Cisco :: Configure Netflow Catalyst 6500 With SUP720-10GE
Jun 5, 2012
I tried to configure netflow without success.
Setup is the following.
Cisco Catalyst 6509 with Sup720-10GE IOS 12.2(33)SHX7. There are around 30 L3 vlans configured on the switch. I'm only interested for the traffic on one L3 vlan which is the connection to wan cloud.
I wanna see only the traffic that goes to and come from the wan. On other Catalyst where I have routed interfaces i successfully configured netflow. I read a lot in the forums and documentations but i didn't find the right one.
View 1 Replies
ADVERTISEMENT
Nov 27, 2011
We are getting log messages like
%EARL-DFC4-4-NF_USAGE: Current Netflow Table Utilization is 95%
%EARL-DFC4-4-NF_USAGE: Current Netflow Table Utilization is 99%
What this messages really means and how to get rid of these messages. We are using IOS version 12.2(33)SXJ in Catalyst 6500.
View 3 Replies
View Related
Jun 4, 2012
It is possible to configure the IOS NetFlow 122-58.SE2 in a Catalyst 3560?
View 5 Replies
View Related
Jun 9, 2013
I'm trying to configure a egress netflow in a 6500 (VSS) with VS-S720-10G supervisor. I foud some old posts and understood that netflow wasn't supported on 6500 but i found a new document and it seems that netflow is supported in Supervisor Engine 2T:[URL] Does the netflow still not supported in VS-S720-10G? It's weird because the command is supported:
#sh run int vlan 4
Building configuration...
Current configuration : 353 bytes
!
interface Vlan4
ip address X.X.X.X 255.255.0.0
[cod]....
View 1 Replies
View Related
Apr 12, 2012
Is it possible to modify conf with snmp on ace module like others 6500 catalyst ?Is ace answer to snmpset cmds ?
View 1 Replies
View Related
Aug 28, 2012
Is it possible to have one netflow export profile (may not be the right word...) to send all the flow information to one collector and another profile to only send traffic to and from centain IP addresses to another collector? If it is possible on the hardware and software, any quick sample config?
#sh ver
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXH4,
#sho module 7
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
7 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAL1115LJBR
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
7 0017.9444.9814 to 0017.9444.9817 5.3 8.4(2) 12.2(33)SXH4 Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
7 Policy Feature Card 3 WS-F6K-PFC3B SAL1115L2NH 2.3 Ok
7 MSFC3 Daughterboard WS-SUP720 SAL1115LH7W 2.6 Ok
Mod Online Diag Status
---- -------------------
7 Pass
View 2 Replies
View Related
Nov 18, 2012
I am in front of a choice what to select to deploy 10Ge in my datacenter to get four 6504e and two 3750x units connected to each other.All devices are located in 3-7 meters away from each other.The choice is whether to go for a multimode fiber and 10GBASE-SR X2 Modules OR cat7 UTP and 10GBASE-T X2 pluggable transceiver.Money wise it doesn't matter.Fiber looks less attractive since it's fragile and a bit harder to put in underfloor area.Cat7 is more attractive but there are 2 points:
1) I couldn't find ANY single photo of a 10GBASE-T (a module with a single RJ45 port). How does it look? Does it come with a cable or...??
2) How stable is it to run 10Ge over UTP?
View 1 Replies
View Related
Apr 26, 2011
Cisco 6500 Sup720-3B SPA IOS SXI - GRE tunnel will not come up.It worked fine on SXF code, but the crypto map can not be applied on tunnel interface.The iskmp is up with the OM_IDLE The crypto give it a Cryto UP, the the Tunnel does not come up. It is UP down.Does some one have a working config with a 6500 IOS SXI Train with GRE IPSEC Tunnel?
View 1 Replies
View Related
Jun 17, 2012
What does RP drops entail? We are experiencing 0.23 % drops on an vlan int on one of our 6500. This interface is an L3 to a server-subnet. Doing a sh int vlan 238 switching shows 30935411 RP (Route Processing) drops.It was a bit unclear to me in the thread "Input queue drops on 6500 vlan interface" if RP drops was through the router, or to the router(mgmnt)?I can do a netdr to see what traffic goes to it. It should not generate CPU load, but I think I will wait until after hours before I try that command.
- do NETDR:
-- debug netdr cap rx vlan 238
-- show netdr cap
View 5 Replies
View Related
Sep 11, 2012
when using "show mls statistics" I see a lot packets are getting L3 Processed. Does that mean they are getting software-forwarded?
IOS is 12.2(33)SXI5.
Cat6k#show mls statistics
Statistics for Earl in Module 5
L2 Forwarding Engine
[Code]....
View 1 Replies
View Related
Nov 16, 2011
I have problem with the standby supervisor in 6500 vss and need to replace the supervisor. I have follow how-to on the cisco web site url...
But when i boot the new standby sup720 it comes active and both supervisors is rebooting. I wonder if i can do the replacement without rebooting both active and standy supervisor.
View 1 Replies
View Related
Jun 6, 2011
I want to choose a pair of switches for our data center.What I need: 48 x 1GE access ports, 2 x 10GE uplink ports.Nice feature of 3750-X is stacking. So what features has 4948-10GE? Why I should prefer that switch?
View 11 Replies
View Related
Jul 17, 2011
I have been net searching this question and I find answers relative to other Cisco products but not for the 6500 series. We are running entservicesk9_wan-mz.122-18.SXF17a.bin and would like to know how to change the default SSH listening port..
View 1 Replies
View Related
Nov 21, 2011
I will be installing a secondary SUP720 in a 6509-E and will be upgrading the IOS on the existing SUP which is on 122-18.SXF6. I've read that this release has passed End of Critical Maintenance earlier this you. I thinking of upgrading the IOS to 12.2.33-SXJ1(ED) or 12.2.33-SXI8(ED) (possible more stable), but i'm not sure if i need any step upgrades from the current version. The SUP meets the required hardware specs and I will also be upgrading the ROMMON to 12.2(17r)SX7 first.
I have alot of experience upgrading IOS on routers and switches, but i just need to now if there are any gotchas that i need to know for the upgrade on the SUP.
The other issue is i don't believe the current IOS has been installed, are there any issue running on an IOS not installed. Patching is not available since the system is not running from an installed image. To install please use the "install file" command.
View 3 Replies
View Related
Jan 24, 2007
if it is possible to recover a Cat 6500 that has no code on bootflash from ROMMON, and is it mandatory to have a compact flash card to do the recovery ? or can one use xmodem or TFTP ?
View 6 Replies
View Related
Jun 27, 2012
I have a situation where a customer doesn't have the required power units installed in their 6500 for me to provision a WiSM2.They use a VSS pair with a single Sup720 in each. They have no intention of adding a second Sup to each chassis.
I need to justify why they can't use slot 6 (which has power reserved) if I am to get them to upgrade the PSU's. The documentation I've found says it is supported but not recommended.
View 1 Replies
View Related
May 15, 2012
we have Supervisor Engine 720 10GE (VS-S720-10G) in slot 5 on Catalyst 6509-E. Slot 6 is free. We need to replace VS-S720-10G. Is it possible the following scenario
1. we will insert new VS-S720-10G into the slot 6
2. then we will remove the faulty VS-S720-10G from the slot 5
Will everything work without interuptions. Is any document where I can find step-by-step procedure how to replace VS-S720-10G ?
View 3 Replies
View Related
Apr 28, 2013
We recently purchased 2 Cisco 6500 series switches (with Sup 2T). These switches will be replacing our old 2 6500 series switches (with Sup 720).
We have 70 vlans and 90+ closet switches (2900) connecting the core switches We have 2 WLC connected to the core switch. We also have a 1 x 1 connection to a VSS switch which in turn connects to our Server Co-Location data center utilizing IPSec & GRE tunnel to connect to our Server Co-Location data center.
Our routing protocol is EIGRP. Our VTP domain at Server Co-Location is separate from our location “A” campus. I was wondering what is the best way to migrate our Core switches at location “A” campus.
The requirement is we would like to replace these switches with minimum downtime.
View 6 Replies
View Related
Jun 4, 2013
Are there any best practices for preventative maintenance on Catalyst Chassis switches. Looking to build a PMI schedule for a customer. Or is there evidence not to perform it at all. Things like re-seating line cards, cleaning fan exhausts, etc.
View 1 Replies
View Related
Apr 14, 2013
we have multiple Video production networks, with Video servers (AVID Unity ISIS) connected by 10GE fiber links to 4948-10GE switches. On almost every of these switches, I see more or less "Sequence-Err" interface errors. We do not currently have a known problem because this, and no other errors are seen. But I would like to understand the error, and therefore I would like to find out, what a sequence error means, what the cause is, and what the impact (to a frame) is?
By the way, it is well-known that the ISIS Video server does generate very excessive UDP data bursts. Maybe this matters? On Cisco doc I did not find an answer. The document "Troubleshooting Switch Port and Interface Problems" does unfortunately not refer to "sequence-err".
Here is an example output:
WS-C4948-10GE#sh int t1/49
TenGigabitEthernet1/49 is up, line protocol is up (connected)
[code].....
View 2 Replies
View Related
Dec 8, 2011
I have 2x v10000 Websense Security Gateways that are connected to 2x 6500 SUP720. When I turn on cluster management function between Websense appliance, they speak to each other only if they are connected in the same 6500. When they are connected one in every 6500 cluster management does not work. They are connected on the same physical vlan. Do I need multicast to be configured in the 6500 switches?
View 5 Replies
View Related
Apr 22, 2013
I see these errors on my 6500 router which acts as my server farm and has hundreds of servers connecting to it. I have just taken over these routers from another guy and think the errors may have been there for quiet awhile. I have another router which doen't seem to have these errors. Can you tell me how to turn off netflow? Will it cause any problems to my server farm? Is there a risk to the router if I disable something?
I ask this cause the server guys are having problems with certain servers. I am not sure if they are because of this or not. I really would like to clear the logs. [code]
View 4 Replies
View Related
Sep 4, 2011
We have a Cisco 6500 running the following image;
Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICES_WAN-M), Version 12.2(33)SXH4, RELEASE SOFTWARE (fc1)
We are attempting to configure Netflow and export to a colloector. We have the following configuration applied to the device, we can ping from within the vrf to the destination of the flow collector
ip flow-cache timeout active 1
ip flow ingress layer2-switched vlan 1,800-801,803,821-823,861-862,871,900,998,1100-1107,1121,1200,1221,1301-1302,1321-1322
mls netflow interface
mls flow ip interface-full
ip flow-export version 5(code)
however we do not receive the flows on the collector. We can see the flow for both hardware and software but cannot see them at the collowctor.
View 2 Replies
View Related
Apr 21, 2013
Does 6500 SUP720/2T support MAC Address-Table Move Update Feature?
View 1 Replies
View Related
May 26, 2011
Configured 6500 and 4500 to send netflow to a stealthwatch NADS.When visited by the stealthwatch engineer found that because i didnt have NDE configaured.i wasnt actually exporting any but the initial data in the flow.Now if i have got this right the command for this is - mls nde sender version 5
This is confirmed by looking at the following out put -show mls nde.Neither of these command work on my 4500 switch -does this mean that its not outputting all the data or do i not need to configure NDE or do i need another command ?
-4500 Sup V-10GE 10GE
-6500 Supervisor Engine 720 10GE
-or Supervisor Engine 720
View 0 Replies
View Related
Mar 7, 2012
I am using a Thrid party NetFlow tool, Enabled NetFlow on the Cisco 6500 as per recommendations and getting only half amout of traffic passing thorugh the interfaces. I have verified with 3 different NetFlow based tools, everything showing the same value. Is there any bug in my Cisco 6500.
View 2 Replies
View Related
Mar 13, 2012
I have a problem with the 6500 not exporting netflow data. They are not exported due to no fib.I have read somewhere that this has something to do with VRF. VRF are running on the router.ip flow ingress has been applied to desired ip int.Is there anything I could do to make it export netflow data?
VSS-core-XXX-rs1#sh ip flow export
Flow export v5 is enabled for main cache
Export source and destination details :
VRF ID : Default
Source(1) xxx.xxx.83.253 (Unknown)
[code]....
View 7 Replies
View Related
Nov 12, 2009
If a Supervisor 6-E will support NetFlow on a Catalyst 4507R-E?If not, what are my options for NetFlow on a 4507R-E?
View 7 Replies
View Related
Dec 25, 2011
I need to know if Cisco Switch 2960 support Netflow. If it doesn't, how do I configure the switch to enable Netflow?
View 3 Replies
View Related
Jul 1, 2012
We've just invested in a pair of Sup2Ts to upgrade a Sup720 6509 chassis but I'm unsure exactly how the management port(s), aka the Connectivity Management Processor (CMP), should be configured (and patched) in a dual supervisor system?Is each CMP an independent entity or is the management interface configuration (IP address, gateway, etc) replicated between supervisors?If it's the latter then do both management ports need to be physically connected at the same time?
View 1 Replies
View Related
Jun 9, 2003
I'm working for KOREA TELECOM, and currently providing MPLS VPN.We're planning to provide our customer with traffic report using NetFlow..
I read some documents which reads Netflow ver.9 can be enabled on Cisco GSR 12000 Series, but no mention about catalyst switches. Netflow ver 9 can be activated on catalyst 6500 series.. because the point where switch is located already have mpls encapsulated packet ( mpls vpn packet).
View 3 Replies
View Related
Dec 13, 2010
how I configure netflow on a cisco 877 router.
I have an interface e0/4 that is 172.1.1.1 on router one (network one) which links to another router (onnetwork two) which has an interface of e0/4 172.1.1.2 which allows two networks to communicate. Network one is 192.168.0.0 /24 and network two is 10.255.255.0 /24.
How do i configure netflow to monitor the traffic going through these interfaces?
View 1 Replies
View Related
Sep 5, 2012
I am trying to configure the NetFlow Top Talkers function on an ASR1002 with ADVENTERPRISEK9-M, Version 15.2(4)S. With this new Hardware and Software I am surprised to see that the command:
ip flow-top-talkers
top 50
sort-by packets
cannot be found on the CLI - it's just not there.
View 1 Replies
View Related
