[c-nsp] Netflow on 7600. Again...

Phil Bedard philxor at gmail.com
Wed Aug 17 16:41:22 EDT 2011 

What are you seeing on the collector?  From memory I believe the NDE
export stats is what you want, the flow export stats are for software
switched flows, so you hopefully won't see much via that command.

Phil

On 8/17/11, Michail Litvak <sha90w at gmail.com> wrote:
> Hello,
>
> I have 7609 rsp720 with c7600rsp72043_rp Software
> (c7600rsp72043_rp-ADVIPSERVICESK9-M), Version 12.2(33)SRD5.
>
> I try to enable sampled netflow:
>
> mls flow ip interface-full
> mls nde sender version 5
> mls sampling packet-based 512 8192
>
> ip flow-export source VlanXXX
> ip flow-export version 5 origin-as
> ip flow-export destination 172.17.200.2 3000
>
> and on SVI:
>
> interface VlanZZZ
>  .....
>  ip flow ingress
>  mls netflow sampling
> end
>
> #sh ip int vlZZZ | i Flow
>   IP Flow switching is disabled
>   IP route-cache flags are Fast, CEF, Flow Cache
>   Input features: Ingress-NetFlow, MCI Check
>   Output features: Post-Ingress-NetFlow, Access List, HW Shortcut
> Installation
>   IP Routed Flow creation is enabled in netflow table
>   IP Bridged Flow creation is disabled in netflow table
>
> Seems as netflow enabled.
>
> #sh mls nde
>  Netflow Data Export enabled
>  Exporting flows to  172.17.200.2 (3000)
>  Exporting flows from 172.17.1.4 (60825)
>  Version: 5
>  Layer2 flow creation is disabled
>  Layer2 flow export is disabled
>  Include Filter not configured
>  Exclude Filter not configured
>  Total Netflow Data Export Packets are:
>     756150 packets, 0 no packets, 21928350 records
>  Total Netflow Data Export Send Errors:
>         IPWRITE_NO_FIB = 0
>         IPWRITE_ADJ_FAILED = 0
>         IPWRITE_PROCESS = 0
>         IPWRITE_ENQUEUE_FAILED = 0
>         IPWRITE_IPC_FAILED = 0
>         IPWRITE_OUTPUT_FAILED = 0
>         IPWRITE_MTU_FAILED = 0
>         IPWRITE_ENCAPFIX_FAILED = 0
>         IPWRITE_CARD_FAILED = 0
>  Netflow Aggregation Disabled
>
> And export packets counter increased actively, but
>
> #sh ip flow export
> Flow export v5 is enabled for main cache
>   Export source and destination details :
>   VRF ID : Default
>     Source(1)       172.17.1.4 (VlanXXX)
>     Destination(1)  172.17.200.2 (3000)
>   Version 5 flow records, origin-as
>   1146 flows exported in 295 udp datagrams
>   0 flows failed due to lack of export packet
>   0 export packets were sent up to process level
>   0 export packets were dropped due to no fib
>   0 export packets were dropped due to adjacency issues
>   0 export packets were dropped due to fragmentation failures
>   0 export packets were dropped due to encapsulation fixup failures
>   0 export packets were dropped enqueuing for the RP
>   0 export packets were dropped due to IPC rate limiting
>   0 export packets were dropped due to Card not being able to export
>
> There I see flow exported count much less than in nde and I receive
> small amount of netflow packets on flow collector (correlated with
> counter in ip flow export).
>
> I would appreciate for any thoughts how to fix this or I should just
> downgrade IOS to some SRC ? ;)
>
> --
> MYL2-RIPE
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

-- 
Sent from my mobile device

More information about the cisco-nsp mailing list