[c-nsp] Are there any disadvantages to aggressive netflow aging on a 6509?
Sergey Nikitin
oldnick at oldnick.ru
Tue Jul 5 02:14:51 EDT 2011
You should check:
remote command switch show processes cpu sorted
You will see that NDE - IPV4 process will increase. With very aggressive
timers you could get a high switch CPU load and there could be some
disadvantages (what i know is that box could drop some snmp queries at
about 30-40% of switch CPU load). I didn't try to make it more then 40%,
so I don't know what will be after that.
HTH
Matthew.Coleman-Hamilton at servicebirmingham.co.uk wrote:
> I've recently enable netflow across the bulk of our 6509 estate and have,
> after reading various guides, posts and pieces of advice settled on a
> fairly aggressive set of mls aging timers (the estate is a mixture of
> Sup720-3B and 3BXL supervisors):-
> mls aging long 64
> mls aging normal 32
> mls aging fast time 16
> ip flow-cache timeout active 1
> ip flow-cache timeout inactive 15
> This seems to be having the desired affect in that TCAM utilisation is not
> approaching 100% and there doesn't appear to have been any significant
> increase in CPU utilisation (the EARL NDE task pops up in the process list
> on occasion when I check but seems to be using single figure % on the
> whole).
> However, my question is whether there are any disadvantages to aggressive
> aging, i.e. am I potentially missing flow information or exporting
> incomplete flow information by moving away from the default settings and
> aging flows quicker?
> TIA
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list