Re: [nsp] GSR+Netflow+OC-48 blade that won't export flows?

• Next message: Barry Wright: "RE: [nsp] GSR+Netflow+OC-48 blade that won't export flows?"
• Previous message: sthaug@nethelp.no: "[nsp] Examples of rate limiting on Cat6509 running IOS?"
• In reply to: Barry Wright: "RE: [nsp] GSR+Netflow+OC-48 blade that won't export flows?"
• Next in thread: Junichi Shimagami: "Re: [nsp] GSR+Netflow+OC-48 blade that won't export flows?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Not all the Engine 2 LCs supports Netflow, do they? 3-port GbE LC or 4-port
OC-12c POS LC do, but 4-port OC-12c ATM LC does not seem to work. Not sure
about OC-48c or 8-port FE.

-simagami

----- Original Message -----
From: "Barry Wright" <Bwright@interland.com>
To: "'Bulger, Tim '" <TBulger@ea.com>; <cisco-nsp@puck.nether.net>
Sent: Thursday, December 13, 2001 11:18 PM
Subject: RE: [nsp] GSR+Netflow+OC-48 blade that won't export flows?

>
> Engine Type 2 and above cards don't do basic Netflow. You have to
configure
> "ip route-cache flow sampled" on the interface, and then set
>
> ip flow-sampling-mode packet-interval <10-16382> <--this number means
that
> netflow will sample and capture one packet in ever <#> packets.
>
>
> This command will show what version of Engine cards you have.
> sho diag | include Engine
> L3 Engine: 0 - OC12 (622 Mbps)
> L3 Engine: 2 - Backbone OC48 (2.5 Gbps)
> L3 Engine: 1 - Standard OC48 (2.5 Gbps)
> L3 Engine: 1 - Standard OC48 (2.5 Gbps)
> L3 Engine: 2 - Backbone OC48 (2.5 Gbps)
>
> or just a show diag [slot#]
>
> -----Original Message-----
> From: Bulger, Tim
> To: cisco-nsp@puck.nether.net
> Sent: 12/12/2001 10:57 PM
> Subject: [nsp] GSR+Netflow+OC-48 blade that won't export flows?
>
> Hello,
>
> I have a 2 GSR 12008s with OC-48 and 8 port FE modules. Both of them
> are configured almost identically, but one fails to export flow data
> from the OC-48 card. When I connect to the slot and look at the flow
> information, this is what I see:
>
> LC-Slot0#sh ip flow export
> Flow export is enabled
> Exporting flows to 159.153.192.59 (9997)
> Exporting using source IP address 159.153.192.250
> Version 5 flow records, origin-as
> 0 flows exported in 0 udp datagrams
> 0 flows failed due to lack of export packet
> 0 export packets were sent up to process level
> 0 export packets were punted to the RP
> 0 export packets were dropped due to no fib
> 0 export packets were dropped due to adjacency issues
> 0 export packets were dropped due to fragmentation failures
> 0 export packets were dropped due to encapsulation fixup failures
> 0 export packets were dropped enqueuing for the RP
> 0 export packets were dropped due to IPC rate limiting
> 0 export packets were dropped due to output drops
> LC-Slot0#sh ip cache flow
> IP packet size distribution (0 total packets):
> 1-32 64 96 128 160 192 224 256 288 320 352 384 416 448
> 480
> .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000
> .000
>
> 512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
> .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000
>
> IP Flow Switching Cache, 17826816 bytes
> 0 active, 262144 inactive, 0 added
> 0 ager polls, 0 flow alloc failures
> Active flows timeout in 1 minutes
> Inactive flows timeout in 15 seconds
> last clearing of statistics never
> Protocol Total Flows Packets Bytes Packets Active(Sec)
> Idle(Sec)
> -------- Flows /Sec /Flow /Pkt /Sec /Flow
> /Flow
>
> SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP
> Pkts
> LC-Slot0#
>
>
> When I do the same on the one that is working, it looks like this:
>
>
> LC-Slot0#sh ip cache flow
> IP packet size distribution (131391975 total packets):
> 1-32 64 96 128 160 192 224 256 288 320 352 384 416 448
> 480
> .001 .489 .184 .065 .026 .015 .011 .011 .005 .004 .004 .005 .002 .001
> .001
>
> 512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
> .001 .001 .014 .017 .132 .000 .000 .000 .000 .000 .000
>
> IP Flow Switching Cache, 17826816 bytes
> 5361 active, 256783 inactive, 69172561 added
> 507674141 ager polls, 0 flow alloc failures
> Active flows timeout in 1 minutes
> last clearing of statistics never
> Protocol Total Flows Packets Bytes Packets Active(Sec)
> Idle(Sec)
> -------- Flows /Sec /Flow /Pkt /Sec /Flow
> /Flow
> TCP-Telnet 5007 0.0 16 69 0.0 18.2
> 14.6
> TCP-FTP 20769 0.0 1 100 0.0 0.2
> 13.7
> TCP-FTPD 40921 0.0 17 1293 0.1 22.7
> 13.0
> TCP-WWW 14505922 3.3 1 828 5.6 0.8
> 15.3
> TCP-SMTP 108611 0.0 1 575 0.0 0.1
> 13.5
> TCP-X 28 0.0 1 48 0.0 2.3
> 16.0
> TCP-BGP 9543 0.0 1 368 0.0 1.8
> 16.3
> TCP-Frag 9 0.0 1 44 0.0 1.9
> 16.8
> TCP-other 54145959 12.6 1 131 23.3 5.0
> 16.4
> UDP-DNS 19108 0.0 1 69 0.0 1.5
> 16.4
> UDP-NTP 80 0.0 1 76 0.0 0.0
> 16.4
> UDP-Frag 4295 0.0 20 53 0.0 16.8
> 13.0
> UDP-other 125240 0.0 27 215 0.8 28.1
> 10.8
> ICMP 171424 0.0 2 45 0.0 2.7
> 16.1
> IP-other 10283 0.0 159 1124 0.3 51.0
> 3.0
> Total: 69167199 16.1 1 281 30.5 4.2
> 16.1
>
>
> They were running the same version of code, but I recently upgraded the
> broken one to 12.0.19S1 to no effect. 'ip route cache flow' is set on
> the interface.. Perhaps OC-48 line speed is too high for Netflow without
> sampling?
>
> Thanks in advance,
>
> Tim Bulger
> Senior Network Engineer
> Electronic Arts
>
>

• Next message: Barry Wright: "RE: [nsp] GSR+Netflow+OC-48 blade that won't export flows?"
• Previous message: sthaug@nethelp.no: "[nsp] Examples of rate limiting on Cat6509 running IOS?"
• In reply to: Barry Wright: "RE: [nsp] GSR+Netflow+OC-48 blade that won't export flows?"
• Next in thread: Junichi Shimagami: "Re: [nsp] GSR+Netflow+OC-48 blade that won't export flows?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:57 EDT