1. Home
  2. Cisco Systems
  3. Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed

Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed

Are there any Netflow experts out there who could give me some advice on how to implement Netflow on my Cisco 6509 with SUP2's?

IOS Version 12.2(18)SXD7

2 SUP2 Engines 2 GigE 48 Port modules FlexWan Module / Router PFC2 MSFC2

The GigE ports are carved into VLAN's: 1 (users and servers), 11 (DMZ

1), 12 (DMZ 2).

The Flex/WAN module has 4 ports (2 ISP's with 2 T1's each , so 2 multilinked)

My users connect to the core resoures through 2 Cisco 2900 100 fx switches. They both terminate on the 6509. The 2900's don't support Netflow.

I'd want to enable Netflow so that I can monitor traffic both on the LAN (VLAN1) and the WAN (Flex WAN). I need help understanding where to enable Netflow on the 6509 and where to export the ip flows. I want to redirect the flows to a netflow collector appliance.

I am already using 2 source SPAN ports which is the limit, so I can't create another SPAN port source.

If someone would be willing to chat either online or offline on how to configure this, then I would really appreciate it.

Beth

Reply to
sillz
Loading thread data ...

configure 'ip route-cache flow' on the vlans of the destinations or the WAN circuits themselves, and configure export statements to your collector on the proper version and port. You should be good to go.

Reply to
Trendkill

I got this netflow configuration for 6500 from the web and worked fine for me.

Switch(config)#mls netflow !--- Enables NetFlow on the PFC.

Switch(config)#mls flow ip full !--- Configures flow mask on the PFC. !--- In this example, flow mask is configured as full.

! Switch(config)#interface VlanX Switch(config-if)#ip route-cache flow Switch(config-if)#exit

Switch(config)#interface VlanY Switch(config-if)#ip route-cache flow Switch(config-if)#exit

Switch(config)#interface fastEthernet X/Y Switch(config-if)#ip route-cache flow Switch(config-if)#exit

!--- Enables NetFlow on the MSFC.

Switch(config)#ip flow ingress layer2-switched vlan X,Y

!--- Enables NetFlow for Layer 2-switched traffic on the PFC. !--- It also enables the NDE for Layer 2-switched traffic on the PFC.

Switch(config)#mls nde sender version 5

!--- Configures NDE in the PFC. This example configures NDE version

  1. !--- You need to configure the version based on your NetFlow collector.

Switch(config)#ip flow-export source loopback 0

Switch(config)#ip flow-export destination xxx.xxx.xxx.xxx 9996

!--- Configures NDE on the MSFC with the NetFlow collector IP address !--- and the application port number 9996. This port number varies !--- depending on the NetFlow collector you use.

Switch(config)#ip flow export layer2-switched vlan X,Y

!--- Enabling ip flow ingress as in the Enable NetFlow Section !--- automatically enables ip flow export. !--- If you disabled ip flow export earlier, you can enable it as mentioned.

Reply to
Y0giBear

Thanks! That worked great. I couldn't do the ingress layer 2 because I need to upgrade my IOS.

#ip flow ingress layer2-switched vlan X,Y

Thanks for your help!

Reply to
sillz

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.