Ok...Thanks for the O/P

1) Can u enable "mls flow ip"

take the output of show mls netflow flowmask

2) Can u enable "mls flow ip destination"

take the output of "show mls netflow flowmask"

3) Can u enable "mls flow ip source"

take the output of "show mls netflow flowmask"

when you are carrying above steps dont do a no of any of the commands entered. Just keep entering the commands one after the another and take the outputs.

IT would have been the best if had direct access to the devices, but anyways we can try it this way also.

HTH-Cheers,

Swaroop

7606-2-PLR(config)#mls flow ip destination

7606-2-PLR(config)#end

7606-2-PLR#sh ml

7606-2-PLR#sh mls ne

Sep 14 16:17:40.040 buc: %SYS-5-CONFIG_I: Configured from console by m onvty0 (192.168.1.1)

7606-2-PLR#sh mls ne

7606-2-PLR#sh mls netflow flo

7606-2-PLR#sh mls netflow flowmask

current ip flowmask for unicast: dst

current ipv6 flowmask for unicast: null

7606-2-PLR#conf t

Enter configuration commands, one per line. End with CNTL/Z.

7606-2-PLR(config)#ml

7606-2-PLR(config)#mls flo

7606-2-PLR(config)#mls flow ip sou

7606-2-PLR(config)#mls flow ip source

7606-2-PLR(config)#end

7606-2-PLR#sh mls netflow flowmask

current ip flowmask for unicast: src

current ipv6 flowmask for unicast: null

for the mls flow ip command i have a lot of options. the ios shell don't permit to issue

just "mls flow ip" command.

Hi Bindar,

From your output,

use only "mls flow ip source" as UBRL uses only source flow masks as per the docs.

Lets see if this closes the issue so we can flag off this thread for future references.

HTH-CHeers,

Swaroop

7606-2-PLR#sh mls netflow ip

Displaying Netflow entries in Supervisor Earl

DstIP SrcIP Prot:SrcPort:DstPort Src i/f :AdjPtr

-----------------------------------------------------------------------------

Pkts Bytes Age LastSeen Attributes

---------------------------------------------------

0.0.0.0 192.168.255.13 0 :0 :0 -- :0x0

71 4163 1921 21:32:15 L3 - Dynamic

0.0.0.0 172.16.1.66 0 :0 :0 -- :0x0

0 0 1224 21:31:52 L3 - Dynamic

0.0.0.0 192.168.255.12 0 :0 :0 -- :0x0

0 0 1916 21:32:16 L3 - Dynamic

0.0.0.0 0.0.0.0 0 :0 :0 -- :0x0

927 42642 1889 21:32:07 L3 - Dynamic

0.0.0.0 192.168.1.26 0 :0 :0 -- :0x0

0 0 1924 21:32:18 L3 - Dynamic

0.0.0.0 172.16.1.65 0 :0 :0 -- :0x0

79 4566 1224 21:31:52 L2 - Dynamic

0.0.0.0 11.11.11.4 0 :0 :0 -- :0x0

101352 10743312 88 21:31:51 L3 - Dynamic

0.0.0.0 192.168.255.11 0 :0 :0 -- :0x0

0 0 1915 21:32:11 L3 - Dynamic

0.0.0.0 11.11.11.1 0 :0 :0 -- :0x0

101352 10743312 88 21:31:51 L3 - Dynamic

0.0.0.0 192.168.1.46 0 :0 :0 -- :0x0

0 0 1836 21:32:07 L3 - Dynamic

0.0.0.0 11.11.11.5 0 :0 :0 -- :0x0

101352 10743312 88 21:31:51 L3 - Dynamic

0.0.0.0 11.11.11.2 0 :0 :0 -- :0x0

101352 10743312 88 21:31:51 L3 - Dynamic

0.0.0.0 12.12.12.1 0 :0 :0 -- :0x0

101352 10743312 88 21:31:51 L3 - Dynamic

0.0.0.0 11.11.11.3 0 :0 :0 -- :0x0

101352 10743312 88 21:31:51 L3 - Dynamic

0.0.0.0 12.12.12.2 0 :0 :0 -- :0x0

101351 10743206 88 21:31:51 L3 - Dynamic

the policing doesn't working in any direction.

let's close this thread if u agree.

thank u very much for your patience .

Hi Marius,

Thanks for your persistence as well.

If you happen to get it working later, do update the thread for others reference.

HTH-Cheers!

Swaroop

Mail be your mail-id so that i can send you some details if I come across anything more on this topic. My Mail-ID is swaroop.potdar@corliant.com

HTH-Cheers,

Swaroop

Hi guys,

i had the same problem on a Cat6509 therefore i opend a case. This is the result:

-----snip-----

" I have been investigating this issue deeper since being back from vacation.

**************************************************************

The first point to mention is that the Bidir UBRL as described in the doc you referencd is not valid:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_p

aper0

900aecd803e5017.shtml

**************************************************************

Due to hardware limitation there is no way that this config could work.

There would be a conflict between Src and Dest mask applied to the same interface. When configuring in lab you should see the message:

switch(config)#int gig 6/2

switch(config-if)# service-policy input livingdata-police

switch(config-if)#

QoS-ERROR: QoS policy on interface Gi6/2 cannot be successfully

installed due to the interaction with other feature configuration

Failure reason is Unresolvable flowmask conflict with other features

QoS-ERROR: installation of policy on Gi6/2 failed

5d18h: %FM_EARL7-4-NO_FLOWMASK_REGISTERS: Feature configuration on

interface GigabitEthernet6/2 could not allocate required flowmask

registers, traffic may be switched in software switch(config-if)#

**************************************************************

I have submitted feedback to the author and CCO team and it should be either removed from CCO or amended."

-----snap------

mls flow ip full

police flow mask src 1000000 conform-action transmit exceed-action drop

I got the "FLOWMASK_CONFLICT: Features configured on interface " errors

however, when i used:

mls flow ip full

police flow 1000000 conform-action transmit exceed-action drop

without specified the mask, i get no error and the microflow working. Is there any issue with this?

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper0900aecd803e5017.html does not seem to work

Any advice and thanks.