Hi,
I'm trying to capture an ingress traffic on SVI interface of my Cisco 6506 (WS-C6506-E).
I've enabled NetFlow on the Multilayer Switch Feature Card (MSFC):
ip flow-export source Vlan254
ip flow-export version 5
ip flow-export destination 172.23.100.21 2055
Enabled NetFlow and NetFlow Data Export (NDE) on the Policy Feature Card (PFC):
ip flow ingress layer2-switched vlan 130
mls netflow interface
mls flow ip interface-destination
mls nde sender version 5
mls aging fast threshold 127
mls aging long 1000
mls sampling time-based 512
mls cef error action reset
mls netflow sampling
and on the monitorable interface:
interface Vlan130
ip address 172.23.170.2 255.255.255.0
ip flow ingress
mls netflow sampling
standby 1 ip + timers + priority + preempt + authentication
Now I'm trying to see capruted flows. The point is I can't see flow's source address, source and destination port, and L4 protocol for unicast flows:
Cat6506-LAN1#sh mls netflow ip
Displaying Netflow entries in Active Supervisor EARL in module 5
DstIP SrcIP Prot:SrcPort:DstPort Src i/f :AdjPtr
-----------------------------------------------------------------------------
Pkts Bytes Age LastSeen Attributes
---------------------------------------------------
172.23.131.5 0.0.0.0 0 :0 :0 Vl130 :0x0
202 52554 2 17:04:35 L2 - Dynamic
0.0.0.0 0.0.0.0 0 :0 :0 -- :0x0
13312 6807977 2 17:04:35 L3 - Dynamic
172.23.170.64 0.0.0.0 0 :0 :0 Vl130 :0x0
0 0 2 17:04:34 L2 - Dynamic
172.23.170.123 0.0.0.0 0 :0 :0 Vl130 :0x0
0 0 2 17:04:35 L2 - Dynamic
224.0.0.2 172.23.170.3 udp :1985 :1985 Vl130 :0x0
2 156 1 17:04:35 Multicast
224.0.0.2 172.23.170.3 udp :1985 :1985 Vl130 :0x0
8 624 6 17:28:03 Multicast
172.23.170.181 0.0.0.0 0 :0 :0 Vl130 :0x0
0 0 5 17:28:03 L2 - Dynamic
The same output info I get on my NetFlow collector.
Anybody know a reason what can prevent of collecting flows correctly?
Thanks.
