Cisco :: Run Some NetFlow Monitoring On Few Sub Interfaces On 7301?
Mar 18, 2012
I would like to run some NetFlow monitoring on a few sub interfaces on a router. This is a 7301, with an NPE-G1.What I want to know is, does Cisco have a page anywhere (because I can't find one) that lists typical additional CPU and memory loads one can expect when enabling NetFlow on an (sub)-interface; perhaps for a given speed (Mbps) and/or number of flows?I don't want to enable NetFlow and then bring the device to a grinding halt, how can I know what sort of overhead to expect?
View 2 Replies
ADVERTISEMENT
Feb 7, 2010
I have a question regarding netflow and NAT. I have read some documentation (on ASR1000) regarding monitoring NAT process on Cisco ASR1000 that can be done using netflow version 9 (the term was called netflow event logging a.k.a NEL). The problem is, I have not found the netflow collector that can do that. I have queried several software such as manage engine "Netflow Analyzer" and Lancope, but they said their software can not do that.
View 11 Replies
View Related
Nov 21, 2011
Does the SGE2000 supports NetFlow? I've checked the Cisco docs and also called Cisco support to which no one has been able to answer me.
Anyhow, just in case it doesn't support NetFlow, how to be able to set up something that would be able to check the bandwidth usage on each port?
I've got a problem where I think the SGE2000 switch is failing when I pump around 190~200Mbps through x2 of the ports (Server A on port 1=130Mbps and Server B on port 2=60Mbps) of Multicast traffic (UDP). I can measure the output from the Streaming servers that provide the multicast content, thats how I know the input to the switch and I know that there are no packets lost or any errors departing from the servers, yet when I increase server B to say 80Mbps, I get break up and all sorts of problems on the client end STBs and it is happening on the multicast content provided by Server A too which is a different source, so I'm 99.9% sure its a SGE2000 switch problem which is why I'd like to monitor it somehow.
View 1 Replies
View Related
May 12, 2011
Does any know why the ASA will monitor physical interfaces by default, but monitoring of logical interfaces is disabled by default? Or better yet, is anybody doing a monitor-interface for a subint without issue? I'd imagine it isn't enabled by default for a reason.
View 2 Replies
View Related
May 17, 2013
How can i enable Netflow for each Vlan Or interface indvidually in Cisco ASA? currently i have setup Netflow and only 2 interfaces are shwoing traffic for Netflow which are not even as my physical or Vlan interfaces . (see screen shot )
EscapeASA# sh interface ip brief
Interface IP-Address OK? Method Status Protocol
Internal-Data0/0 unassigned YES unset up up
[Code].....
View 9 Replies
View Related
Dec 17, 2012
I am looking to configure port up/down status alerts in our monitoring system. We are using ActiveXperts Newtork Monitor Manager, which supports SNMP GET, which I would like to use. The monitoring system supports a plethra of OID data types, which I've used (Integet, ASG_INTEGET, ASGN_INTEGER32) in the past with success on our Catalyst 2k's. I'm not certain what to use for the Numeric OID value to monitor the port states on our F1 and M1 line cards.
View 1 Replies
View Related
Aug 17, 2011
Cisco 2951 w/ HWIC-4ESW
IOS 15.0(1)M5
#sh ip flow int
Vlan533
ip flow ingress
ip flow egress
#
The SVI sends the flow data just fine, however I also continue to receive flow data from most other interfaces.
I have attached a screenshot of one of our netflow collectors indicating that many of the interfaces are sending flow data even though not configured to do so. We have two different netflow collectors, from different vendors and both confirm the same interfaces sending flow data.
Normally I wouldn't care and ignore it, however one of them uses a license limit by interface and is a bit problematic.
View 2 Replies
View Related
Nov 29, 2012
I've got an issue with SNMP and netflow tools. They are displaying different data for the same (sub)interfaces.I've got metroethernet link which connects root A (Cisco 7606, 12.2(18)SXF8) and root B (Cisco 2811, 12.3(11)TS). MPLS is configured on the link (behind root B there is no more MPLS). I'm attaching root configurations (I've ommited parts of config).Interfaces are:
Root A - gi2/6.2144
Root B - fa0/1
I've configured SNMP and netflow on both devices. I'm using two SNMP tools (CA Spectrum and eHealth) and two netflow tools (CA NetQoS Reporter Analyzer and Fluke Networks NetFlow Tracker) to collect the data. SNMP tools show the same info for defined (sub)interface.Netflow tools also show the same info for defined (sub)interface. I'm attaching reports from one SNMP tool and one netflow tool for the same time period.
1. Looking at SNMP tool, it can be seen quite amount of that data in both in and out direction.
2. Looking at netflow tool, it can be seen quite amount of that data in out direction, while in direction shows small amount of data.
I'm aware that Cisco has difficulties with SNMP counters on subinterfaces. I'm also aware that MPLS netflow has its own difficulties.Root B netflow configuration is quite simple as it has just 2 interfaces to configure netflow on (Fa0/0 and Fa0/1). So I would guess SNMP and netflow data should match, but they don't. When you look at SNMP tool reports for roots A and B, it can be seen that traffic volume is practically mirrored.
View 3 Replies
View Related
Mar 13, 2012
Any major difrrence between Netflow v/s Netflow-Lite?
I am trying to understand if Cisco 4948E can do the same job as Cisco 4500E or not and difference between Netflow v/s Netflow-Lite will work for me to select correct product.
View 2 Replies
View Related
Aug 12, 2012
I need to configure cisco 7301 with list of hostnames/ip's. These need to be forwarded to internal ip's/ports (depending on the hostname)
In the current setup...
www.frog.com, ip 82.45.100.100 nat's to internal 10.0.0.1
go to www.frog.test, firewall allows and nat's to 10.0.0.1 - no problems
But now i have a need to make it so that different URL's go to different tcp ports on server
eg.URL
View 1 Replies
View Related
Jan 27, 2012
We have a Cisco 7301 concentrator, well two of them in HSRP configuration. We have multiple VPN's setup on that router (crypto map based). Recently we noticed the following:
- There is one IP address that has hundreds of static routes for some reason
- VPN for this customer is working, but I'm trying to find out why this is happening.
Here is how it looks like: S 0.0.0.0 0xF5FFFF2C [1/0] via "ip-address".There are hundreds of entries for a single IP there.
View 2 Replies
View Related
Feb 4, 2012
I'm trying to make a redundantish office/datacentre connection on the cheap. At the datacentre, we've got a 7301 (12.2(24)T5) and at the office we've got a Mikrotik RB1200 (5.12).The office router has two ADSL connections to two different ISPs, the datacentre router a single GigE to a colo provider. I'm trying to build an IPSec encrypted IPIP tunnel over each ADSL service to a separate loopback interface on the datacentre router, so I can run OSPF over the top for route exchange. I need to use two different loopbacks on the datacentre router so the office router can have a static route for each out each ISP ADSL. But I'm running into issues making encryption work on two different source addresses.Using the 'crypto map xxx local-address Loopback12' command, I can specify the outbound interface for one of the tunnels just fine, traffic moves as expected - while the other tunnel fails to encrypt. But is there a way of having two peers use two different local addresses, or applying two crypto maps to a single physical interface?
View 1 Replies
View Related
May 27, 2013
I have question regarding route reflector. In my MPLS core network ,we have two route reflectors. Two route reflectors and each PE routers are belonged to a peer group. Route reflectors are Cisco 7301. IOS 12.3. I have Hardware maintenace on one Routereflector. How can I do that without interupting the end customer trafic.
View 2 Replies
View Related
Apr 17, 2013
I have configured the netflow to gathering flow from my cisco 2800 as below:
interface GigabitEthernet0/0
description ### To VNPT_FTTH_20M ###
no ip address
ip flow egress
ip route-cache flow
[Code]...
But i still not see users addresses(each individual hosts will go though) What and where i am configured wrong? I also attached here the map network.
View 5 Replies
View Related
Jan 8, 2013
configured the monitor and exporter on the wcs 5508 running 7.4.100.0 and it is not working.
View 1 Replies
View Related
Mar 1, 2012
How NetFlow works when NAT is enabled in the Cisco Router? ...the translation of IP addresses is done before or after save the packets in the flow caches?
View 3 Replies
View Related
Jan 9, 2013
i just came to know Assurance feature license doesn't come for free when upgrading from LMS4.2 or NCS1.1. It has to be purchased. Before buying this license, i would like to know if IPv6 netflow is supported.
View 0 Replies
View Related
Feb 5, 2013
I have an issue with Netflow that I have been unable to solve. I have an ASA5510 that is sending netflow data to a FogLight NMS and it works fine until I reboot the server. After the server is rebooted, the flows no longer are received until I reload the ASA. Once the ASA is rebooted, flows work fine. I can remove and reconfigure the netflow configuration on the ASA and that will start the netflow again, but that is painful.
Is there any way to easily stop/restart or re-initiate the netflow from the ASA easily?
View 2 Replies
View Related
Apr 22, 2013
I see these errors on my 6500 router which acts as my server farm and has hundreds of servers connecting to it. I have just taken over these routers from another guy and think the errors may have been there for quiet awhile. I have another router which doen't seem to have these errors. Can you tell me how to turn off netflow? Will it cause any problems to my server farm? Is there a risk to the router if I disable something?
I ask this cause the server guys are having problems with certain servers. I am not sure if they are because of this or not. I really would like to clear the logs. [code]
View 4 Replies
View Related
May 22, 2013
I was trying to get Netflow setup on one of my 7K VDCs and ran into a problem. While netflow data was reaching the collector, IP src/dst information was not appearing in the analyzer tool. I could not see any information about conversations. So I contacted the company that makes the collector/analyzer and the directed me to a blog on their site and told me to setup the 7K exactly as it is described in the blog post. I did and a bit later the ip src/dst address information appeared. So the only difference between the two configurations was that in the first case I tried to define a record and in the second case, no record was defined and instead the orginial-netflow parameter was used in the "flow monitor" section. [code]
I referenced the document "Cisco Nexus 7000 Series NX-OS System Management Configuration Guide,Release 6.x", Chapter 19 - Configuring NetFlow.It's clear to me that I didn't do something right in defining my own record since that's really the only difference between the config that worked vs the config that didn't. However, the documentation I referenced doesn't really provide useful information about how to create a record (above and beyond what I can already see by typing '?' at the CLI).
For example, the "match" command makes no sense to me. Usually when you have a match command it is accompanied by some sort of ACL. In the "flow record" section a match command would be something like "match ipv4 source address" but that's it. What does that mean? Match anything that has a IPv4 source address?? That doesn't make much sense. The collect commands are equally as bewildering. If I want to define my own record (and not use the original-netflow parameter) what do I need to do in the "flow record" sub-configuration to get Nexus to send ip src/dst information to the collector (which, I would think, is basic information to send - what good is netflow data without it)?
View 1 Replies
View Related
Jan 10, 2011
We have a 1841 router and would like to enable netflow. Will this degrade the router's CPU and memory performance.
1841>sh verCisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.4(1c), RELEASE SOFTWARE (fc1)Technical Support: [URL] Copyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Tue 25-Oct-05 17:10 by evmiller
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
1841 uptime is 1 day, 4 hours, 47 minutesSystem returned to ROM by power-onSystem restarted at 11:04:25 MYT Mon Jan 10 2011System image file is "flash:c1841-ipbase-mz.124-1c.bin"
Cisco 1841 (revision 7.0) with 114688K/16384K bytes of memory.Processor board ID FCZ113311Y62 FastEthernet interfacesDRAM configuration is 64 bits wide with parity disabled.191K bytes of NVRAM.31360K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102
View 5 Replies
View Related
Apr 5, 2012
I am trying to setup Netflow to identify a problem I am having with a video conferencing system. Here are the commands that I have entered into the 6509 I am working on. I have checked this against another 6509 I have and these match. Not able to get netflow to show up on the solarwinds server. I have configured it to accept the netflow source coming from the 6509 I am working on.
ip flow-export version 9
ip flow-export destination 1.1.1.1 2055
ip flow-export sourc vlan 254
[Code].....
View 3 Replies
View Related
Dec 13, 2010
how I configure netflow on a cisco 877 router.
I have an interface e0/4 that is 172.1.1.1 on router one (network one) which links to another router (onnetwork two) which has an interface of e0/4 172.1.1.2 which allows two networks to communicate. Network one is 192.168.0.0 /24 and network two is 10.255.255.0 /24.
How do i configure netflow to monitor the traffic going through these interfaces?
View 1 Replies
View Related
Jan 12, 2011
I have a WS-C3560X-24P with this SW version 12.2(55)SE1. It has several L3 Vlan interfaces.How do I enable it to send Netflow traps?It does not support the ip flow-export commands.
View 3 Replies
View Related
Apr 19, 2012
I have a 7200 router with a 12.2.(46a) IOS and I am trying to activate Netflow on a subinterface. From the documentation of Cisco, I should be able to do it since the ios 12.2.(14)S but the command is unavailable.
[URL]
I have tried also to enter the command in the subinterface directly but it doesn't recognize it.
View 2 Replies
View Related
Aug 22, 2011
5505 ASA, 8.2(1) ,We can not get it to report Netflow to the collection agent at 192.168.1.34. Here is the commands I've entered:
asa# show run | i flow
access-list netflow-export extended permit ip any any
flow-export destination inside 192.168.1.34 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
class-map netflow-export-class
match access-list netflow-export
flow-export event-type all destination 192.168.1.34
policy-map netflow-export-policy
class netflow-export-class
flow-export event-type all destination 192.168.1.34
View 6 Replies
View Related
Sep 4, 2011
We have a Cisco 6500 running the following image;
Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICES_WAN-M), Version 12.2(33)SXH4, RELEASE SOFTWARE (fc1)
We are attempting to configure Netflow and export to a colloector. We have the following configuration applied to the device, we can ping from within the vrf to the destination of the flow collector
ip flow-cache timeout active 1
ip flow ingress layer2-switched vlan 1,800-801,803,821-823,861-862,871,900,998,1100-1107,1121,1200,1221,1301-1302,1321-1322
mls netflow interface
mls flow ip interface-full
ip flow-export version 5(code)
however we do not receive the flows on the collector. We can see the flow for both hardware and software but cannot see them at the collowctor.
View 2 Replies
View Related
Sep 25, 2011
how to configure the ASA to support netflow V9, either in ASDM or CLI mode as welcome.
i follow the PRTG guide it doens't seem success to make the detection on netflow activity
View 1 Replies
View Related
Jan 18, 2012
i want to enable net flow for multicast on my 6509-E with IOS s72033-advipservicesk9_wan-mz.122-33.SXI2a. I've checked the ios via software adviser to be sure that this feature is supported: Minimum Compatible Release 5 Additional Software
12.2SXJ Early Deployment View View View 512 512 N/A 12.2(33)SXJ s72033-advipservicesk9-mz.12.2-33.SXJ 12.2(33)SXJ N/A
12.2SXI Early Deployment View View View 512 512 N/A 12.2(33)SXI1s72033-advipservicesk9-mz.12.2-33.SXI1 12.2(33)SXI
I've used the command "ip multicast net flow output-counters", but that is not enough, i guess. It is required to use further interface commands like "ip multicast netflow....", isn't it? But this commands are not available:
Cisco6509(config-if)#ip multicast ?
boundary Boundary for administratively scoped multicast addresses
helper-map Broadcast to Multicast map OR Multicast to ip-address map
limit Limit multicast mroute state
[code]....
View 3 Replies
View Related
Jan 13, 2012
Recently bring up a new Router connected to ISP A and the Netflow collector/server is located in different location and they are connected to ISP B. I have enabled snmp and netflow config on my router(2911) but not receiving the netflow packets are not reaching the server for due to some strange reason whereas other packets like ICMP for snmp are reaching the netflow collector.Finally,I created GRE tunnel between the two locations routers and set the route for the netflow collector/server to the tunnel other end IP. In this way the netflow traffic are reaching successfully to the server.
View 1 Replies
View Related
Apr 7, 2013
NAM2-250S v5.1.2 in a 6509 collecting netflow information from a 3845. For some reason RTP traffic is not recognized as RTP by the NAM. It shows up under unknown. I have a NME-NAM-120S in a 2811 running the same 5.1.2 code and it recognizes the RTP traffic including call information. Is that because the netflow data is different than the SPAN that the NME is receiving?
View 0 Replies
View Related
Jun 20, 2012
how to integrate NetFlow to some Ciscoworks module.
View 3 Replies
View Related
Sep 6, 2012
I have a 4510 with sup7e and I would like to deploy netflow on this switch. The network will contain the 4510 switch where there will be 4 blades installed, each blade contains a separate Zone (vlan) . These 4 zones will then trunk upto a firewall via ten gig link over sub-interfaces. There will be an ip address assigned to each vlan on the 4500 switch but there can not be routing enabled between the vlans on the switch.
View 2 Replies
View Related
