Cisco :: ASR1000 Monitoring NAT Using Netflow 9
Feb 7, 2010
I have a question regarding netflow and NAT. I have read some documentation (on ASR1000) regarding monitoring NAT process on Cisco ASR1000 that can be done using netflow version 9 (the term was called netflow event logging a.k.a NEL). The problem is, I have not found the netflow collector that can do that. I have queried several software such as manage engine "Netflow Analyzer" and Lancope, but they said their software can not do that.
View 11 Replies
ADVERTISEMENT
Mar 18, 2012
I would like to run some NetFlow monitoring on a few sub interfaces on a router. This is a 7301, with an NPE-G1.What I want to know is, does Cisco have a page anywhere (because I can't find one) that lists typical additional CPU and memory loads one can expect when enabling NetFlow on an (sub)-interface; perhaps for a given speed (Mbps) and/or number of flows?I don't want to enable NetFlow and then bring the device to a grinding halt, how can I know what sort of overhead to expect?
View 2 Replies
View Related
Nov 21, 2011
Does the SGE2000 supports NetFlow? I've checked the Cisco docs and also called Cisco support to which no one has been able to answer me.
Anyhow, just in case it doesn't support NetFlow, how to be able to set up something that would be able to check the bandwidth usage on each port?
I've got a problem where I think the SGE2000 switch is failing when I pump around 190~200Mbps through x2 of the ports (Server A on port 1=130Mbps and Server B on port 2=60Mbps) of Multicast traffic (UDP). I can measure the output from the Streaming servers that provide the multicast content, thats how I know the input to the switch and I know that there are no packets lost or any errors departing from the servers, yet when I increase server B to say 80Mbps, I get break up and all sorts of problems on the client end STBs and it is happening on the multicast content provided by Server A too which is a different source, so I'm 99.9% sure its a SGE2000 switch problem which is why I'd like to monitor it somehow.
View 1 Replies
View Related
Mar 13, 2012
Any major difrrence between Netflow v/s Netflow-Lite?
I am trying to understand if Cisco 4948E can do the same job as Cisco 4500E or not and difference between Netflow v/s Netflow-Lite will work for me to select correct product.
View 2 Replies
View Related
Jul 9, 2011
Am trying to find out what is the suitable SPA for ASR1000 routers to connect ATM DS3 through the local telco. Currently this is connected to a NM-ATM-DS3 module on a C3845 router. The reason for asking is we need to upgrade the WAN router to ASR1000.
View 2 Replies
View Related
Jun 24, 2012
I am looking for a way to use a 3G connexion on ASR1000.Is it possible to install HWIC module of ISR2 in SPA slot or use an USB modem on the RP?
View 2 Replies
View Related
Sep 25, 2012
The ASR1000 router supports hot-swap modules and network interfaces?
View 1 Replies
View Related
May 5, 2013
We use ISG on asr1000 (l3 routed subscriber). Now we are trying to implement ipv6 isg sessions. so.. for ipv4 sessions we have
radius-server attribute 8 include-in-access-req
radius-server attribute 32 include-in-access-req but for ipv6 there is no such attribute#radius-server attribute ?
11 Filter-Id attribute configuration
188 Num-In-Multilink attribute configuration
218 Address-Pool attribute
25 Class attribute
30 DNIS attribute
31 Calling Station ID
32 NAS-Identifier attribute
4 NAS IP address attribute
44 Acct-Session-Id attribute
55 Event-Timestamp attribute
6 Service-Type attribute
60 CHAP-Challenge attribute
61 NAS-Port-Type attribute configuration
66 Tunnel-Client-Endpoint attribute
67 Tunnel-Server-Endpoint attribute
69 Tunnel-Password attribute
77 Connect-Info attribute
8 Framed IP address attribute
95 NAS IPv6 address attribute
list List of Attribute Types
nas-port NAS-Port attribute configuration
nas-port-id Nas-Port-Id attribute configuration
what is best practice for authorize ipv6 l3 subscribers ?
View 3 Replies
View Related
Apr 11, 2013
We have asr1006 with 2 esp-40 and 2 rp2 and 2 sip-40. we need to bridge vlan from portchannel (2*10) to single 10ge port.
So fn said that EVC on Port-Channel supported on our software and document [URL] have such example
- configure terminal
- interface port-channel channel-group
- service instance id ethernet
But on our router we have not service command on port-channel. only on non portchannel interface.
But other document have Restrictions for Configuring EVCs on the Cisco ASR 1000 Series Router The following features are not supported: EVC on Etherchannels
Connect ww port-channel 1 2 tenGigabitEthernet 0/1/0 2 this is possible command on our router (but i can't create service instance on portchannel interface)
We need to bridge l2 without l3 termination ? is this possible with port-channel ?
View 1 Replies
View Related
Dec 6, 2012
we're trying to integrate our SBC instances (CUBE SP on ASR1000) into our network management system (EMC SMARTS)Syslog messages from SBC instances are some kind of cumbersome with lot of line breaks resulting in multiple syslog messages the NMS must parse.How do I configure it to just put it all into one line just as "normal" log messages?
View 2 Replies
View Related
Dec 15, 2012
How to test the aaa on cisco asr 1000 ? I wana test some user account to a cisco acs.
View 5 Replies
View Related
Oct 30, 2012
I'm trying to use EPC on ASR1001 running IOS-XE 3.4, and it won't work. Configuration commands are accepted by the router, but there are no packets in the capture buffer.In release notes for IOS-XE, in the 2.5 section, there is a statement that EPC is not supported on ASR1k. Is it true also for newer versions of IOS-XR?
View 1 Replies
View Related
Jul 7, 2012
One of our customer would like to connect 3 datacentres and decided to use VPLS to extend layer 2 VLANs . For this purpose they have bought six Cisco ASR1000 edge routers( two at each side).They also wanted to buy MPLS SP backbone but have decided to buy 2x10G dark fibre links instead.My question is,
1-Will it still possible to run VPLS over dark fibre? Because all the documents I read regarding VPLS are deployed over MPLS backbone.
2-Any sample configuration for implementation VPLS in ASR1000 ?
View 7 Replies
View Related
Mar 6, 2013
how the ASR1000s are being setup.I am looking at ASR1000s as part of network refresh and was looking at RJ-45 based Gigabit Ethernet ports compatible with the ASR1000s SPA-5X1GE-V2 seems to be an option but they are all SFPs. Are there any options for RJ-45 ones on ASR1000s?
There is an option for the 2 port where one can mix and match SFPs and RJ45 but I was looking for something which is RJ45 only.Are there any options for them available.I know I could get something with FastEthernet type but was looking for the GigabitEthernet type.
View 4 Replies
View Related
Mar 26, 2013
I'm trying to find out what platforms support Multilink PPP with Link Fragmentation and Interleaving over a single link, when that single link is PPPoE. In searching the documentation, the best information I can find is that it seems to be supported in one direction on the ASR1000 url...Many platforms appear to support PPPoE and also MLPPP w/LFI, but it's not clear that both features are supported on the same link.
The application is a radio that has an Ethernet interface on its terrestrial link, and acts as an Ethernet bridge. Would like to use Multilink PPPoE with LFI in order to provide LFI in order to run VoIP over lower speed links (e.g 256kb). For what it's worth, the radio also supports RFC 5578 PPPoE Extensions for Credit Flow and Link Metrics. It was fairly easy to find what platforms support RFC 5578. But RFC 5578 would be used to support variation in the capacity of the link. If the link speed is fixed, RFC 5578 is not needed. I was trying to find if the set of platforms supported increase if the need for RFC 5578 is taken off the table.
In particular, I'd be interested in the whether the ASR 9000 series supports MLPPP bundles with LFI when the links are PPPoE.
View 1 Replies
View Related
Mar 1, 2012
We're installing ASR1000 series (ASR1001 and ASR1006) routers on a new WAN and have a requirement to enrypt the traffic between the EIGRP neighbors. Each ASR will be connected to the MOE with a gig interface and we will be using L3 on the interfaces with EIGRP as the routing protocol. We have advipservices-k9 IOS-XE
The ASR1006 is our datacenter WAN router and all remote sites have the ASR1001s. The ASR1006 WAN interface will be configured with L3 subinterfaces, one to each remote location, using a /30 mask.
What is the best method to encrypt the traffic between the ASR1006 WAN interface and the remote ASR1001 WAN interface?
View 2 Replies
View Related
Sep 11, 2011
Any equivalent show command to get the "FIB TCAM Usage" on An ASR 1006 ?the "show platform hardware capacity forwarding" does not work on ASR1006 Example on 6500: Router# show platform hardware capacity forwarding.
View 1 Replies
View Related
Feb 13, 2013
I want to know what the default behavior about the command 'mls qos trust dscp' under router platform interface. the router is ASR1000 series.we don't need to put above command line to trust dscp in case of router? otherwise, we have to add it as welll as like switch platform.
View 4 Replies
View Related
Sep 25, 2012
The ASR1000 router supports hot-swap modules and network interfaces?
View 2 Replies
View Related
Mar 27, 2012
how to perform UBRL User Based Rate Limiting on ASR1000 like we can do it on Catalyst6500?
View 3 Replies
View Related
Jun 10, 2012
I am working on a network which has two ISP connections (Active/Active) terminating on router (ASR1000). From the LAN side (6500 switch) all the traffic need to be route on ISP1 but some of the specific subnets like 10.250.0.0/16 need to be route on ISP2 connection.
I am planning to use PBR and NAT with route maps. any documents or refrences are provided.
(access switches)---------(core switch)----------(routers)----------------(ISP1)
----------------------(ISP2)
View 1 Replies
View Related
Apr 17, 2013
I have configured the netflow to gathering flow from my cisco 2800 as below:
interface GigabitEthernet0/0
description ### To VNPT_FTTH_20M ###
no ip address
ip flow egress
ip route-cache flow
[Code]...
But i still not see users addresses(each individual hosts will go though) What and where i am configured wrong? I also attached here the map network.
View 5 Replies
View Related
Jan 8, 2013
configured the monitor and exporter on the wcs 5508 running 7.4.100.0 and it is not working.
View 1 Replies
View Related
Mar 1, 2012
How NetFlow works when NAT is enabled in the Cisco Router? ...the translation of IP addresses is done before or after save the packets in the flow caches?
View 3 Replies
View Related
Jan 9, 2013
i just came to know Assurance feature license doesn't come for free when upgrading from LMS4.2 or NCS1.1. It has to be purchased. Before buying this license, i would like to know if IPv6 netflow is supported.
View 0 Replies
View Related
Feb 5, 2013
I have an issue with Netflow that I have been unable to solve. I have an ASA5510 that is sending netflow data to a FogLight NMS and it works fine until I reboot the server. After the server is rebooted, the flows no longer are received until I reload the ASA. Once the ASA is rebooted, flows work fine. I can remove and reconfigure the netflow configuration on the ASA and that will start the netflow again, but that is painful.
Is there any way to easily stop/restart or re-initiate the netflow from the ASA easily?
View 2 Replies
View Related
Apr 22, 2013
I see these errors on my 6500 router which acts as my server farm and has hundreds of servers connecting to it. I have just taken over these routers from another guy and think the errors may have been there for quiet awhile. I have another router which doen't seem to have these errors. Can you tell me how to turn off netflow? Will it cause any problems to my server farm? Is there a risk to the router if I disable something?
I ask this cause the server guys are having problems with certain servers. I am not sure if they are because of this or not. I really would like to clear the logs. [code]
View 4 Replies
View Related
May 22, 2013
I was trying to get Netflow setup on one of my 7K VDCs and ran into a problem. While netflow data was reaching the collector, IP src/dst information was not appearing in the analyzer tool. I could not see any information about conversations. So I contacted the company that makes the collector/analyzer and the directed me to a blog on their site and told me to setup the 7K exactly as it is described in the blog post. I did and a bit later the ip src/dst address information appeared. So the only difference between the two configurations was that in the first case I tried to define a record and in the second case, no record was defined and instead the orginial-netflow parameter was used in the "flow monitor" section. [code]
I referenced the document "Cisco Nexus 7000 Series NX-OS System Management Configuration Guide,Release 6.x", Chapter 19 - Configuring NetFlow.It's clear to me that I didn't do something right in defining my own record since that's really the only difference between the config that worked vs the config that didn't. However, the documentation I referenced doesn't really provide useful information about how to create a record (above and beyond what I can already see by typing '?' at the CLI).
For example, the "match" command makes no sense to me. Usually when you have a match command it is accompanied by some sort of ACL. In the "flow record" section a match command would be something like "match ipv4 source address" but that's it. What does that mean? Match anything that has a IPv4 source address?? That doesn't make much sense. The collect commands are equally as bewildering. If I want to define my own record (and not use the original-netflow parameter) what do I need to do in the "flow record" sub-configuration to get Nexus to send ip src/dst information to the collector (which, I would think, is basic information to send - what good is netflow data without it)?
View 1 Replies
View Related
Jan 10, 2011
We have a 1841 router and would like to enable netflow. Will this degrade the router's CPU and memory performance.
1841>sh verCisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.4(1c), RELEASE SOFTWARE (fc1)Technical Support: [URL] Copyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Tue 25-Oct-05 17:10 by evmiller
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
1841 uptime is 1 day, 4 hours, 47 minutesSystem returned to ROM by power-onSystem restarted at 11:04:25 MYT Mon Jan 10 2011System image file is "flash:c1841-ipbase-mz.124-1c.bin"
Cisco 1841 (revision 7.0) with 114688K/16384K bytes of memory.Processor board ID FCZ113311Y62 FastEthernet interfacesDRAM configuration is 64 bits wide with parity disabled.191K bytes of NVRAM.31360K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102
View 5 Replies
View Related
Apr 5, 2012
I am trying to setup Netflow to identify a problem I am having with a video conferencing system. Here are the commands that I have entered into the 6509 I am working on. I have checked this against another 6509 I have and these match. Not able to get netflow to show up on the solarwinds server. I have configured it to accept the netflow source coming from the 6509 I am working on.
ip flow-export version 9
ip flow-export destination 1.1.1.1 2055
ip flow-export sourc vlan 254
[Code].....
View 3 Replies
View Related
Dec 13, 2010
how I configure netflow on a cisco 877 router.
I have an interface e0/4 that is 172.1.1.1 on router one (network one) which links to another router (onnetwork two) which has an interface of e0/4 172.1.1.2 which allows two networks to communicate. Network one is 192.168.0.0 /24 and network two is 10.255.255.0 /24.
How do i configure netflow to monitor the traffic going through these interfaces?
View 1 Replies
View Related
Jan 12, 2011
I have a WS-C3560X-24P with this SW version 12.2(55)SE1. It has several L3 Vlan interfaces.How do I enable it to send Netflow traps?It does not support the ip flow-export commands.
View 3 Replies
View Related
Apr 19, 2012
I have a 7200 router with a 12.2.(46a) IOS and I am trying to activate Netflow on a subinterface. From the documentation of Cisco, I should be able to do it since the ios 12.2.(14)S but the command is unavailable.
[URL]
I have tried also to enter the command in the subinterface directly but it doesn't recognize it.
View 2 Replies
View Related
