[c-nsp] netflow real AS instead of uplink provider?
Nemeth Laszlo
csirek at cooler.hu
Wed Jun 15 08:57:07 EDT 2016
Hello
I tried to get the source or destianton AS of a flow from our ASR9001
(iosxr 4.3.1) router.
But i got this:
RP/0/RSP0/CPU0:asr0#sh flow monitor netflow-monitor cache location
0/0/CPU
IPV4SrcAddr IPV4DstAddr L4SrcPort L4DestPort BGPDstPeerAS
BGPSrcPeerAS BGPNextHopV4 IPV4DstPrfxLen IPV4SrcPrfxLen IPV4Prot
IPV4TOS InputInterface OutputInterface L4TCPFlags ForwardStatus
FirstSwitched LastSwitched ByteCount PacketCount Dir
SamplerID
12.76.231.21 15.24.11.13 25 43473 0
1234 0.0.0.0 32 18 tcp
0x40 Te0/0/2/1 BE100.79 A|R| Fwd
43 07:23:34:199 43 07:23:34:199 40 1 Ing 1
So in every flow DstPeerAs or SrcPeerAS is 1234 (my uplink provider) or
0 not the real source AS where the package coming from. Because of it
the nfdump (flow collector) doesn't get any info about the real AS of
the destination or source. I would like to receive it because i have to
generate OurAS<->OtherAS traffic graphs.
Of course i use the "bgp attribute-download" in the BGP section but it
doesn't help.
Any ideas?
Thanks
Laszlo
More information about the cisco-nsp
mailing list