[c-nsp] Netflow: 7600, egress

Dmitry Kiselev dmitry at dmitry.net
Wed Jul 4 11:38:13 EDT 2007 

Hello!

On Wed, Jul 04, 2007 at 10:18:14AM -0400, Phil Bedard wrote:


> It is only supported on the RSP720/MSFC4/SRB afaik.   You can get  
> netflow stats for L2-switched traffic, I think "ip flow l2-switched  
> vlan xxx."
> Have you tried not having both ingress and egress on the same  
> interface at the same time?


I leave "ip flow egress" only on g1/25 and see no any flow records.
Seems egress netflow feature does not supported in hardware.



>   I know that it won't create flows for  
> traffic originated on the router, but you aren't
> doing that.
> 
> Phil
> 
> 
> On Jul 4, 2007, at 9:35 AM, alexey wrote:
> 
> >Hello!
> >Dmitry, where have you find anything about egress NetFlow on 7600? :)
> >I am reading config guide attentively
> >http://www.cisco.com/en/US/products/hw/routers/ps368/ 
> >products_configuration_guide_chapter09186a0080699369.html#wp1078217
> >but no nothing about egress netflow!
> >
> >2007/7/4, Dmitry Kiselev <dmitry at dmitry.net>:
> >>
> >>Hello!
> >>
> >>On my 7600 test box with RSP720 I failed to do egress netflow.
> >>Here is config snapshot:
> >>
> >>mls flow ip interface-full
> >>
> >>interface GigabitEthernet1/25
> >>ip address XXX.YYY.17.2 255.255.255.252
> >>ip flow ingress
> >>ip flow egress
> >>!
> >>interface GigabitEthernet1/26
> >>ip address XXX.YYY.16.2 255.255.255.252
> >>!
> >>
> >>
> >>When I send pings between two routers connected to g1/25 and g1/26
> >>I see only g1/25 ingress flow records:
> >>
> >>
> >>Router-XXX.YYY.17.1#ping XXX.YYY.16.1
> >>
> >>Type escape sequence to abort.
> >>Sending 5, 100-byte ICMP Echos to XXX.YYY.16.1, timeout is 2 seconds:
> >>!!!!!
> >>Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms
> >>
> >>
> >>7600-RSP720#sh mls netflow ip dest XXX.YYY.16.1
> >>Displaying Netflow entries in Supervisor Earl
> >>DstIP           SrcIP           Prot:SrcPort:DstPort  Src
> >>i/f          :AdjPtr
> >>
> >>--------------------------------------------------------------------- 
> >>--------
> >>Pkts         Bytes         Age   LastSeen  Attributes
> >>---------------------------------------------------
> >>XXX.YYY.16.1     XXX.YYY.17.1     icmp:8      :0        Gi1/25
> >>:0x0
> >>5            500           1     14:23:37   L3 - Dynamic
> >>
> >>7600-RSP-720#sh mls netflow ip sour XXX.YYY.16.1
> >>Displaying Netflow entries in Supervisor Earl
> >>DstIP           SrcIP           Prot:SrcPort:DstPort  Src
> >>i/f          :AdjPtr
> >>
> >>--------------------------------------------------------------------- 
> >>--------
> >>Pkts         Bytes         Age   LastSeen  Attributes
> >>---------------------------------------------------
> >>
> >>7600-RSP-720#
> >>
> >>
> >>In my config I can't enable igress netflow on both interfaces.
> >>Moreover, in production config physical interfaces need to be
> >>replaced with SVIs.  Is it possible to see engress hardware
> >>switched traffic?
> >>
> >>Ahh, in slot 1 6748-GE card installed and SRB1 IOS used.
> >>
> >>--
> >>Dmitry Kiselev
> >>_______________________________________________
> >>cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >>https://puck.nether.net/mailman/listinfo/cisco-nsp
> >>archive at http://puck.nether.net/pipermail/cisco-nsp/
> >>
> >_______________________________________________
> >cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >https://puck.nether.net/mailman/listinfo/cisco-nsp
> >archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
> 
> 

-- 
Dmitry Kiselev

More information about the cisco-nsp mailing list