Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5268
Views
13
Helpful
7
Replies

Clear Netflow Tables??

vblaha
Level 1
Level 1

‎11-14-2007 05:41 AM

Is there any way to clear the netflow tables of expired or current flows?

Labels:
0 Helpful
7 Replies 7

Collin Clark
VIP Alumni
VIP Alumni

‎11-14-2007 07:39 AM

You can display and clear NetFlow statistics. NetFlow statistics consist of IP packet size distribution, IP flow cache information, and flow information such as the protocol, total flow, flows per second, and so forth. The resulting information can be used to find out information about your router traffic. To manage NetFlow statistics, use either of the following commands in privileged EXEC mode:

Command

show ip cache flow = Display the NetFlow statistics.

clear ip flow stats = Clear the NetFlow statistics.

HTH and please rate

vblaha
Level 1
Level 1
In response to Collin Clark

‎11-14-2007 07:46 AM

Thanks for the info but according to Cisco documentation on Netflow by default, all expired flows are exported and filter values are stored in NVRAM and are not cleared when NDE is disabled.

0 Helpful

Jan Nejman
Level 3
Level 3

‎11-14-2007 07:50 AM

Hello,

Did you thought how to flush a netflow table to the collector? I think that it is not implemented in Cisco IOS. You can only clear information about netflow statistics, but not flow table.

You can configure expiration times (active/inactive), but I think that it is not answer that you expected.

Kind regards,

Jan Nejman

Caligare, Co.

http://www.caligare.com/

0 Helpful

vblaha
Level 1
Level 1
In response to Jan Nejman

‎11-14-2007 07:54 AM

What is the best way configure expiration timers to expire the data quickly?

0 Helpful

Jan Nejman
Level 3
Level 3
In response to vblaha

‎11-14-2007 08:03 AM

Hello,

we tried a minimal values, but a netflow cache is still pernamently overflowed... (Cisco7609 with 8x10Gbps interfaces, SUP720-3BXL).

I recommend set the following values:

ip flow-cache timeout active 2

ip flow-cache timeout inactive 30

mls aging long 128

mls aging normal 32

A very useful command is:

mls netflow usage notify 75 180

It warns you when netflow table is almost full ...

paitken
Level 1
Level 1
In response to Jan Nejman

‎11-27-2007 03:48 AM

Note that the "ip flow-cache timeout ..." configs are for the software cache, while the "mls aging ..." configs are for the hardware cache.

0 Helpful

paitken
Level 1
Level 1
In response to Jan Nejman

‎11-27-2007 03:52 AM

If your cache is still overflowing then it may simply be too small. The default cache size depends on the platform and available memory, but it's certainly not a one-size-fits-all. Yet it's one of the most overlooked aspects of netflow configuration.

Use the "ip flow-cache entries" config to adjust the cache size.

NB the cache is only resized when it's no longer in use, so you'll need to disable netflow on all your interfaces. Or reboot :-(

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card