2 Replies Latest reply on Feb 9, 2010 7:12 AM by selltekk

    Not capturing flow data from the interfaces I need data from...

      Hi,

      I am configuring netflow on our Cisco 6509 and I am new to this.

       

      I need to be able to capture flow data for VLAN 744 and 900 because users at the other end of those networks are having some slowness issues and I want to find out what is going on before I delve in and fiddle with stuff.

      None of the interfaces (vlans or otherwise) are behind the FWSM.

      It seems that I am unable to issues the IP FLOW INGRESS command on the following physical interfaces: gi 1/44, gi 4/24 and I'm not sure why.  There is a FLOWCONTROL ON/OFF [send] [RECEIVE] [DESIRABLE],  but I don't think that has anything to do with netflow...(I might be wrong).

      I am seeing netflow data from TONS of interfaces, including vlan 744, but the really interesting traffic that I need to see is on VLAN 900, but of course, I don't have any data from VLAN 900.  

       

      Can anyone help me out?

       

       

      IOS version:  s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(18)SXF9, RELEASE SOFTWARE (fc1)

      I have the following commands in the MSFC:

      ip flow-export source Loopback0

      ip flow-export version 5

      ip flow-export destination [0.0.0.0] 2055

      ip flow-cache timeout active 1

      ip flow ingress layer2-switched vlan 744,900

      <<just put this one in to see if it makes a difference>> ip flow ingress layer2 vlan 900

      mls ip multicast flow-stat-timer 9

      mls aging long 64

      mls aging normal 64

      mls flow ip interface-full

      no mls flow ipv6

      mls nde sender version 5

      <<On int gi 1/44:>>

      interface GigabitEthernet1/44

       description [description]

       switchport

       switchport access vlan 744

       switchport mode access

       no ip address

       logging event link-status

       spanning-tree portfast

      end

      << on int gi 4/24:>>

      switchport access vlan 900

       switchport mode access

       no ip address

       logging event link-status

       mls qos trust dscp

      << on int vlan 744:>>

      interface Vlan744

       description [description]

       ip address [0.0.0.0 0.0.0.0]

       ip flow ingress

       ip route-cache flow

       standby ip [0.0.0.0]

       standby priority 120

       standby preempt

       standby authentication *******

      << on int vlan 900:>>

      interface Vlan900

       description [description]

       ip address [0.0.0.0 0.0.0.0]

       no ip redirects

       no ip proxy-arp

       ip flow ingress

       ip route-cache flow