[c-nsp] Netflow export from 6500 w/sup-720
Ian Cox
icox at cisco.com
Tue Aug 24 12:36:53 EDT 2004
At 10:39 AM 8/24/2004 +1000, Andrew Fort wrote:
>Stephen J. Wilcox wrote:
>
>>On Sun, 22 Aug 2004, Nicolaj Ottsen wrote:
>>
>>>>do you have ip route-cache flow enabled on all interfaces?
>>>
>>>No only interfaces from where I want to collect netflow
>>
>>this will only enable netflow to flows coming in on the specified
>>interfaces (not out), to capture outbound flows you need to enable it on
>>all the interfaces that these flows would come in (ie all the others)....
>>are you only after inbound?
>>Steve
>
>Small note:
>
>On the supervisor 720, when you do 'ip route-cache flow' (or ip flow
>ingress) on one interface, you get netflow exports from all interfaces,
>whether you want them or not (is this the same on the sup2?). To be able
>to selectively configure this is supposed to be coming RSN. This is in
>Native IOS, btw. This may not include CWAN interfaces (but I can't
>remember to be sure).
The way netflow export is implemented for hardware switched packets in
current shipping code, is when enabled it is enabled for all interfaces.
"ip route-cache flow" only applies to packets that are switched by the RP
(MSFCx in software). Packets switched in hardware behave the same way even
if the interfaces are WAN.
Ian
>Also, sampling doesn't help your Netflow TCAM usage on the box itself,
>since it's only the exports which are sampled, rather than the table
>populations.
>
>I'd be interested to know if there's anyone using the Sup720 (pfc3a or
>3b?) netflow for billing, on a production network (and, I must admit,
>surprised).
>
>cheers,
>andrew
>
>_______________________________________________
>cisco-nsp mailing list cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list