[c-nsp] Netflow on 7600. Again...

Michail Litvak sha90w at gmail.com
Wed Aug 17 16:00:16 EDT 2011 

Hello,

I have 7609 rsp720 with c7600rsp72043_rp Software
(c7600rsp72043_rp-ADVIPSERVICESK9-M), Version 12.2(33)SRD5.

I try to enable sampled netflow:

mls flow ip interface-full
mls nde sender version 5
mls sampling packet-based 512 8192

ip flow-export source VlanXXX
ip flow-export version 5 origin-as
ip flow-export destination 172.17.200.2 3000

and on SVI:

interface VlanZZZ
 .....
 ip flow ingress
 mls netflow sampling
end

#sh ip int vlZZZ | i Flow
  IP Flow switching is disabled
  IP route-cache flags are Fast, CEF, Flow Cache
  Input features: Ingress-NetFlow, MCI Check
  Output features: Post-Ingress-NetFlow, Access List, HW Shortcut Installation
  IP Routed Flow creation is enabled in netflow table
  IP Bridged Flow creation is disabled in netflow table

Seems as netflow enabled.

#sh mls nde
 Netflow Data Export enabled
 Exporting flows to  172.17.200.2 (3000)
 Exporting flows from 172.17.1.4 (60825)
 Version: 5
 Layer2 flow creation is disabled
 Layer2 flow export is disabled
 Include Filter not configured
 Exclude Filter not configured
 Total Netflow Data Export Packets are:
    756150 packets, 0 no packets, 21928350 records
 Total Netflow Data Export Send Errors:
        IPWRITE_NO_FIB = 0
        IPWRITE_ADJ_FAILED = 0
        IPWRITE_PROCESS = 0
        IPWRITE_ENQUEUE_FAILED = 0
        IPWRITE_IPC_FAILED = 0
        IPWRITE_OUTPUT_FAILED = 0
        IPWRITE_MTU_FAILED = 0
        IPWRITE_ENCAPFIX_FAILED = 0
        IPWRITE_CARD_FAILED = 0
 Netflow Aggregation Disabled

And export packets counter increased actively, but

#sh ip flow export
Flow export v5 is enabled for main cache
  Export source and destination details :
  VRF ID : Default
    Source(1)       172.17.1.4 (VlanXXX)
    Destination(1)  172.17.200.2 (3000)
  Version 5 flow records, origin-as
  1146 flows exported in 295 udp datagrams
  0 flows failed due to lack of export packet
  0 export packets were sent up to process level
  0 export packets were dropped due to no fib
  0 export packets were dropped due to adjacency issues
  0 export packets were dropped due to fragmentation failures
  0 export packets were dropped due to encapsulation fixup failures
  0 export packets were dropped enqueuing for the RP
  0 export packets were dropped due to IPC rate limiting
  0 export packets were dropped due to Card not being able to export

There I see flow exported count much less than in nde and I receive
small amount of netflow packets on flow collector (correlated with
counter in ip flow export).

I would appreciate for any thoughts how to fix this or I should just
downgrade IOS to some SRC ? ;)

-- 
MYL2-RIPE

More information about the cisco-nsp mailing list