Cisco Switching/Routing :: 3750X Netflow Packets Are Not Being Exported To Server After Update
Feb 5, 2012
Basically I have netflow which i'm trying to use to export to a netflow collector. I'm pretty sure that the 3750-X does support netflow. I've recently updated IOS on the 3750-X to support flexi netflow.For some reason the netflow packets are not being exported to the server. I'm using Opmanager which should present the netflow stats in the form of a graph. I'm using a universal IOS image. (C3750E-UNIVERSALK9-M), Version 12.2(58)SE2 3750-X WS-C3750X-24T-S
View 12 Replies
ADVERTISEMENT
Jul 23, 2012
router 7200 (12.2(33)SRE1)
two interfaces with traffic going through, placed in a Data-VRF
Another physical interface and loopback interface in the global routing-table.
ip flow ingress on all physical interfaces configured
It was running for at least a year: I was getting netflow packets on my analyzer from the box. Since a couple of weeks I get no netflow-packets anymore.debug ip flow export tells me "IPFLOW: Sending export pak to ... port 2055"
But the packet is not leaving the box. By setting up an ip sla monitor udp-echo I simulated some traffic (udp/2055) which is leaving the box.
[code]...
View 2 Replies
View Related
Mar 13, 2012
I have a problem with the 6500 not exporting netflow data. They are not exported due to no fib.I have read somewhere that this has something to do with VRF. VRF are running on the router.ip flow ingress has been applied to desired ip int.Is there anything I could do to make it export netflow data?
VSS-core-XXX-rs1#sh ip flow export
Flow export v5 is enabled for main cache
Export source and destination details :
VRF ID : Default
Source(1) xxx.xxx.83.253 (Unknown)
[code]....
View 7 Replies
View Related
Feb 8, 2012
I'm looking at implementing a new DMZ and wanted Netflow capability for security monitoring.The architectural principles I have to adhere to dictate that the switches within the DMZ are layer 2 however to get Netflow I need a minimum of a 3560/3750X, Network Services module, IP Base IOS with ip routing and CEF enabled.To do this and still keep the switch functioning as a layer 2 device the intention was not to configure SVI's or any static/dynamic routing protocols.Will Netflow still work in that scenario?
View 4 Replies
View Related
Mar 1, 2013
We have a 3750x 24s acting as a root switch for about 10 other 3750x's. Everything else seems fine, but the device stopped forwarding packets to the applied static route. [code]
View 3 Replies
View Related
May 9, 2013
We have a remote site that is using 3750X switches as layer 2 switches back to our home site. The uplink port is showing dropped packets but the utilization on the link is never about 10%. We have a 100Mb circuit to this site. Our speed tests and iperf tests are not showing any issues that we can see. However the port is still droping packets. It is not dropping at a high rate but they are dropping.
switch#sh platform port-asic stats drop gi1/1/4
Interface Gi1/1/4 TxQueue Drop Statistics Queue 0 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 1 Weight 0 Frames 52876 Weight 1 Frames 2 Weight 2 Frames 0 Queue 2 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 3 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 1330874 Queue 4 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 5 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 6 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 7 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0switch#
Is there a way to capture these dropped packets to see what they are? We do have VOIP phones at the site and are using Qos.
View 5 Replies
View Related
Mar 19, 2013
This feature doesn't work as advertised on the Release Notes and other documentation. After 12 hrs of lab work and a tlwo day support call to TAC, they finally came back to me that:
IOS Upgrade works well if you use the command force-reload, without force-reload, it won't work. --"of course with this command the complete stack will go down and the purpose of RSU will not serve"
Then they pointed me to a bug that I could not find in the bug tracker unless I searched by the bug ID number ?? CSCua78897
Unfortunately this bug has a closed status and is not slated to be fixed ?
View 2 Replies
View Related
Mar 13, 2012
Any major difrrence between Netflow v/s Netflow-Lite?
I am trying to understand if Cisco 4948E can do the same job as Cisco 4500E or not and difference between Netflow v/s Netflow-Lite will work for me to select correct product.
View 2 Replies
View Related
Jul 23, 2012
I imagine this question has been posted a million times before but here goes. I am trying to image a number of machines via Ghost Cast server across a 3750X stack running multiple V LAN's. I am running the IP BASE image so am aware that multicast functionality is limited.
I am running 12.2(55)SE3. I have tried adding both V LAN's into an IGMP group using the "ip igmp join-group" command which shows both V LANs as part of the group but to no real effect. To be honest though I am clutching at straws! I'm just starting to read through the documentation so hopefully that will work.
View 3 Replies
View Related
Apr 17, 2013
I have a DHCP server for a subnet that has only lightweight WAP's in it. The DHCP server is running on the gateway for this subnet which is a 3750X 2 switch stack running 12.2(53r)se2.I have the following configured:
ip dhcp excluded-address 10.1.10.161 10.1.10.162
ip dhcp pool DHCP-VL20
network 10.1.10.160 255.255.255.224
domain-name mydomain.net
dns-server 10.11.11.30 10.11.11.40
default-router 10.1.10.161
ease 3
The server hands out up to 18 IP addresses and no more, with 20 devices on the subnet. Scanning the subnet with a 3rd party network management system I see the following IP's never get handed out or used:
10.1.10.161 - 162 (manually excluded)
10.1.10.167 - 168
10.1.10.171 - 176
10.1.10.178
and of course 2 IP's I have manually excluded, 11 IP's in all that wont get handed out. It should only be 2 that don't get handed out. I've double and triple checked the exclusion and thats the only one. so I run a 'sh ip dhcp pool' and see this:
Pool DHCP-VL20 :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 30
[code]....
[edit]I should also mention that "sh ip dhcp bind" does not show these randomly excluded IP's in use. They also do not show up in any arp table I can find.I have looked all over the config and I cant find where these extra 9 addresses are being excluded. how to free up these 9 seemingly random exclusions? Haven't issued a reload and I haven't deleted and rebuilt the DHCP server yet, production network.
View 2 Replies
View Related
Mar 24, 2013
cisco WS-C6509-E Core switch with IOS "s72033-ipservicesk9_wan-mz.122-18.SXF11"
i have 2 question
Q.1 i want to upgrade this switch what is the latest IOS ver. supported by this module ?
Q.2 i need to enable http server on this switch when i run this comman it's accsebt but i cant get http work
View 1 Replies
View Related
Nov 4, 2012
Have a Cat 4507 with Supervisor 7-E, setup configuration to send NetFLow information to an external server, everything worked great but after 2 weeks, the exporter is showing zero packets sent and the following error is at the console:
[code]...
View 3 Replies
View Related
Mar 18, 2013
I have a SR520 just deployed at a remote site with Internet Access.
Working Environment:
Remote sites have SR520 with IPSEC VPN back to HQ and netflow v.5 works through the VPN back to our PRTG server.
Non-Working:
I cannot get Netflow data to our PRTG with this first SR520 implemented with Zone Base Security. I am not able to get my netflow traffic out. VPN is up and running. Internet is a dialer0 interface. I have a Kron job that does the copy run to tftp backup daily to the same PRTG server and it works fine.
Both my source interface and address on the TFTP command and the netflow commands are the same interfaces (VLAN75) and IP. The Destination ip is the same too (through the VPN tunnel).
Snipped:
flow exporter prtg
destination x.x.x.x
source Vlan75
[Code]....
View 2 Replies
View Related
Feb 11, 2012
I am trying to figure out the Flexible Net-flow on Cat 4510R+E Switch running IOS-XE code. My Neflow flow software is manageengine 7.X. I am able to see the netflow interfaces but the traffic itself is not displayed. On the Switch I can see the netflow exporter statistics counter being incremented thereby confirming as being exported.
View 2 Replies
View Related
Mar 17, 2013
I have a 370 with C3KX-NM-10G module & i want to enable NetFlow on it did the specified configs
Step 1 Flexible NetFlow Flow Recordsflow record miketestmatch datalink source-vlan-idmatch datalink dot1q prioritymatch datalink mac source-addressmatch datalink mac destination-addressmatch ipv4 versionmatch ipv4 tosmatch ipv4 ttlmatch ipv4 protocolmatch ipv4 source addressmatch ipv4 destination addressmatch transport source-portmatch transport destination-portmatch interface input physical snmpcollect interface output snmpcollect counter flowscollect counter bytescollect counter packetscollect timestamp sys-uptime firstcollect timestamp sys-uptime last flow record miketestegressmatch datalink destination-vlan-id match datalink dot1q priority match datalink mac source-address match datalink mac destination-address match ipv4 version match ipv4 tos match ipv4 ttl match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface output physical snmp collect interface input snmp collect counter flows collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last Step 2 Flexible NetFlow Flow ExporterFlow exporter export-to-samplicatorDestination 10.1.1.8source Vlan1Transport udp 2055option interface-table timeout 60 Step 3 Flexible NetFlow Flow Monitors# Tie the Flow Monitor to the Flow Recordflow monitor mikektestrecord miketestexporter export-to-samplicatorcache timeout active 60flow monitor mikektestegressrecord miketestegressexporter export-to-samplicatorcache timeout active 60
& Applied it to g1/1/1 but without any luck , if netflow works on the
TenGigabitEthernet1/1/1 &
TenGigabitEthernet1/1/2
Only i have four switches stacked and nothing plugged to the
C3KX-NM-10G module
View 1 Replies
View Related
May 8, 2013
I have 4506 with below sup, my requirement is to enable netfolw , but as i came to know that it is not supported in this sup, is there any additional option which can be explored to get the netflow working without replacing sup.
Card Type Model
-------------------------------------------------------------+-----------------------
Sup 6-E 10GE (X2), 1000BaseX (SFP) WS-X45-SUP6-E
View 4 Replies
View Related
Apr 9, 2012
Ive tried to configure NetFlow on layer 2 without success. I configured the recondmonitorexporter like the configuration guide said. but still i dont receive any netflow traffic. I checked the firewall on the VM and it looks fine.
i have done the command under the ethernet interface :" layer2-switch flow monitor TEST input" - for layer2 input.
View 4 Replies
View Related
Oct 23, 2011
Net flow on the Nexus 5596upI can't seem to find any information on the Nexus 5596 support of net flow. On Nexus 5596UP support of net flow ?
View 4 Replies
View Related
Nov 12, 2009
If a Supervisor 6-E will support NetFlow on a Catalyst 4507R-E?If not, what are my options for NetFlow on a 4507R-E?
View 7 Replies
View Related
Nov 3, 2011
To enable netflow export on ASR1001, do i need the firewall feaure license or not ?Docs are not really clear, NBAR requires FW license, but i am unsure about Netflow?
View 1 Replies
View Related
Feb 6, 2012
I am trying to use the following commands on the switch but it is not supported:
ip route-cache flow
ip flow-export destination
Attached is the output for show version and show module commands from the switch.
View 9 Replies
View Related
Jun 4, 2012
It is possible to configure the IOS NetFlow 122-58.SE2 in a Catalyst 3560?
View 5 Replies
View Related
Dec 25, 2011
I need to know if Cisco Switch 2960 support Netflow. If it doesn't, how do I configure the switch to enable Netflow?
View 3 Replies
View Related
Oct 30, 2011
I have a 3750E stackable swtch and I need to configure neflow on it. Are there any IOS versions that support netflow on the 3750E? Is there any possible to configure netflow on a 3750E? I do not see any netflow commands available on the switch?
View 2 Replies
View Related
Jun 4, 2013
We have Cisco Catalyst 6509-V-E VSS Switch with Sup2T und IOS Version 15.0(1)SY2. We are gettin input netflow information from the gi2/3/7 but not output ... I am not sure why it does not work.
View 1 Replies
View Related
May 22, 2012
How to get a summary of netflow statistics on NX-OS? On IOS you could do sh ip cache flow which would show what I need? Can't find a similar command on the Nexus Platform.
View 4 Replies
View Related
Nov 10, 2011
I have problems in exporting translations of NAT from my router through NetFlow v9 ASR1006, to my server nfdump, any opensource or licensed software (collector) that I recommend.
ip nat log translations flow-export v9 udp destination 10.1.1.15 1181
View 2 Replies
View Related
May 5, 2013
I have customer that we have configured netflow on the 2821 router that their traffic is on. Currently the company they have contracted with for the analysis is seeing data duplication. Below is the configuration for the interface and the router
Cisco 2821;
interface GigabitEthernet0/0
description TVC-FI-Ethernet-Fiber-Ethernet link
ip address 216.255.164.33 255.255.255.248 secondary
ip address 192.168.5.1 255.255.255.0 secondary
ip address 216.255.166.129 255.255.255.128 secondary
[code]....
View 2 Replies
View Related
Jun 8, 2009
I can't seem to find any information on the Nexus 5000 support of netflow. I assume that means it doesn't do netflow.
View 5 Replies
View Related
Apr 17, 2012
I have a router cisco 3825, it is configured with netflow for monitoring traffic with WhatsUpGold, but I can't monitor this router I don't know what is the problem.Device: Router Cisco 3825 IOS: C3825-ADVENTERPRISEK9-M 12.4. [code]
I have a switch4500 12.2 and a router 2801 IOS 15.1 and this device work well with the WhatsUp but these devices have the same configuration.I see diferents ouputs when I use show ip flow export, this output is for a router that work well with WhatsUp. [code]
View 3 Replies
View Related
Dec 17, 2011
I am working with a Catalyst 4503-E with a Sup7-E. I'm trying to enable Netflow, and I have read the following guides: Catalyst 4500 Series Switch SW Configuration Guide, Release IOS ...
I have also enabled Netflow in IOS 12.1/12.2 and figured the process was similar (It seems to be). CEF is enabled, and I have all the pre-reqs according to the document above, however, the flow commands don't exist, they simply say "command unrecognized". I have included my sh version below.
sh version (edited):
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.01.01.SG RELEASE SOFTWARE (fc1)
[Code].....
View 2 Replies
View Related
Nov 6, 2011
following errors.
Nov 7 21:34:50: %EARL_NETFLOW-SP-STDBY-4-TCAM_THRLD: Netflow TCAM threshold exceeded, TCAM Utilization [99%]
Nov 7 21:44:44: %EARL_NETFLOW-SP-4-TCAM_THRLD: Netflow TCAM threshold exceeded, TCAM Utilization [91%]
I've already found this kinds of cases, in this community. So, It seems that Changing the current configuration to 'mls aging fast threshold ## time ## ' is most suitable in our situation.But, I don't know how to calculate the apt threshold value and time value.
[1] sh run | in mls
mls ip multicast flow-stat-timer 9
mls flow ip interface-full
no mls flow ipv6
no mls acl tcam share-global
mls cef error action freeze
[code]....
View 1 Replies
View Related
Aug 28, 2012
Is it possible to have one netflow export profile (may not be the right word...) to send all the flow information to one collector and another profile to only send traffic to and from centain IP addresses to another collector? If it is possible on the hardware and software, any quick sample config?
#sh ver
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXH4,
#sho module 7
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
7 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAL1115LJBR
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
7 0017.9444.9814 to 0017.9444.9817 5.3 8.4(2) 12.2(33)SXH4 Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
7 Policy Feature Card 3 WS-F6K-PFC3B SAL1115L2NH 2.3 Ok
7 MSFC3 Daughterboard WS-SUP720 SAL1115LH7W 2.6 Ok
Mod Online Diag Status
---- -------------------
7 Pass
View 2 Replies
View Related
