This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Configuring Cisco Routers to NOT send netflow data from all routable interfaces

Dfarinsky over 14 years ago

Hello,

We installed Solarwinds NPM and Netflow over a month ago. I'm collecting netflow data from about 80 WAN routers (more to add) and we are running into timeout issues between the polling server and SQL server where the NetFlow service stopped (due to timeout between servers) and had to be manually restarted. All 80 routers are sending Netflow data from both the WAN and LAN interfaces and I only want to receive data (at this time) from our WAN interfaces.

How do I disable sending of Netflow data from a Cisco router interface while still collecting from other interfaces?

I have all routers configured with Netflow commands:

For only the WAN interface:

ip route-cache flow

Global commands:

ip flow-cache timeout active 1

ip flow-export source Loopback0

ip flow-export version 5

ip flow-export destination <ip address> <port>

I tried adding "no ip route-cache flow" to the LAN interface but I was still receiving netflow data.

Thanks in advance!!

Dave

0 mcbridea over 14 years ago

I'd get rid of
iproute-cache flow
and replace with
ip flow ingress
ip flow egress
on the WAN IF config
Cancel
Vote Up 0 Vote Down

Cancel
0 Dfarinsky over 14 years ago in reply to mcbridea

Thanks for the reply! I tried one router and ip flow egress was not available:
HDS-USATLRTR01(config)#interface Serial0/0
HDS-USATLRTR01(config-if)#ip flow ?
ingress Enable inbound NetFlow

HDS-USATLRTR01(config-if)#do sho ver
C2600 Software (C2600-I-M), Version 12.3(25)

Maybe an IOS limitation?

Thanks!
Cancel
Vote Up 0 Vote Down

Cancel
0 r0berth1 over 14 years ago in reply to Dfarinsky

Is it better to add the netflow config to the serial interface or to the sub-interfaces?
Cancel
Vote Up 0 Vote Down

Cancel

0 r0berth1 over 14 years ago in reply to Dfarinsky

ip flow

To enable NetFlow accounting for inbound (received) or outbound (transmitted) network traffic, use the ip flow command in interface or subinterface configuration mode. To disable NetFlow accounting, use the no form of this command.

ip flow {ingress | egress}

no ip flow {ingress | egress}

Syntax Description


ingress	Enables NetFlow accounting for traffic that is received on an interface. Note This is also known as ingress NetFlow accounting.
egress	Enables NetFlow accounting for traffic that is transmitted on an interface. Note This is also known as egress NetFlow accounting.

Command Default

NetFlow accounting is disabled.

Command Modes

Interface configuration (config-if)
Subinterface configuration (config-sub-if)

Command History


Release	Modification
12.2(14)S	This command was introduced.
12.2(25)S	Output of the show running configuration command was modified so that the ip route-cache flow command as well as the ip flow ingress command will appear when either command is configured.
12.2(15)T	This command was integrated into Cisco IOS Release 12.2(15)T.
12.3(11)T	The egress keyword was added.
12.2(28)SBB	This command was integrated into Cisco IOS Release 12.2(27)SBB and implemented for the Cisco 10000 series routers.
12.2(27)SBC	This command was integrated into Cisco IOS Release 12.2(27)SBC.
12.2(31)SB2	This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.2(18)SXE	Support for this command was introduced on the Supervisor Engine 720.
12.2(18)SXF	This command was integrated into Cisco IOS Release 12.2(18)SXF. This command was changed to allow you to dynamically create NetFlow entries on a 7600.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.

Usage Guidelines

Cisco 7600 Series Platforms

The ip flow ingress command is supported on the Supervisor Engine 720 in PFC3B and PFC3BXL mode.

The ip flow ingress command is supported on the Supervisor Engine 2 with a PFC2.

In Release 12.2(18)SXF and later releases, to create a NetFlow entry, you need to enter the ip flow ingress command. In releases prior to Release 12.2(18)SXF, the NetFlow entries are created automatically.

Other Platforms

Use this command on an interface or subinterface to enable NetFlow accounting for traffic.

You must enable CEF or dCEF globally on the networking device, and on the interface or subinterface that you want to enable NetFlow accounting on before you enable either ingress or egress NetFlow accounting.

Examples

The following example shows how to configure ingress NetFlow accounting for traffic that is received on FastEthernet interface 0/0:

Router(config)# interface fastethernet0/0

Router(config-if)# ip flow ingress

The following example shows how to configure egress NetFlow accounting for traffic that is transmitted on FastEthernet interface 0/0:

Router(config)# interface fastethernet0/0

Router(config-if)# ip flow egress

Related Commands


Command	Description
ip flow-egress input-interface	Removes the NetFlow egress accounting flow key that specifies an output interface and adds a flow key that specifies an input interface for NetFlow egress accounting.
ip flow-cache timeout	Specifies NetFlow accounting flow cache parameters
ip flow-cache entries	Changes the number of entries maintained in the NetFlow accounting cache.
show ip cache flow	Displays a summary of the NetFlow accounting statistics.
show ip cache verbose flow	Displays a detailed summary of the NetFlow accounting statistics.
show ip flow interface	Displays NetFlow accounting configuration for interfaces.

0 r0berth1 over 14 years ago in reply to mcbridea

I have tried this and i am still getting flows from all active interfaces on the router, including the loopback interface.
Cancel
Vote Up 0 Vote Down

Cancel
0 ElisabethZakes over 14 years ago in reply to r0berth1

I think contacting support would be the best option at this point.
Cancel
Vote Up 0 Vote Down

Cancel