[c-nsp] 6500 Netflow
virendra rode //
virendra.rode at gmail.com
Thu Apr 17 15:07:45 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gert Doering wrote:
> Hi,
>
> On Thu, Apr 17, 2008 at 10:54:15AM -0700, virendra rode // wrote:
>> hmm, so does that mean enabling netflow on the main interface and not
>> sub-interface(s) won't collect netflow and /or populate netflow table
>> for the sub-interface?
>
> Please note that this thread was explicitely talking about 6500/7600
> hardware...
- ----------------------------
sorry I didn't mean to hijack the thread, caught my curiosity from a
scalability (sw vs hw) standpoint.
>
>> doing a quick test on my lab router 2800 running 12.4(10c)
>
> ... and that's almost the "most different" thing Cisco builds these days
> regarding router architecture.
>
>> shows netflow
>> collector gathering data from sub-interface w/ "ip route-cache flow"
>> enabled on the main interface or am I confusing myself?
>>
>> sh ip cache flow shows traffic being sourced from sub-interface.
>
> Don't use "ip route-cache flow" (which is a "early stone age" command,
> and can only be set on the main interface, and automatically enables
> flow accounting for all sub-interfaces).
- ------------------------
that answers my question but then again we haven't run into any head
scratching issues including any performance related that has caused us
to move away from this command.
then again from my brief discussion w/ my peers I'm told the difference
in ip flow ingress/egress netflow scalability is night and day.
regards,
/virendra
>
> Use "ip flow ingress", which is per-subif.
>
> gert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIB6ABpbZvCIJx1bcRAhJfAJ4pjogXKkx37rSM7YiVFyMabqc4/gCggmg1
tUMnaxScUExMd8tboaO5Dn4=
=w+mg
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list