Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
95154
Views
20
Helpful
4
Replies

How to monitor traffic passing through routers???

pallavireddy.
Level 1
Level 1

‎01-24-2007 09:10 AM - edited ‎03-05-2019 01:57 PM

Hi ,

Is there a tool to monitor the type of traffic passing in and out of the routers ( broadcast/multicast traffic)???

Any suggestions????

Thanks,

Pallavi

Labels:
0 Helpful
4 Replies 4

bjw
Level 4
Level 4

‎01-24-2007 09:40 AM

Try

router> show ip cache flow

IP Flow Switching Cache, 4456704 bytes

718 active, 64818 inactive, 629689258 added

646291620 ager polls, 0 flow alloc failures

Active flows timeout in 1 minutes

Inactive flows timeout in 15 seconds

IP Sub Flow Cache, 336520 bytes

738 active, 15646 inactive, 636429655 added, 629665327 added to flow

0 alloc failures, 0 force free

1 chunk, 11 chunks added

last clearing of statistics never

Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)

-------- Flows /Sec /Flow /Pkt /Sec /Flow /Flow

TCP-Telnet 512693 0.1 2 45 0.3 9.0 7.5

TCP-FTP 990 0.0 3 59 0.0 1.0 15.3

TCP-FTPD 998 0.0 1 218 0.0 0.2 19.3

TCP-WWW 116394659 27.1 13 613 377.2 2.1 6.7

TCP-SMTP 3445 0.0 88 703 0.0 1.0 6.9

TCP-X 322 0.0 1 50 0.0 0.4 20.3

TCP-BGP 618 0.0 1 45 0.0 0.0 19.7

TCP-NNTP 618 0.0 1 45 0.0 0.0 19.7

TCP-Frag 304 0.0 1 115 0.0 0.4 15.5

TCP-other 237584262 55.3 22 303 1271.6 1.9 7.4

UDP-DNS 3977636 0.9 2 69 2.6 3.1 15.4

UDP-NTP 65652192 15.2 1 83 15.4 0.0 15.4

UDP-TFTP 34944 0.0 1 66 0.0 1.3 15.5

UDP-Frag 81955 0.0 1 33 0.0 1.8 15.4

UDP-other 119511713 27.8 50 438 1403.0 2.8 15.1

ICMP 68775460 16.0 1 69 19.6 0.3 15.4

GRE 891569 0.2 184 503 38.3 52.9 3.6

IP-other 11616061 2.7 14 60 37.9 58.4 1.9

Total: 625040439 145.5 21 397 3166.4 2.9 10.4

Collin Clark
VIP Alumni
VIP Alumni

‎01-24-2007 10:52 AM

NBAR and/or Netflow

Richard Burts
Hall of Fame
Hall of Fame
In response to Collin Clark

‎01-24-2007 12:42 PM

depending on what Pallavi is really looking for another possibility to consider would be show ip traffic. An example of what it show:

test_router>sh ip traffic

IP statistics:

Rcvd: 2574231 total, 393590 local destination

0 format errors, 0 checksum errors, 12 bad hop count

0 unknown protocol, 0 not a gateway

0 security failures, 0 bad options, 0 with options

Opts: 0 end, 0 nop, 0 basic security, 0 loose source route

0 timestamp, 0 extended security, 0 record route

0 stream ID, 0 strict source route, 0 alert, 0 cipso, 0 ump

0 other

Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble

305 fragmented, 735 fragments, 0 couldn't fragment

Bcast: 1428 received, 11060 sent

Mcast: 101395 received, 102033 sent

Sent: 198096 generated, 917651 forwarded

Drop: 879 encapsulation failed, 0 unresolved, 0 no adjacency

78 no route, 0 unicast RPF, 0 forced drop

0 options denied

Drop: 0 packets with source IP address zero

Drop: 0 packets with internal loop back IP address

ICMP statistics:

Rcvd: 0 format errors, 0 checksum errors, 0 redirects, 89 unreachable

30856 echo, 0 echo reply, 1 mask requests, 0 mask replies, 82 quench

0 parameter, 1 timestamp, 1 info request, 0 other

0 irdp solicitations, 0 irdp advertisements

Sent: 0 redirects, 53 unreachable, 0 echo, 30856 echo reply

0 mask requests, 0 mask replies, 0 quench, 1 timestamp

0 info reply, 12 time exceeded, 0 parameter problem

0 irdp solicitations, 0 irdp advertisements

TCP statistics:

Rcvd: 2975 total, 0 checksum errors, 107 no port

Sent: 3405 total

IP-EIGRP statistics:

Rcvd: 107210 total

Sent: 107862 total

PIMv2 statistics: Sent/Received

Total: 0/0, 0 checksum errors, 0 format errors

Registers: 0/0 (0 non-rp, 0 non-sm-group), Register Stops: 0/0, Hellos: 0/0

Join/Prunes: 0/0, Asserts: 0/0, grafts: 0/0

Bootstraps: 0/0, Candidate_RP_Advertisements: 0/0

Queue drops: 0

State-Refresh: 0/0

IGMP statistics: Sent/Received

Total: 0/0, Format errors: 0/0, Checksum errors: 0/0

Host Queries: 0/0, Host Reports: 0/0, Host Leaves: 0/0

DVMRP: 0/0, PIM: 0/0

Queue drops: 0

UDP statistics:

Rcvd: 45448 total, 0 checksum errors, 1432 no port

Sent: 55909 total, 0 forwarded broadcasts

OSPF statistics:

Rcvd: 0 total, 0 checksum errors

0 hello, 0 database desc, 0 link state req

0 link state updates, 0 link state acks

Sent: 0 total

0 hello, 0 database desc, 0 link state req

0 link state updates, 0 link state acks

ARP statistics:

Rcvd: 173178 requests, 1 replies, 0 reverse, 0 other

Sent: 264 requests, 3611 replies (0 proxy), 0 reverse

HTH

Rick

HTH

Rick

albert.remo
Level 1
Level 1
In response to Collin Clark

‎01-24-2007 07:24 PM

Hi!

Good Day! NBAR and NetFlow are the right tool if you are to monitor traffic up to Layer 7. Routers should have IOS that supports NetFlow. When enabled, NetFlow gets traffic samples on router interfaces and forwards it to applications that gathers and displays these information. NBAR is quite similar in nature. This are great tools that provides high level monitoring but would require additional resources to implement.

To know more about these tools, please check the following links:

Network Based Application Recognition Performance Analysis

http://www.cisco.com/en/US/products/ps6616/products_white_paper0900aecd8031b712.shtml

NBAR Q&A

http://www.cisco.com/en/US/products/ps6616/products_qanda_item09186a00800a3ded.shtml

Cisco CNS NetFlow Collection Engine

http://www.cisco.com/en/US/products/sw/netmgtsw/ps1964/products_data_sheet09186a00801e4ebb.html

Hope this helps,

Thanks and Regards,

Albert

Customers Also Viewed These Support Documents