Cisco 6509 w/ SUP2 - Netflow Expert Advice Needed

Discussion in 'Cisco' started by sillz, Dec 19, 2007.

  1. sillz

    sillz Guest

    Are there any Netflow experts out there who could give me some advice
    on how to implement Netflow on my Cisco 6509 with SUP2's?

    IOS Version 12.2(18)SXD7
    2 SUP2 Engines
    2 GigE 48 Port modules
    FlexWan Module / Router

    The GigE ports are carved into VLAN's: 1 (users and servers), 11 (DMZ
    1), 12 (DMZ 2).

    The Flex/WAN module has 4 ports (2 ISP's with 2 T1's each , so 2

    My users connect to the core resoures through 2 Cisco 2900 100 fx
    switches. They both terminate on the 6509. The 2900's don't support

    I'd want to enable Netflow so that I can monitor traffic both on the
    LAN (VLAN1) and the WAN (Flex WAN). I need help understanding where
    to enable Netflow on the 6509 and where to export the ip flows. I
    want to redirect the flows to a netflow collector appliance.

    I am already using 2 source SPAN ports which is the limit, so I can't
    create another SPAN port source.

    If someone would be willing to chat either online or offline on how to
    configure this, then I would really appreciate it.

    sillz, Dec 19, 2007
    1. Advertisements

  2. sillz

    Trendkill Guest

    configure 'ip route-cache flow' on the vlans of the destinations or
    the WAN circuits themselves, and configure export statements to your
    collector on the proper version and port. You should be good to go.
    Trendkill, Dec 20, 2007
    1. Advertisements

  3. sillz

    Y0giBear Guest

    I got this netflow configuration for 6500 from the web and worked fine
    for me.

    Switch(config)#mls netflow
    !--- Enables NetFlow on the PFC.

    Switch(config)#mls flow ip full
    !--- Configures flow mask on the PFC.
    !--- In this example, flow mask is configured as full.

    Switch(config)#interface VlanX
    Switch(config-if)#ip route-cache flow

    Switch(config)#interface VlanY
    Switch(config-if)#ip route-cache flow

    Switch(config)#interface fastEthernet X/Y
    Switch(config-if)#ip route-cache flow

    !--- Enables NetFlow on the MSFC.

    Switch(config)#ip flow ingress layer2-switched vlan X,Y

    !--- Enables NetFlow for Layer 2-switched traffic on the PFC.
    !--- It also enables the NDE for Layer 2-switched traffic on the PFC.

    Switch(config)#mls nde sender version 5

    !--- Configures NDE in the PFC. This example configures NDE version
    !--- You need to configure the version based on your NetFlow

    Switch(config)#ip flow-export source loopback 0

    Switch(config)#ip flow-export destination 9996

    !--- Configures NDE on the MSFC with the NetFlow collector IP address
    !--- and the application port number 9996. This port number varies
    !--- depending on the NetFlow collector you use.

    Switch(config)#ip flow export layer2-switched vlan X,Y

    !--- Enabling ip flow ingress as in the Enable NetFlow Section
    !--- automatically enables ip flow export.
    !--- If you disabled ip flow export earlier, you can enable it as
    Y0giBear, Dec 20, 2007
  4. sillz

    sillz Guest

    Thanks! That worked great. I couldn't do the ingress layer 2 because
    I need to upgrade my IOS.

    #ip flow ingress layer2-switched vlan X,Y

    Thanks for your help!
    sillz, Dec 21, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.