Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4334
Views
18
Helpful
7
Replies

Netflow Configuration on IOS 15

mlharv007
Level 1
Level 1

‎10-02-2012 05:42 AM

All,

First of all, this board has been instramental in helping us through a number of issues we have had in building out our new corporate headquarters.  I do have a netflow question that has got me this time.  Below is my netflow config on a set of 4, 3750's stackwise running IOS 15.  I am not getting an packet leaving the switches nor am I seeing any on my cacti server.  I have checked the server and not blocking on the iptables firewall.  Below in my config:

flow record TWI-2E-SW1
match ipv4 destination address
collect counter flows
!
!
flow exporter Cacti
description Cacti Server
destination 10.15.10.18
transport udp 2055
export-protocol netflow-v5
!
!
flow monitor Cacti
description Cacti Netflow Tool
record TWI-2E-SW1
exporter Cacti

!

ip flow-export version 5

ip flow-export destination 10.15.10.18 2055

ip flow-export destination 10.15.10.238 2055

!

interface GigabitEthernet1/1/4
description Primary East connection to TWI-DC-E1 port 7/2
switchport trunk encapsulation dot1q
switchport mode trunk
ip flow ingress
ip flow egress
ip flow monitor Cacti layer2-switched input
ip flow monitor Cacti layer2-switched output

interface GigabitEthernet4/1/4

description Secondary East connection to TWI-DC-W1 port 7/22
switchport trunk encapsulation dot1q
switchport mode trunk
ip flow ingress
ip flow egress

_______________________

Show IP flow export

k

TWI-2E-SW1#sh ip flow export

Flow export v5 is enabled for main cache

  Export source and destination details :

  VRF ID : Default

    Destination(1)  10.15.10.18 (2055)

    Destination(2)  10.15.10.238 (2055)

  Version 5 flow records

  0 flows exported in 0 udp datagrams

  0 flows failed due to lack of export packet

  0 export packets were sent up to process level

TWI-2E-SW1#

Thanks again

Labels:
0 Helpful
7 Replies 7

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-02-2012 07:57 AM

The 3750 only supports NetFlow with the optional services module. Can you confirm your hardware modules and revision?

Whitepaper:

Reference.

Configuration guide:

Reference.

mlharv007
Level 1
Level 1
In response to Marvin Rhoads

‎10-02-2012 08:31 AM

We are using the following:

C3KX-NM-1G=  1 GB Network Module

GLC-SX-MM=   SFP GBICS

I am looking for the revision number as well. 

      

Revision info:

General SFP Information

-----------------------------------------------

Identifier            :   0x03

Connector             :   0x07

Transceiver           :   0x00 0x00 0x00 0x01 0x00 0x00 0x00 0x00

Encoding              :   0x01

BR_Nominal            :   0x0D

Vendor Name           :   CISCO-FINISAR

Vendor Part Number    :   FTLF8519P2BCL-C5

Vendor Revision       :   0x41 0x20 0x20 0x20

Vendor Serial Number  :   FNS16330EY4

--------------------------------------------

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to mlharv007

‎10-02-2012 09:31 AM

I suspected as much since your configuration cites "interface GigabitEthernet1/1/4" (and 4/1/4) vs. TenGigabitEthernet x/1/x.

Only with the:

C3KX-SM-10G

Service Module with two 10GbE SFP+ ports network module for Netflow and MACsec encryption

...do you get NetFlow to work on the 3750X.

mlharv007
Level 1
Level 1
In response to Marvin Rhoads

‎10-02-2012 11:24 AM

Crud, I was worried about that when I saw your whitepaper.  If I can sneak another question in, Same subject but 6500.

I have a SUP-2T-10G and want to apply on gig module blabe (WS-6724-SFP).  Am I goign to have problems.  I continue to research this to see if supported.  also, I have a vlan directly connected to my firewalls.  Can I add to vlan at minimum.

thansk as always.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to mlharv007

‎10-02-2012 03:23 PM

You're welcome.

You should be able to setup a Netflow export on a 6509 with SUP-2T-10G. See this helpful reference:

     http://www.plixer.com/blog/cisco-netflow/catalyst-6509-netflow-support/

You could also use your firewall, assuming it's a Cisco ASA.

Please rate helpful replies.

mlharv007
Level 1
Level 1
In response to Marvin Rhoads

‎10-02-2012 03:53 PM

Here is my problem.  I believe all those are for IOS 12.  I am running Version 15.0(1)SY1 on my 6500s, and having a devil of a time finding documents on this code.  I am pretty confident the commands have changed. Any docs you found that can help me.

thanks.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to mlharv007

‎10-02-2012 03:58 PM

The source documentation for configuring Flexible NetFlow on IOS 15.0SY can be found here:

http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/configuration/15-0sy/fnf-15-0sy-book.html

0 Helpful
Customers Also Viewed These Support Documents