Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed (http://www.velocityreviews.com/forums/t562401-cisco-6509-w-sup2-netflow-expert-advice-needed.html)

sillz 12-19-2007 10:27 PM

Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed
 
Are there any Netflow experts out there who could give me some advice
on how to implement Netflow on my Cisco 6509 with SUP2's?

IOS Version 12.2(18)SXD7
2 SUP2 Engines
2 GigE 48 Port modules
FlexWan Module / Router
PFC2
MSFC2

The GigE ports are carved into VLAN's: 1 (users and servers), 11 (DMZ
1), 12 (DMZ 2).

The Flex/WAN module has 4 ports (2 ISP's with 2 T1's each , so 2
multilinked)

My users connect to the core resoures through 2 Cisco 2900 100 fx
switches. They both terminate on the 6509. The 2900's don't support
Netflow.

I'd want to enable Netflow so that I can monitor traffic both on the
LAN (VLAN1) and the WAN (Flex WAN). I need help understanding where
to enable Netflow on the 6509 and where to export the ip flows. I
want to redirect the flows to a netflow collector appliance.

I am already using 2 source SPAN ports which is the limit, so I can't
create another SPAN port source.

If someone would be willing to chat either online or offline on how to
configure this, then I would really appreciate it.

Beth

Trendkill 12-20-2007 12:46 AM

Re: Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed
 
On Dec 19, 5:27 pm, sillz <beth.sto...@gmail.com> wrote:
> Are there any Netflow experts out there who could give me some advice
> on how to implement Netflow on my Cisco 6509 with SUP2's?
>
> IOS Version 12.2(18)SXD7
> 2 SUP2 Engines
> 2 GigE 48 Port modules
> FlexWan Module / Router
> PFC2
> MSFC2
>
> The GigE ports are carved into VLAN's: 1 (users and servers), 11 (DMZ
> 1), 12 (DMZ 2).
>
> The Flex/WAN module has 4 ports (2 ISP's with 2 T1's each , so 2
> multilinked)
>
> My users connect to the core resoures through 2 Cisco 2900 100 fx
> switches. They both terminate on the 6509. The 2900's don't support
> Netflow.
>
> I'd want to enable Netflow so that I can monitor traffic both on the
> LAN (VLAN1) and the WAN (Flex WAN). I need help understanding where
> to enable Netflow on the 6509 and where to export the ip flows. I
> want to redirect the flows to a netflow collector appliance.
>
> I am already using 2 source SPAN ports which is the limit, so I can't
> create another SPAN port source.
>
> If someone would be willing to chat either online or offline on how to
> configure this, then I would really appreciate it.
>
> Beth


configure 'ip route-cache flow' on the vlans of the destinations or
the WAN circuits themselves, and configure export statements to your
collector on the proper version and port. You should be good to go.

Y0giBear 12-20-2007 03:55 AM

Re: Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed
 
I got this netflow configuration for 6500 from the web and worked fine
for me.


Switch(config)#mls netflow
!--- Enables NetFlow on the PFC.

Switch(config)#mls flow ip full
!--- Configures flow mask on the PFC.
!--- In this example, flow mask is configured as full.

!
Switch(config)#interface VlanX
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit

Switch(config)#interface VlanY
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit

Switch(config)#interface fastEthernet X/Y
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit

!--- Enables NetFlow on the MSFC.


Switch(config)#ip flow ingress layer2-switched vlan X,Y

!--- Enables NetFlow for Layer 2-switched traffic on the PFC.
!--- It also enables the NDE for Layer 2-switched traffic on the PFC.


Switch(config)#mls nde sender version 5

!--- Configures NDE in the PFC. This example configures NDE version
5.
!--- You need to configure the version based on your NetFlow
collector.

Switch(config)#ip flow-export source loopback 0

Switch(config)#ip flow-export destination xxx.xxx.xxx.xxx 9996

!--- Configures NDE on the MSFC with the NetFlow collector IP address
!--- and the application port number 9996. This port number varies
!--- depending on the NetFlow collector you use.


Switch(config)#ip flow export layer2-switched vlan X,Y

!--- Enabling ip flow ingress as in the Enable NetFlow Section
!--- automatically enables ip flow export.
!--- If you disabled ip flow export earlier, you can enable it as
mentioned.

sillz 12-21-2007 12:24 AM

Re: Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed
 
On Dec 19, 7:55 pm, Y0giBear <eshraros...@gmail.com> wrote:
> I got this netflow configuration for 6500 from the web and worked fine
> for me.
>
> Switch(config)#mls netflow
> !--- Enables NetFlow on the PFC.
>
> Switch(config)#mls flow ip full
> !--- Configures flow mask on the PFC.
> !--- In this example, flow mask is configured as full.
>
> !
> Switch(config)#interface VlanX
> Switch(config-if)#ip route-cache flow
> Switch(config-if)#exit
>
> Switch(config)#interface VlanY
> Switch(config-if)#ip route-cache flow
> Switch(config-if)#exit
>
> Switch(config)#interface fastEthernet X/Y
> Switch(config-if)#ip route-cache flow
> Switch(config-if)#exit
>
> !--- Enables NetFlow on the MSFC.
>
> Switch(config)#ip flow ingress layer2-switched vlan X,Y
>
> !--- Enables NetFlow for Layer 2-switched traffic on the PFC.
> !--- It also enables the NDE for Layer 2-switched traffic on the PFC.
>
> Switch(config)#mls nde sender version 5
>
> !--- Configures NDE in the PFC. This example configures NDE version
> 5.
> !--- You need to configure the version based on your NetFlow
> collector.
>
> Switch(config)#ip flow-export source loopback 0
>
> Switch(config)#ip flow-export destination xxx.xxx.xxx.xxx 9996
>
> !--- Configures NDE on the MSFC with the NetFlow collector IP address
> !--- and the application port number 9996. This port number varies
> !--- depending on the NetFlow collector you use.
>
> Switch(config)#ip flow export layer2-switched vlan X,Y
>
> !--- Enabling ip flow ingress as in the Enable NetFlow Section
> !--- automatically enables ip flow export.
> !--- If you disabled ip flow export earlier, you can enable it as
> mentioned.


Thanks! That worked great. I couldn't do the ingress layer 2 because
I need to upgrade my IOS.

#ip flow ingress layer2-switched vlan X,Y

Thanks for your help!


All times are GMT. The time now is 02:07 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.