cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2499
Views
0
Helpful
0
Comments
TCC_2
Level 10
Level 10

Core Issue

The issue happens when you want to run Netflow and Microflow policing at the same time.

It is sometimes observed that Netflow fails to start exporting when a Microflow policer is already active. The Microflow policer continues to work. Alternatively, a Microflow policer does not function when Netflow is already enabled on a Catalyst 6500 and the policer configuration is applied. Netflow continues to function since it was enabled first.

The following are the limitations regarding NDE and microflow policers:

  1. Full flow microflow policer works only when NDE is configured to Src, Dest, Dest-Src or Full.
  2. Src-only / Dest-only Microflow policer will not work, when NDE is configured.

For addtional information refer to, Flow Masks.

Resolution

The only condition that allows the NDE and Microflow policer to work is to use the mls flow ip full command in global configuration mode which configures the flow mask for NDE. The Microflow policers do not match any IPv6 traffic.

Note : If you use mls flow ip full command it will consume more memory in MLS because it will have more entries based on layer 4 information. It is recommended to keep the size of the MLS cache below 32K entries. To keep the size of the MLS cache down, enable mls aging fast.

For additional information refer to, Configuring NetFlow Data Export (NDE).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: