[c-nsp] Netflow: 7600, egress

Phil Bedard philxor at gmail.com
Wed Jul 4 10:18:14 EDT 2007 

It is only supported on the RSP720/MSFC4/SRB afaik.   You can get  
netflow stats for L2-switched traffic, I think "ip flow l2-switched  
vlan xxx."
Have you tried not having both ingress and egress on the same  
interface at the same time?   I know that it won't create flows for  
traffic originated on the router, but you aren't
doing that.

Phil


On Jul 4, 2007, at 9:35 AM, alexey wrote:

> Hello!
> Dmitry, where have you find anything about egress NetFlow on 7600? :)
> I am reading config guide attentively
> http://www.cisco.com/en/US/products/hw/routers/ps368/ 
> products_configuration_guide_chapter09186a0080699369.html#wp1078217
> but no nothing about egress netflow!
>
> 2007/7/4, Dmitry Kiselev <dmitry at dmitry.net>:
>>
>> Hello!
>>
>> On my 7600 test box with RSP720 I failed to do egress netflow.
>> Here is config snapshot:
>>
>> mls flow ip interface-full
>>
>> interface GigabitEthernet1/25
>> ip address XXX.YYY.17.2 255.255.255.252
>> ip flow ingress
>> ip flow egress
>> !
>> interface GigabitEthernet1/26
>> ip address XXX.YYY.16.2 255.255.255.252
>> !
>>
>>
>> When I send pings between two routers connected to g1/25 and g1/26
>> I see only g1/25 ingress flow records:
>>
>>
>> Router-XXX.YYY.17.1#ping XXX.YYY.16.1
>>
>> Type escape sequence to abort.
>> Sending 5, 100-byte ICMP Echos to XXX.YYY.16.1, timeout is 2 seconds:
>> !!!!!
>> Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms
>>
>>
>> 7600-RSP720#sh mls netflow ip dest XXX.YYY.16.1
>> Displaying Netflow entries in Supervisor Earl
>> DstIP           SrcIP           Prot:SrcPort:DstPort  Src
>> i/f          :AdjPtr
>>
>> --------------------------------------------------------------------- 
>> --------
>> Pkts         Bytes         Age   LastSeen  Attributes
>> ---------------------------------------------------
>> XXX.YYY.16.1     XXX.YYY.17.1     icmp:8      :0        Gi1/25
>> :0x0
>> 5            500           1     14:23:37   L3 - Dynamic
>>
>> 7600-RSP-720#sh mls netflow ip sour XXX.YYY.16.1
>> Displaying Netflow entries in Supervisor Earl
>> DstIP           SrcIP           Prot:SrcPort:DstPort  Src
>> i/f          :AdjPtr
>>
>> --------------------------------------------------------------------- 
>> --------
>> Pkts         Bytes         Age   LastSeen  Attributes
>> ---------------------------------------------------
>>
>> 7600-RSP-720#
>>
>>
>> In my config I can't enable igress netflow on both interfaces.
>> Moreover, in production config physical interfaces need to be
>> replaced with SVIs.  Is it possible to see engress hardware
>> switched traffic?
>>
>> Ahh, in slot 1 6748-GE card installed and SRB1 IOS used.
>>
>> --
>> Dmitry Kiselev
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list