[c-nsp] A9K Netflow export drops
Robert Williams
Robert at CustodianDC.com
Mon May 23 11:18:47 EDT 2016
Hi,
Thanks for the input, there doesn't seem to be any applicable rate-limit that I can spot to be honest. You can limit the rate that flows are 'expired' but this only limits the cache element, not the exporting element I believe.
Also, none of the loads look 'challenging' for the hardware compared to the throughput/capacity it could potentially be dealing with (this box only has like 8G of throughput on it.
Unless anyone else has any ideas then I'll probably go to TAC with this, as it seems ludicrous that an edge device like this can capture flows at a rate way beyond that which it can export them...
Cheers!
Robert Williams
Custodian Data Centre
Email: Robert at CustodianDC.com
http://www.CustodianDC.com
-----Original Message-----
From: Dale W. Carder [mailto:dwcarder at wisc.edu]
Sent: 23 May 2016 16:02
To: Robert Williams <Robert at CustodianDC.com>
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] A9K Netflow export drops
Thus spake Robert Williams (Robert at CustodianDC.com) on Sat, May 21, 2016 at 10:59:50AM +0000:
>
> I've got an issue on one of our smaller 9001 boxes which is puzzling me.
> It suffers from a high rate of netflow export drops (not cache drops) shown here:
>
> So from what I understand, it is capturing the flows OK but is unable to get the flow data out, for some reason.
I can confirm that our 9k's suffer from this also.
The last I checked you can export at the rate of 2000 flows/sec. I have not looked in 2 years or so to see if this limit was configurable yet.
> So - what am I missing here? Surely with a cache capability of 1M it should be ok to export flows when were are only around 30,000 of them nicely ticking over?
join the club. :-(
Dale
More information about the cisco-nsp
mailing list