[c-nsp] Netflow: 7600, egress

Dmitry Kiselev dmitry at dmitry.net
Wed Jul 4 11:48:49 EDT 2007 

Hello!

On Wed, Jul 04, 2007 at 06:37:26PM +0400, alexey wrote:

> Hm...
> Not for MSFC, because comand guide recommends to configure cef...
> By the way, may be you try evidently configure cef on interface! :)


It is default configuration :)  Any way here is output:


7600-RSP720#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
7600-RSP720(config)#int g1/25
7600-RSP720(config-if)#ip route-cache cef
7600-RSP720(config-if)#ip flow in
7600-RSP720(config-if)#ip flow eg
7600-RSP720(config-if)#do sh ip int g1/25
GigabitEthernet1/25 is up, line protocol is up
  Internet address is XXX.YYY.17.2/30
  Broadcast address is 255.255.255.255
  Address determined by setup command
  MTU is 1500 bytes
  Helper address is not set
  Directed broadcast forwarding is disabled
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  Local Proxy ARP is disabled
  Security level is default
  Split horizon is enabled
  ICMP redirects are always sent
  ICMP unreachables are always sent
  ICMP mask replies are never sent
  IP fast switching is enabled
  IP Flow switching is disabled
  IP CEF switching is enabled
  IP CEF switching turbo vector
  IP Null turbo vector
  Associated unicast routing topologies:
    Topology "base", operation state is UP
  IP multicast fast switching is enabled
  IP multicast distributed fast switching is disabled
  IP route-cache flags are Fast, CEF
  Router Discovery is disabled
  IP output packet accounting is disabled
  IP access violation accounting is disabled
  TCP/IP header compression is disabled
  RTP/IP header compression is disabled
  Probe proxy name replies are disabled
  Policy routing is disabled
  Network address translation is disabled
  BGP Policy Mapping is disabled
  Input features: Ingress-NetFlow
  Output features: Post-Ingress-NetFlow, Egress-Netflow, HW Shortcut Installation
  Post encapsulation features: HW Shortcut Installation
  Sampled Netflow is disabled
  IP Routed Flow creation is enabled in netflow table
  IP Bridged Flow creation is disabled in netflow table
  WCCP Redirect outbound is disabled
  WCCP Redirect inbound is disabled
  WCCP Redirect exclude is disabled
  IP multicast multilayer switching is disabled

And same effect - only ingress flows appear in mls netflow table.


I does not know what is "Post-Ingress-NetFlow" in output features,
but it still exists in output  even if all "ip flow" commands get disabled:

7600-RSP720(config-if)#no ip flow in
7600-RSP720(config-if)#no ip flow eg
7600-RSP720(config-if)#do sh ip int g1/25
...
  Network address translation is disabled
  BGP Policy Mapping is disabled
  Output features: Post-Ingress-NetFlow, HW Shortcut Installation
  Post encapsulation features: HW Shortcut Installation
  Sampled Netflow is disabled
  IP Routed Flow creation is disabled in netflow table
  IP Bridged Flow creation is disabled in netflow table
... 




> > Hello!
> >
> > On Wed, Jul 04, 2007 at 05:35:31PM +0400, alexey wrote:
> >
> > > Hello!
> > > Dmitry, where have you find anything about egress NetFlow on 7600? :)
> > > I am reading config guide attentively
> > >
> > http://www.cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a0080699369.html#wp1078217
> > > but no nothing about egress netflow!
> >
> >
> > But in command reference it is described
> > http://www.cisco.com/en/US/products/ps6922/products_command_reference_chapter09186a0080697fa4.html#wp1094522
> >
> >
> > and IOS accept "ip flow egress" on interface
> > May be it work for MSFC switched traffic only? :)
> >
> >
> > > 2007/7/4, Dmitry Kiselev <dmitry at dmitry.net >:
> > > >
> > > > Hello!
> > > >
> > > > On my 7600 test box with RSP720 I failed to do egress netflow.
> > > > Here is config snapshot:
> > > >
> > > > mls flow ip interface-full
> > > >
> > > > interface GigabitEthernet1/25
> > > > ip address XXX.YYY.17.2 255.255.255.252
> > > > ip flow ingress
> > > > ip flow egress
> > > > !
> > > > interface GigabitEthernet1/26
> > > > ip address XXX.YYY.16.2 255.255.255.252
> > > > !
> > > >
> > > >
> > > > When I send pings between two routers connected to g1/25 and g1/26
> > > > I see only g1/25 ingress flow records:
> > > >
> > > >
> > > > Router-XXX.YYY.17.1#ping XXX.YYY.16.1
> > > >
> > > > Type escape sequence to abort.
> > > > Sending 5, 100-byte ICMP Echos to XXX.YYY.16.1, timeout is 2 seconds:
> > > > !!!!!
> > > > Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms
> > > >
> > > >
> > > > 7600-RSP720#sh mls netflow ip dest XXX.YYY.16.1
> > > > Displaying Netflow entries in Supervisor Earl
> > > > DstIP           SrcIP           Prot:SrcPort:DstPort  Src
> > > > i/f          :AdjPtr
> > > >
> > > >
> > -----------------------------------------------------------------------------
> > > > Pkts         Bytes         Age   LastSeen  Attributes
> > > > ---------------------------------------------------
> > > > XXX.YYY.16.1     XXX.YYY.17.1     icmp:8      :0        Gi1/25
> > > > :0x0
> > > > 5            500           1     14:23:37   L3 - Dynamic
> > > >
> > > > 7600-RSP-720#sh mls netflow ip sour XXX.YYY.16.1
> > > > Displaying Netflow entries in Supervisor Earl
> > > > DstIP           SrcIP           Prot:SrcPort:DstPort  Src
> > > > i/f          :AdjPtr
> > > >
> > > >
> > -----------------------------------------------------------------------------
> > > > Pkts         Bytes         Age   LastSeen  Attributes
> > > > ---------------------------------------------------
> > > >
> > > > 7600-RSP-720#
> > > >
> > > >
> > > > In my config I can't enable igress netflow on both interfaces.
> > > > Moreover, in production config physical interfaces need to be
> > > > replaced with SVIs.  Is it possible to see engress hardware
> > > > switched traffic?
> > > >
> > > > Ahh, in slot 1 6748-GE card installed and SRB1 IOS used.
> > > >
> > > > --
> > > > Dmitry Kiselev
> > > > _______________________________________________
> > > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > > >
> > > _______________________________________________
> > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> > --
> > Dmitry Kiselev
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
Dmitry Kiselev

More information about the cisco-nsp mailing list