Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1961
Views
0
Helpful
2
Replies

7600: too small Netflow statistics.

petrowic
Level 1
Level 1

‎07-04-2005 09:51 AM

Hello ,

my name is Petr Akimov. I'm engineer by ZAO KORTEK.

The core of our WAN is built by 7606 Cisco Routers interconnected each other.

Each router is equipped with WS-SUP720-BASE and WS-X6724-SFP modules .

There are difficulties of netflow collection inspite of IOS software used. The problem I conclude is following:

we receive from the 7600/6500 Ciscos too small netflow statistics - about hundreds times smaller as we expect to receive.

These are the pure facts and figures:

the actual load of an interface is 32000000 bits/sec (5 minute input rate). I'm expecting to receive aboute 32000000(bits/sec) *900(sec) / 8bits =~ 3600 000 000 bytes.

However the netflow statistics I receive in fact is many times smaller: 10619584 bytes.

There are 7606 and 6509 Cisco products only working in production nowdays in like manner (with different IOSes many times tryed) - with incorrect netflow collection. And we establish a fact that the other Cisco equipment we use in our network (as 7200 Series) works netflow perfectly!

Thus there are difficulties with Netflow collection.

The config is:

mls flow ip full

ip flow-export source Loopback0

ip flow-export version 5 peer-as

ip flow-export destination x.x.x.x 19024

interface GigabitEthernet6/2

ip address x.x.x.x y.y.y.y

ip route-cache flow

ip summary-address eigrp 101 0.0.0.0 0.0.0.0 254

media-type rj45

mls netflow sampling

end

Please tell me what to do, because of money waste. In many situations we have to use netflow and we cannot use snmp.

Thank you in advance,

Petr Akimov

Labels:
0 Helpful
2 Replies 2

k.a.clarke
Level 1
Level 1

‎07-06-2005 06:51 AM

Hi Petr

I've been facing a similar problem, I think you need to monitor bridged IP traffic, at the moment your probably only monitoring non bridged. The command to do this is only available in release 12.2 (18) SXE or later. The command is (config)#ip flow ingress layer2-switched vlan

Hope this helps

Keith

0 Helpful

mishanno
Level 1
Level 1

‎07-06-2005 10:11 AM

Petr,

I think the issue is that you are using sampled NetFlow (mls netflow sampling). This just samples the flows periodically. To get everything, you need the standard netflow (mls netflow).

I could be wrong here, since I haven't done a lot with Netflow, but I'm looking at the command reference here: http://www.cisco.com/en/US/products/hw/switches/ps708/products_command_reference_chapter09186a00801ea88c.html#wp1044660

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card