[c-nsp] Best practice - Core vs Access Router

Church, Charles Charles.Church at harris.com
Tue Feb 9 10:38:41 EST 2010


I haven't used the 'flow-aggregation ...' in the past, but it has a
destination on it still.  Not sure if that's still causing exporting to
happen or not.  Can you reduce the flow mask from 'interface-full' to
something like 'source' so that it will use less TCAM space?

Chuck 

-----Original Message-----
From: Andy B. [mailto:globichen at gmail.com] 
Sent: Tuesday, February 09, 2010 10:15 AM
To: Church, Charles
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Best practice - Core vs Access Router


On Tue, Feb 9, 2010 at 4:03 PM, Church, Charles
<Charles.Church at harris.com> wrote:
> The weird part is the NDE process is still using CPU.  Which netflow
setting
> are you using for 'mls flow ip xxx'?  Since both the RP and SP CPU are
> getting crushed at times, seems like more than just a punted packet issue,
> since that would be primarily RP, wouldn't it?

Netflow is basically configured like this:

ip flow-cache entries 524288
ip flow-cache timeout active 1
mls ip slb purge global
mls ip multicast flow-stat-timer 9
mls aging fast time 4 threshold 2
mls aging long 128
mls aging normal 64
mls netflow usage notify 80 300
mls flow ip interface-full
mls flow ipv6 interface-full
mls rate-limit unicast cef glean 200 50
mls rate-limit all ttl-failure 100 10
no mls acl tcam share-global
mls cef error action freeze

ip flow-export source Loopback0
ip flow-export version 5 origin-as
ip flow-aggregation cache as
 cache timeout active 1
 export destination <ip> 9000
 enabled
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6595 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20100209/ae0973f3/attachment.bin>


More information about the cisco-nsp mailing list