NetFlow on a 2600 series
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by Darragh Delaney on September 25, 2006, 11:27 am
Please log in for more thread options I am trying to get a NetFlow collector set up to receive NetFlow data from a Cisco 2600 series router. As you can see from the config below I have it set up to send to a NetFlow collector on port 2056. However there is very little NetFlow coming through to the collector, I did a tcpdump on its interface and a small numer of NetFlow packets are comming through. I have read in places that the ip flow-export source should be set to loopback. Could this make a difference. I have also enabled ip cef since I captured this config but it has made no difference. Any suggestions greatly appreciated. Thanks, Darragh Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname myrouter ! boot system flash c2600-i-mz_120-5_T1.bin ! ip subnet-zero ip flow-cache timeout active 1 ! ! ! process-max-time 200 ! interface FastEthernet0/0 ip address 172.21.16.1 255.255.255.0 ip helper-address 172.20.1.3 ip helper-address 172.16.1.12 no ip directed-broadcast ip route-cache flow ! interface Serial0/0 description Serial0/0 fr dlci! : (bs657657) ip address 192.168.127.46 255.255.255.252 no ip directed-broadcast encapsulation frame-relay ip route-cache flow no ip mroute-cache no keepalive no fair-queue cdp enable frame-relay class ToRemote frame-relay interface-dlci 21 ! router bgp 65500 bgp log-neighbor-changes network 192.168.128.0 mask 255.255.255.0 redistribute static route-map cpe-static neighbor 192.168.127.45 remote-as 5466 no auto-summary ! ip flow-export source FastEthernet0/0 ip flow-export version 5 peer-as ip flow-export destination 172.16.1.11 2056 ip classless ip route 0.0.0.0 0.0.0.0 172.22.16.1 no ip http server ! ! mgt-lan seq 5 permit 192.168.128.0/24 le 32 ! map-class frame-relay Connection frame-relay end-to-end keepalive mode passive-reply frame-relay traffic-rate 256000 256000 no frame-relay adaptive-shaping route-map cpe-static permit 10 match tag 1024 ! route-map cpe-static deny 20 ! route-map block-mgt-lan deny 10 match ip address prefix-list mgt-lan | |||||||||||||
|
Posted by on September 25, 2006, 3:14 pm
Please log in for more thread options Darragh Delaney wrote: I have had this working with a very similar configuration to this exept that I was missing the "peer-as" bit. As I understand it on a router such as a 2600 you /either/ have net-flow switching or CEF. If it is not working I would not turn on CEF. Having CEF on globally though may or may not affect netflow but I am pretty sure it will if you enable ip route-cache cef on the interfaces too. I seem to recall that the data was not available as soon as I expected and it was only after I came back a bit later that I realised that it really was working. Give it some hours. I fancy another look at this. I will give it a go. | |||||||||||||
| Similar Threads | Posted |
| NetFlow on a 2600 series | September 25, 2006, 11:27 am |
| HWIC-AP for 2600 Series | December 18, 2005, 4:50 am |
| 2600 series router using SDM | July 19, 2008, 6:14 am |
| Cisco 2600 Series Router T1 Speeds | December 3, 2005, 2:26 pm |
| Upgrading a Cisco 2600 Series Router | November 15, 2006, 1:27 pm |
| 6500 modules & netflow - what is the difference between "X-BAR" and "Fabric enabled" , netflow questions | October 12, 2005, 8:12 pm |
| PWR-2600-AC 2600 power supply to switch over a DC router? | August 7, 2008, 9:16 pm |
| Anyone clustering ASA5000-series boxes with 3000-series VPN concentrators | October 27, 2006, 10:45 am |
| Netflow over VPN | February 8, 2006, 6:20 pm |
| Netflow on PIX | December 5, 2006, 7:41 pm |
| "NetFlow" for ASA | April 3, 2007, 7:53 am |
| NetFlow | September 11, 2007, 4:07 pm |
| Re: NTOP & Netflow | February 13, 2006, 7:58 am |
| Is possible Pix + Netflow stadistics? | March 6, 2006, 11:28 am |
| Netflow easy, MLS not | June 21, 2006, 7:54 pm |
> I am trying to get a NetFlow collector set up to receive NetFlow data
> from a Cisco 2600 series router. As you can see from the config below
> I have it set up to send to a NetFlow collector on port 2056. However
> there is very little NetFlow coming through to the collector, I did a
> tcpdump on its interface and a small numer of NetFlow packets are
> comming through.
>
> I have read in places that the ip flow-export source should be set to
> loopback. Could this make a difference.
>
> I have also enabled ip cef since I captured this config but it has
> made no difference.
>
> ip flow-cache timeout active 1
>
> interface FastEthernet0/0
> ip route-cache flow
>
> interface Serial0/0
> ip route-cache flow
>
> ip flow-export source FastEthernet0/0
> ip flow-export version 5 peer-as
> ip flow-export destination 172.16.1.11 2056