My company is composed of three different campuses, all with a similar network topology. We currently are experiencing high bandwidth on our serial interface at one of the campuses in particular. The network is composed of about 20 VLANS routed internally using a Cisco 6509. Traffic to the outside is PAT’d by an ASA 5510 and then forwarded through our edge router interface. Each VLAN is PAT’d to a specific public address.
Due to the PAT, how would you recommend determining what specific private addresses are consuming our resources on the serial interface. When I look at our NMS, it reports the public address, but that only narrows it down to a VLAN. For example, all the devices in VLAN 6 are translated to 184.108.40.206, and 220.127.116.11 is a top talker.
>>Cisco IOS Release 12.2(33)SXH and later releases support per-interface NetFlow, which enables PFC NetFlow data collection on a per-interface basis. With releases earlier than Release 12.2(33)SXH, NetFlow on the PFC could be only be enabled and disabled globally.
Once netflow is enabled on the involved SVI you can export flow accounting data to a Netflow Collector server or you can use