-export version 5

ip flow-export destination blahblah portblah

This will send netflow data for all routed interface on the router. No need to add 'ip route cache flow' or any other command to each interface.

0 jp over 15 years ago

Thanks, Jeff!
This looks just like what I use as well, just wanted to verify this for others on the forum.
'mls netflow sampling' also helps on some of our SVIs if we're missing some statistics - this often happens.
-JP
Cancel
Vote Up 0 Vote Down

Cancel
0 FormerMember over 15 years ago

On 6500s
If you are planning on flowing layer 2 / vlan info you will need the following commands
ip flow ingress layer2-switched vlan X
mls flow ip interface-full
l3 interfaces will need the following command entered in order to flow
ip flow ingress or ip flow egress or both i suppose depending on your application
Cancel
Vote Up 0 Vote Down

Cancel
0 step1014 over 15 years ago in reply to FormerMember

Yes,
on the other hand, please take care of command on 6500, which are native mode and hybrid OS.
Native mode is mostly using IOS and Hybrid mode is mostly using CATOS.
Below is a link for your reference to configure your 6509 switch.
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml
Cancel
Vote Up 0 Vote Down

Cancel
0 dan-uk over 14 years ago

Good Morning
I'm new to solarwinds Netflow and was wondering where my schoolboy error might be. I have a 6509 running the following IOS image :
sup-bootflash:s72033-ipservicesk9-mz.122-18.SXF12a.bin
I am monitoring only 1 routed interface in NPM at the moment for the purposes of getting netflow working/displaying correctly.
I have entered the following commands in global conf mode on the 6509:
mls flow ip full
mls nde sender version 5
ip flow-export source xxx.xxx.xxx.xxx
ip flow-export destination xxx.xxx.xxx.xxx xxxx
This should send data for all routed interfaces without the need to configure the interface with :
ip flow ingress
ip route-cache flow
In NTA, I have added this one interface. The problem I'm having is that on the summary page, the Top 5 Applications shows virtually no traffic, just some SNMP, NTP and Netbios.
However, if I click on the specific interface, the Top 5 Applications returns the real data, I.E several gigs of traffic replicating between our SANS, email, http etc..
If i only have one interface monitored in NTA, why does the summary page not display the same top 5 as in the interface view ?
As a test I added one more interface but this time from a 3600 series router and this time the summary page accurately reflects the stats in the interface page.....
Any help greatly appreciated.
Cheers
Dam
Cancel
Vote Up 0 Vote Down

Cancel
0 jjeffrey316 over 14 years ago in reply to dan-uk

The Cisco IOS version you are running "12.2-18.SXF12a.bin" according Cisco website (Netflow is globle export only) not just single interfaces.
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/nde.html
The newer -33 IOS version would allow you the just run Netflow chosen interfaces.
Cancel
Vote Up 0 Vote Down

Cancel
0 r0berth1 over 14 years ago in reply to FormerMember

this command "ip flow ingress layer2-switched vlan X" does not work on a 6509 with "Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-PK9SV-M), Version 12.2(17d)SXB11a, RELEASE SOFTWARE (fc1)".
Cancel
Vote Up 0 Vote Down

Cancel
0 wazzup over 14 years ago in reply to dan-uk

Hi all, anybody have experience with implementing NTA 3.5 on a 7609 running c6sup22-pk2sv-mz.121-27b.E4 ?
I'm using:
mls flow ip full
mls nde sender version 5
ip route-cache flow
ip flow-export source Loopback*
ip flow-export version 5
ip flow-export destination 1*.*.*.* 2055
my problem looks a bit like yours , i can't seem to display all data ...any idea's?
Cancel
Vote Up 0 Vote Down

Cancel
0 Bunookana over 14 years ago in reply to wazzup

You probably need to update the applications or ports that the Netflow module will report to you. After completing the steps below, I found that I was able to see all the traffic I was expecting to see.
Go to the Netflow settings page > Click Edit under "Application and Service Ports" > Select "Enable All Monitoring"
Cancel
Vote Up 0 Vote Down

Cancel
0 wazzup over 14 years ago in reply to Bunookana

done that (was enabled on all ports though) and waiting for collectors to collect something :-)
Cancel
Vote Up 0 Vote Down

Cancel
0 AlbanyNYMike over 14 years ago in reply to FormerMember

Hello all,
This has been quite confusing. We have implemented Netflow on all our 2821 routers. It was pretty easy.
Now the 6513 we have is a whole other story. none of the suggested answers posted here work.
ip flow ingress layer2-switched vlan X is not even an option. Once I hit "layer2" when typing the command, it is not recognized.
I have had success for about 20 minutes using this method:
Conf t - Int vlanXX
Ip flow ingress
ip route-cache flow
Conf t
ip flow-export version 5
ip flow-export source vlanXX
ip flow-export destination x.x.x.x 2055

This sends the vlan traffic to Orion, and displays properly for about 20 minutes, then it just stops. Also, when using this method, 99% of the stats are regarding the broadcast IP of the vlan.
Can anyone out there come up with a solid method for implementing netflow on a 6513?
Ciscos docs dont seem to help me out.
Cancel
Vote Up 0 Vote Down

Cancel