Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
949
Views
0
Helpful
1
Replies

6506 NetFlow

Go to solution
okandaur89
Beginner
Beginner

‎04-04-2013 07:41 AM

Hi,

I'm trying to capture an ingress traffic on SVI interface of my Cisco 6506 (WS-C6506-E).

I've enabled NetFlow on the Multilayer Switch Feature Card (MSFC):

ip flow-export source Vlan254
ip flow-export version 5
ip flow-export destination 172.23.100.21 2055

Enabled NetFlow and NetFlow Data Export (NDE) on the Policy Feature Card (PFC):

ip flow ingress layer2-switched vlan 130
mls netflow interface
mls flow ip interface-destination
mls nde sender version 5
mls aging fast threshold 127
mls aging long 1000
mls sampling time-based 512
mls cef error action reset
mls netflow sampling

and on the monitorable interface:

interface Vlan130
 ip address 172.23.170.2 255.255.255.0
 ip flow ingress
 mls netflow sampling
 standby 1 ip + timers + priority + preempt + authentication

Now I'm trying to see capruted flows. The point is I can't see flow's source address, source and destination port, and L4 protocol for unicast flows:

Cat6506-LAN1#sh mls netflow ip
Displaying Netflow entries in Active Supervisor EARL in module 5
DstIP           SrcIP           Prot:SrcPort:DstPort  Src i/f          :AdjPtr
-----------------------------------------------------------------------------
Pkts         Bytes         Age   LastSeen  Attributes
---------------------------------------------------
172.23.131.5    0.0.0.0         0   :0      :0        Vl130            :0x0
202          52554         2     17:04:35   L2 - Dynamic
0.0.0.0         0.0.0.0         0   :0      :0        --               :0x0
13312        6807977       2     17:04:35   L3 - Dynamic
172.23.170.64   0.0.0.0         0   :0      :0        Vl130            :0x0
0            0             2     17:04:34   L2 - Dynamic
172.23.170.123  0.0.0.0         0   :0      :0        Vl130            :0x0
0            0             2     17:04:35   L2 - Dynamic
224.0.0.2       172.23.170.3    udp :1985   :1985     Vl130            :0x0
2            156           1     17:04:35   Multicast
224.0.0.2       172.23.170.3    udp :1985   :1985     Vl130            :0x0
8            624           6     17:28:03   Multicast
172.23.170.181  0.0.0.0         0   :0      :0        Vl130            :0x0
0            0             5     17:28:03   L2 - Dynamic

The same output info I get on my NetFlow collector.

Anybody know a reason what can prevent of collecting flows correctly?

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cmarva
Enthusiast
Enthusiast

‎04-11-2013 11:54 AM

might want to change the flow mask to full instead of destination. I think that should give you the rest of the info. chris

View solution in original post

0 Helpful
1 Reply 1

Go to solution
cmarva
Enthusiast
Enthusiast

‎04-11-2013 11:54 AM

might want to change the flow mask to full instead of destination. I think that should give you the rest of the info. chris

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents