Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed

Discussion in 'Cisco' started by sillz, Dec 19, 2007.

  1. sillz

    sillz Guest

    Are there any Netflow experts out there who could give me some advice
    on how to implement Netflow on my Cisco 6509 with SUP2's?

    IOS Version 12.2(18)SXD7
    2 SUP2 Engines
    2 GigE 48 Port modules
    FlexWan Module / Router
    PFC2
    MSFC2

    The GigE ports are carved into VLAN's: 1 (users and servers), 11 (DMZ
    1), 12 (DMZ 2).

    The Flex/WAN module has 4 ports (2 ISP's with 2 T1's each , so 2
    multilinked)

    My users connect to the core resoures through 2 Cisco 2900 100 fx
    switches. They both terminate on the 6509. The 2900's don't support
    Netflow.

    I'd want to enable Netflow so that I can monitor traffic both on the
    LAN (VLAN1) and the WAN (Flex WAN). I need help understanding where
    to enable Netflow on the 6509 and where to export the ip flows. I
    want to redirect the flows to a netflow collector appliance.

    I am already using 2 source SPAN ports which is the limit, so I can't
    create another SPAN port source.

    If someone would be willing to chat either online or offline on how to
    configure this, then I would really appreciate it.

    Beth
     
    sillz, Dec 19, 2007
    #1
    1. Advertising

  2. sillz

    Trendkill Guest

    On Dec 19, 5:27 pm, sillz <> wrote:
    > Are there any Netflow experts out there who could give me some advice
    > on how to implement Netflow on my Cisco 6509 with SUP2's?
    >
    > IOS Version 12.2(18)SXD7
    > 2 SUP2 Engines
    > 2 GigE 48 Port modules
    > FlexWan Module / Router
    > PFC2
    > MSFC2
    >
    > The GigE ports are carved into VLAN's: 1 (users and servers), 11 (DMZ
    > 1), 12 (DMZ 2).
    >
    > The Flex/WAN module has 4 ports (2 ISP's with 2 T1's each , so 2
    > multilinked)
    >
    > My users connect to the core resoures through 2 Cisco 2900 100 fx
    > switches. They both terminate on the 6509. The 2900's don't support
    > Netflow.
    >
    > I'd want to enable Netflow so that I can monitor traffic both on the
    > LAN (VLAN1) and the WAN (Flex WAN). I need help understanding where
    > to enable Netflow on the 6509 and where to export the ip flows. I
    > want to redirect the flows to a netflow collector appliance.
    >
    > I am already using 2 source SPAN ports which is the limit, so I can't
    > create another SPAN port source.
    >
    > If someone would be willing to chat either online or offline on how to
    > configure this, then I would really appreciate it.
    >
    > Beth


    configure 'ip route-cache flow' on the vlans of the destinations or
    the WAN circuits themselves, and configure export statements to your
    collector on the proper version and port. You should be good to go.
     
    Trendkill, Dec 20, 2007
    #2
    1. Advertising

  3. sillz

    Y0giBear Guest

    I got this netflow configuration for 6500 from the web and worked fine
    for me.


    Switch(config)#mls netflow
    !--- Enables NetFlow on the PFC.

    Switch(config)#mls flow ip full
    !--- Configures flow mask on the PFC.
    !--- In this example, flow mask is configured as full.

    !
    Switch(config)#interface VlanX
    Switch(config-if)#ip route-cache flow
    Switch(config-if)#exit

    Switch(config)#interface VlanY
    Switch(config-if)#ip route-cache flow
    Switch(config-if)#exit

    Switch(config)#interface fastEthernet X/Y
    Switch(config-if)#ip route-cache flow
    Switch(config-if)#exit

    !--- Enables NetFlow on the MSFC.


    Switch(config)#ip flow ingress layer2-switched vlan X,Y

    !--- Enables NetFlow for Layer 2-switched traffic on the PFC.
    !--- It also enables the NDE for Layer 2-switched traffic on the PFC.


    Switch(config)#mls nde sender version 5

    !--- Configures NDE in the PFC. This example configures NDE version
    5.
    !--- You need to configure the version based on your NetFlow
    collector.

    Switch(config)#ip flow-export source loopback 0

    Switch(config)#ip flow-export destination xxx.xxx.xxx.xxx 9996

    !--- Configures NDE on the MSFC with the NetFlow collector IP address
    !--- and the application port number 9996. This port number varies
    !--- depending on the NetFlow collector you use.


    Switch(config)#ip flow export layer2-switched vlan X,Y

    !--- Enabling ip flow ingress as in the Enable NetFlow Section
    !--- automatically enables ip flow export.
    !--- If you disabled ip flow export earlier, you can enable it as
    mentioned.
     
    Y0giBear, Dec 20, 2007
    #3
  4. sillz

    sillz Guest

    On Dec 19, 7:55 pm, Y0giBear <> wrote:
    > I got this netflow configuration for 6500 from the web and worked fine
    > for me.
    >
    > Switch(config)#mls netflow
    > !--- Enables NetFlow on the PFC.
    >
    > Switch(config)#mls flow ip full
    > !--- Configures flow mask on the PFC.
    > !--- In this example, flow mask is configured as full.
    >
    > !
    > Switch(config)#interface VlanX
    > Switch(config-if)#ip route-cache flow
    > Switch(config-if)#exit
    >
    > Switch(config)#interface VlanY
    > Switch(config-if)#ip route-cache flow
    > Switch(config-if)#exit
    >
    > Switch(config)#interface fastEthernet X/Y
    > Switch(config-if)#ip route-cache flow
    > Switch(config-if)#exit
    >
    > !--- Enables NetFlow on the MSFC.
    >
    > Switch(config)#ip flow ingress layer2-switched vlan X,Y
    >
    > !--- Enables NetFlow for Layer 2-switched traffic on the PFC.
    > !--- It also enables the NDE for Layer 2-switched traffic on the PFC.
    >
    > Switch(config)#mls nde sender version 5
    >
    > !--- Configures NDE in the PFC. This example configures NDE version
    > 5.
    > !--- You need to configure the version based on your NetFlow
    > collector.
    >
    > Switch(config)#ip flow-export source loopback 0
    >
    > Switch(config)#ip flow-export destination xxx.xxx.xxx.xxx 9996
    >
    > !--- Configures NDE on the MSFC with the NetFlow collector IP address
    > !--- and the application port number 9996. This port number varies
    > !--- depending on the NetFlow collector you use.
    >
    > Switch(config)#ip flow export layer2-switched vlan X,Y
    >
    > !--- Enabling ip flow ingress as in the Enable NetFlow Section
    > !--- automatically enables ip flow export.
    > !--- If you disabled ip flow export earlier, you can enable it as
    > mentioned.


    Thanks! That worked great. I couldn't do the ingress layer 2 because
    I need to upgrade my IOS.

    #ip flow ingress layer2-switched vlan X,Y

    Thanks for your help!
     
    sillz, Dec 21, 2007
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    0
    Views:
    946
  2. Andy½
    Replies:
    4
    Views:
    499
    Craig
    Mar 1, 2004
  3. acdsp
    Replies:
    6
    Views:
    4,380
    acdsp
    Feb 2, 2007
  4. sillz
    Replies:
    0
    Views:
    1,557
    sillz
    Dec 12, 2007
  5. fabianV
    Replies:
    0
    Views:
    6,132
    fabianV
    Jul 6, 2009
Loading...

Share This Page