• State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 24 subscribers
  • Views 516 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

The "Netflow Config On 6509" post

hueyiitectools

Do the commands listed in that post track both ingress and egress traffic on all interfaces?

What about switched interfaces?  Do I need to configure those manually?

  • 0

    I have all of the commands needed to setup ingress and egress on a 6509. I will post them tomorrow when i get back to the office.

    but to answer your question, I had to manually configure every port that i wanted to monitor. I ended up just setting up Ingress and egress on the vlan instead.

  • 0 in reply to r0berth1

    Thats interesting.  I posted this same question on cisco's netpro forum and was told by two different people that there was not a way to monitor layer2 interfaces, only layer3.  I thought I saw somewhere that there was a way to do layer2.

    Are you setting up ingress/egress on layer3 vlan interfaces?  I found that does work.

  • 0

    Here is a link to a Cisco document that goes through the steps for configuring Netflow on 6500 series swtches, both hybrid and native IOS.  They key command to monitor layer 2 is " ip flow ingress layer2-switched vlan xxxx". Also verify the NDE version is version 5, by default version 7 is configured.

     

    www.cisco.com/.../netflow-catalyst6500.pdf

     

    Hope this helps

  • 0 in reply to hueyiitectools

    Use the code below to monitor a vlan. But you could also replace interface Vlan??? with interface GigabitEthernet1/41 or any other port that you want to monitor.

    ip flow-cache timeout active 1
    !
    mls aging fast time 8 threshold 127
    mls aging normal 32
    mls flow ip full
    no mls flow ipv6
    mls nde sender version 7
    !
    interface Vlan???
     description **???**
     ip address ???.???.???.??? ???.???.???.???
     ip pim sparse-dense-mode
     ip route-cache flow
     ip igmp snooping mrouter interface GigabitEthernet1/48
    !
    interface Vlan???
     description **???**
     ip address ???.???.???.??? ???.???.???.???
     ip pim sparse-dense-mode
     ip route-cache flow
     mls netflow sampling
    !
    interface Vlan???
     description **???**
     ip address ???.???.???.??? ???.???.???.???
     ip helper-address ???.???.???.???
     ip flow ingress
     ip pim sparse-dense-mode
     ip route-cache flow
     mls netflow sampling
    !
    ip flow-export source Vlan???
    ip flow-export destination ???.???.???.???
    !
    end

  • 0 in reply to hueyiitectools

    One other thing to keep in mind when trying to monitor layer 2 interfaces for NetFlow on 6500s.  In order to get both routed and bridged traffic from Netflow, you'll need either a PFC3B or PFC3BXL running IOS 12.2(18) SXE or later.  If you have a PFC3A or you're running IOS code earlier than 12.2(18)SXE, you'll only get routed traffic stats.

  • 0 in reply to kweise

    good catch. I forgot to put that in there.

  • 0 in reply to r0berth1

    Thanks.  After having spent a stupid amount of time trying to find out why I couldn't get layer 2 traffic from a 6509 with a PFC3A card, I figured I'd try to save someone else from the same waste of time!

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.