Solved: Re: why doesn't "mls netflow" enable in cat6500??

Sanghee Han · ‎01-12-2010

hi all,

I would like to enable mls netflow in cat6500(with sup720-pfc3,msfc3)

but it is not work well.

i tested the below

conf t

mls netflow

end

cat6500#sh mls ip
Displaying Netflow entries in Active Supervisor EARL in module 5
DstIP           SrcIP           Prot:SrcPort:DstPort Src i/f          :AdjPtr
-----------------------------------------------------------------------------
Pkts         Bytes         Age   LastSeen Attributes
---------------------------------------------------
0.0.0.0         0.0.0.0         0   : 0      : 0         --               :0x0
2438         152817        1385 19:08:52   L3 - Dynamic

as i know

"mls netflow" enable to display the flow cache in the PFC.

so the output might be displyed the below

C7600#sh mls netflow ip
Displaying Netflow entries in Supervisor Earl
DstIP           SrcIP           Prot:SrcPort:DstPort Src i/f          :AdjPtr
-----------------------------------------------------------------------------
Pkts         Bytes         Age   LastSeen Attributes
---------------------------------------------------
10.4.9.21       10.1.9.1        132 :4011   :4011     Fa10/0/0         :0x0
98770        72848896      1788 19:10:20   L3 - Dynamic
10.8.1.11       10.1.9.1        132 :8000   :8000     Fa10/0/0         :0x0
2            160           1     19:10:20   L3 - Dynamic

in C7600, just excuting the mls netflow enables to display the flow cache in the PFC as above output.

but in cat6500, the output of "show mls netflow ip" shows just totol packets throught the device

cat6500#sh mls ip
Displaying Netflow entries in Active Supervisor EARL in module 5
DstIP           SrcIP           Prot:SrcPort:DstPort Src i/f          :AdjPtr
-----------------------------------------------------------------------------
Pkts         Bytes         Age   LastSeen Attributes
---------------------------------------------------
0.0.0.0         0.0.0.0         0   : 0      : 0         --               :0x0
2438         152817        1385 19:08:52   L3 - Dynamic

after applying the command of "ip flow ingress" into specific interface

more detail infromation is shown

conf t

mls netflow

int gi2/5.101

ip flow ingress(==ip route-cache flow)

end

cat6500#sh mls ip
Displaying Netflow entries in Active Supervisor EARL in module 5
DstIP           SrcIP           Prot:SrcPort:DstPort Src i/f          :AdjPtr
-----------------------------------------------------------------------------
Pkts         Bytes         Age   LastSeen Attributes
---------------------------------------------------
60.1.101.5      70.1.101.5      tcp :1200   :1200     Gi2/5.101        :0x0
3691         236224        176   10:14:28   L3 - Dynamic
60.1.101.3      70.1.101.3      tcp :1200   :1200     Gi2/5.101        :0x0
3691         236224        176   10:14:28   L3 - Dynamic
60.1.101.2      70.1.101.2      tcp :1200   :1200     Gi2/5.101        :0x0
3691         236224        176   10:14:28   L3 - Dynamic

why mls netflow is fully displayed after applying the command of "ip flow ingress" into specific interface(ex. int gi2/5.101)

=> attach running config, show version and show mls netflow ip

Laurent Aubert · ‎01-12-2010

Hi,

It depends of the version you are running. On 7600 before 12.2(33)SRB, global configuration activated netflow on all interfaces. Starting with SRB, you need to activate Netflow per interface:

From http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/nde.html

"

n Release 12.2SRB, you must enable NetFlow on individual interfaces in order to enable the hardware flow cache to be populated. When enabled, the cache is populated with flows only from those interfaces where NetFlow is enabled.

•In Release 12.2SRA, configuring an aggregation scheme allows the hardware flow cache to be populated. The cache is globally populated with information for all Layer 3 interfaces.

"

On 6500, the same changes happened starting with 12.2(33)SXH:

"

Cisco IOS Release 12.2(33)SXH and later releases support per-interface NDE, which enables PFC NetFlow data collection on a per-interface basis. With releases earlier than Release 12.2(33)SXH, NetFlow on the PFC could be only be enabled and disabled globally.

"

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/netflow.html#wp1158858

HTH

Laurent.

View solution in original post

Laurent Aubert · ‎01-12-2010

Hi,

It depends of the version you are running. On 7600 before 12.2(33)SRB, global configuration activated netflow on all interfaces. Starting with SRB, you need to activate Netflow per interface:

From http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/nde.html

"

n Release 12.2SRB, you must enable NetFlow on individual interfaces in order to enable the hardware flow cache to be populated. When enabled, the cache is populated with flows only from those interfaces where NetFlow is enabled.

•In Release 12.2SRA, configuring an aggregation scheme allows the hardware flow cache to be populated. The cache is globally populated with information for all Layer 3 interfaces.

"

On 6500, the same changes happened starting with 12.2(33)SXH:

"

Cisco IOS Release 12.2(33)SXH and later releases support per-interface NDE, which enables PFC NetFlow data collection on a per-interface basis. With releases earlier than Release 12.2(33)SXH, NetFlow on the PFC could be only be enabled and disabled globally.

"

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/netflow.html#wp1158858

HTH

Laurent.

Sanghee Han · ‎01-12-2010

thanks for your answer.

it's good help. thanks again

Sanghee Han · ‎01-12-2010

do you know how i can close this thread?

this thread is still open( "This Question is Not Answered ")

i hope to close this question.