[c-nsp] Netflow: 7600, egress

alexey alexnetc at gmail.com
Wed Jul 4 10:34:14 EDT 2007 

Hm...
Not for MSFC only, because comand guide recommends to configure cef...
By the way, may be you try evidently configure cef on interface :)

2007/7/4, Dmitry Kiselev < dmitry at dmitry.net>:
>
> Hello!
>
> On Wed, Jul 04, 2007 at 05:35:31PM +0400, alexey wrote:
>
> > Hello!
> > Dmitry, where have you find anything about egress NetFlow on 7600? :)
> > I am reading config guide attentively
> >
> http://www.cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a0080699369.html#wp1078217
> > but no nothing about egress netflow!
>
>
> But in command reference it is described
> http://www.cisco.com/en/US/products/ps6922/products_command_reference_chapter09186a0080697fa4.html#wp1094522
>
>
> and IOS accept "ip flow egress" on interface
> May be it work for MSFC switched traffic only? :)
>
>
> > 2007/7/4, Dmitry Kiselev <dmitry at dmitry.net >:
> > >
> > > Hello!
> > >
> > > On my 7600 test box with RSP720 I failed to do egress netflow.
> > > Here is config snapshot:
> > >
> > > mls flow ip interface-full
> > >
> > > interface GigabitEthernet1/25
> > > ip address XXX.YYY.17.2 255.255.255.252
> > > ip flow ingress
> > > ip flow egress
> > > !
> > > interface GigabitEthernet1/26
> > > ip address XXX.YYY.16.2 255.255.255.252
> > > !
> > >
> > >
> > > When I send pings between two routers connected to g1/25 and g1/26
> > > I see only g1/25 ingress flow records:
> > >
> > >
> > > Router-XXX.YYY.17.1#ping XXX.YYY.16.1
> > >
> > > Type escape sequence to abort.
> > > Sending 5, 100-byte ICMP Echos to XXX.YYY.16.1, timeout is 2 seconds:
> > > !!!!!
> > > Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms
> > >
> > >
> > > 7600-RSP720#sh mls netflow ip dest XXX.YYY.16.1
> > > Displaying Netflow entries in Supervisor Earl
> > > DstIP           SrcIP           Prot:SrcPort:DstPort  Src
> > > i/f          :AdjPtr
> > >
> > >
> -----------------------------------------------------------------------------
> > > Pkts         Bytes         Age   LastSeen  Attributes
> > > ---------------------------------------------------
> > > XXX.YYY.16.1     XXX.YYY.17.1     icmp:8      :0        Gi1/25
> > > :0x0
> > > 5            500           1     14:23:37   L3 - Dynamic
> > >
> > > 7600-RSP-720#sh mls netflow ip sour XXX.YYY.16.1
> > > Displaying Netflow entries in Supervisor Earl
> > > DstIP           SrcIP           Prot:SrcPort:DstPort  Src
> > > i/f          :AdjPtr
> > >
> > >
> -----------------------------------------------------------------------------
> > > Pkts         Bytes         Age   LastSeen  Attributes
> > > ---------------------------------------------------
> > >
> > > 7600-RSP-720#
> > >
> > >
> > > In my config I can't enable igress netflow on both interfaces.
> > > Moreover, in production config physical interfaces need to be
> > > replaced with SVIs.  Is it possible to see engress hardware
> > > switched traffic?
> > >
> > > Ahh, in slot 1 6748-GE card installed and SRB1 IOS used.
> > >
> > > --
> > > Dmitry Kiselev
> > > _______________________________________________
> > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> --
> Dmitry Kiselev
>

More information about the cisco-nsp mailing list