[c-nsp] netflow accouting incompatibilities (on vaccess if)

[Gert Doering]

Hi,

ist there a document somewhere that describes under which conditions
netflow exporting suddenly can go inactive on virtual-access interfaces?

Is it dependend on CEF?

Specifically, I'm talking about 12.3(9a), and L2TP dial-in vaccess.

As you might have read before, we're moving from "ip accounting" to netflow
accounting, and currently I'm in the "compare old to new, wonder about
differences" phase.  During this, I discovered a couple of customer
IPs that send packets that are not visible in netflow at all.

Checking their vaccess interface, I find:

interface Virtual-Access292
 mtu 1492
 ip unnumbered Loopback5
 ip verify unicast reverse-path
 ip accounting output-packets
 ip flow ingress
 ip route-cache flow
 ip tcp adjust-mss 1380
 compress mppc
end

and "show ip int" shows (slightly truncated):

Virtual-Access292 is up, line protocol is up
  Interface is unnumbered. Using address of Loopback5 (X.Y.Z.236)
...
  IP fast switching is disabled
  IP fast switching on the same interface is disabled
  IP Flow switching is enabled
  IP CEF switching is disabled
  IP Null turbo vector
  IP Null turbo vector
  IP multicast fast switching is disabled
  IP multicast distributed fast switching is disabled
  IP route-cache flags are Fast, Flow, CEF, Flow Cache, Flow Ingress
  Router Discovery is disabled
  IP output packet accounting is enabled
  IP access violation accounting is disabled, system threshold is 200000
  TCP/IP header compression is disabled
  RTP/IP header compression is disabled
...
  IP verify source reachable-via RX, allow default
  0 verification drops
  0 suppressed verification drops

While pinging the customer, the flow cache definitely doesn't have
anything for the interface in question:

Cisco#sh ip cache flow | inc 292
Cisco#

(packets going *to* the customer's IP are accounted elsewhere, so won't show
up here)

For other virtual-access interfaces, that do NOT have "compression mppc"
in there, Netflow accounting does work (and IP CEF is enabled).

Am I right in assuming that

  - mppc compression is incompatible with CEF ?
  - CEF is essential for netflow accounting  (in 12.3(x)) ?

  -> so "user requests mppc -> netflow is silently deactivated"

Nasty surprise.


As a workaround: is there a way to force-deny CCP requests on our
Cisco?  I can't seem to find a setting in the virtual-template that
will reject compression - "no compress" will just make it "not request"
compression (but obviously not reject it - that's already set).  Any
tips what I overlooked?

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de