Hi naidu,

Many thanks for reply.

i did config my lan interface of router as below

ip flow-export source FastEthernet1/0
ip flow-export version 5
ip flow-export destination 10.10.10.50 9996 *****************

what IP should i put here my routers wan interface IP  or someother ip.

As right now  i do not know how to collect data from netflow.

or is it necessary we have to use the command ip flow-export destination ?

regards

mahesh

Hi Naidu,

under which interface i should use the command

ip route-cache flow   lan or wan interface of router???

Under any interface you want NetFlow enabled. If you want to monitor both, applied the command under the WAN and LAN interface.

Hi Edison,

thanks for reply.

here is my config for lan interface

sh run int fa1/0
Building configuration...

Current configuration : 237 bytes
!
interface FastEthernet1/0
description Lan connection
ip route-cache flow

and for wan interface

nterface FastEthernet0/0
description WAN Connection to ISP modem
ip flow egress

Here is output

#sh ip cache flow
IP packet size distribution (234407 total packets):
   1-32   64   96  128  160  192  224  256  288  320  352  384  416  448  480
   .000 .374 .006 .018 .003 .003 .002 .002 .001 .002 .022 .001 .002 .002 .002

    512  544  576 1024 1536 2048 2560 3072 3584 4096 4608
   .000 .001 .001 .016 .532 .000 .000 .000 .000 .000 .000

IP Flow Switching Cache, 278544 bytes
  8 active, 4088 inactive, 5803 added
  114649 ager polls, 0 flow alloc failures
  Active flows timeout in 30 minutes
  Inactive flows timeout in 15 seconds
IP Sub Flow Cache, 21640 bytes
  2 active, 1022 inactive, 1122 added, 1122 added to flow
  0 alloc failures, 0 force free
  1 chunk, 1 chunk added
  last clearing of statistics never
Protocol         Total    Flows   Packets Bytes  Packets Active(Sec) Idle(Sec)
--------         Flows     /Sec     /Flow  /Pkt     /Sec     /Flow     /Flow
TCP-WWW           2486      0.0        72   884      0.0       3.6       9.4
TCP-X                1      0.0         1    40      0.0       0.0      15.3
TCP-other         1148      0.0        32   791      0.0       4.5       8.3
UDP-DNS              9      0.0         1    77      0.0       0.0      15.5
UDP-NTP            549      0.0         1    76      0.0       0.0      15.2
UDP-other         1581      0.0         9   479      0.0      13.9      15.4
ICMP                21      0.0        38    60      0.0      37.7      15.7
Total:            5795      0.0        40   839      0.0       6.4      11.4

SrcIf         SrcIPaddress    DstIf         DstIPaddress    Pr SrcP DstP  Pkts
Fa1/0         192.168.20.53   Fa0/0         135.52.7.91     06 079A 01BB     3
Fa1/0         192.168.20.53   Fa0/0         135.52.7.85     11 007B 007B     1

i have two questions

flow-export destination 10.10.10.50 9996 *****************

what IP should i put here my routers wan interface IP  or someother ip.

As right now  i do not know how to collect data from netflow.

or is it necessary we have to use the command ip flow-export destination ?

other is when i run the command

  sh ip flow  export************************************************
Flow export v5 is disabled for main cache
  Exporting using source interface FastEthernet1/0
  Version 5 flow records
  0 flows exported in 0 udp datagrams
  0 flows failed due to lack of export packet

it does not show any data amd also say that  flow export is disabled for main cache.what does this mean?

thanks

mahesh

Hi Edison,

Many thanks that you took time to explain me in detail.

best regards

mahesh

Mahesh,

It was a pleasure and thanks for the rating.

Hi Naidu,

Can you assist me in identifying if there are any wrong in netflow configuration.

Thanks in advance.

Regards,

Surajit