Netflow Setup on Cisco 7204 VXR but not seen in Scrutinizer
Moderators: scottr, Moderator Team
6 posts
• Page 1 of 1
Netflow Setup on Cisco 7204 VXR but not seen in Scrutinizer
by smthomas23 » Tue Jan 24, 2012 9:47 pm
HI, Forum
I have believe I have the correct commands for my Cisco 7200 Series Edge Router.
ip flow-cache timeout active 5
ip flow-export source GigabitEthernet0/1
ip flow-export version 9
ip flow-export destination x.x.x.x (my internal server ip address) 6343
IOS: 12.4(23)
I am running the free version which allows you up to 5 devices for only 24 hour reporting.
I have restarted Scrutinizer but cannot get any flows to show up.
I also ran Wireshark and there seems to be something preventing the flow from being exported.
Here is the output:
edge-main# sh ip flow export
Flow export v9 is enabled for main cache
Export source and destination details :
VRF ID : Default
Source(1) x.x.x.x (GigabitEthernet0/1)
Destination(1) x.x.x.x (6343)
Version 9 flow records
87730352 flows exported in 146089962 udp datagrams
0 flows failed due to lack of export packet
15389419 export packets were sent up to process level
0 export packets were dropped due to no fib
1475 export packets were dropped due to adjacency issues
0 export packets were dropped due to fragmentation failures
0 export packets were dropped due to encapsulation fixup failures
What could be the issue?
I have believe I have the correct commands for my Cisco 7200 Series Edge Router.
ip flow-cache timeout active 5
ip flow-export source GigabitEthernet0/1
ip flow-export version 9
ip flow-export destination x.x.x.x (my internal server ip address) 6343
IOS: 12.4(23)
I am running the free version which allows you up to 5 devices for only 24 hour reporting.
I have restarted Scrutinizer but cannot get any flows to show up.
I also ran Wireshark and there seems to be something preventing the flow from being exported.
Here is the output:
edge-main# sh ip flow export
Flow export v9 is enabled for main cache
Export source and destination details :
VRF ID : Default
Source(1) x.x.x.x (GigabitEthernet0/1)
Destination(1) x.x.x.x (6343)
Version 9 flow records
87730352 flows exported in 146089962 udp datagrams
0 flows failed due to lack of export packet
15389419 export packets were sent up to process level
0 export packets were dropped due to no fib
1475 export packets were dropped due to adjacency issues
0 export packets were dropped due to fragmentation failures
0 export packets were dropped due to encapsulation fixup failures
What could be the issue?
- smthomas23
- Posts: 3
- Joined: Tue Jan 24, 2012 9:41 pm
Re: Netflow Setup on Cisco 7204 VXR but not seen in Scrutini
by scottr » Wed Jan 25, 2012 6:10 am
Hello,
The first thing that I would recommend is change the ip flow-cache timeout active to 1.
Then if you are not seeing flows hit the server in wireshark, determine what/where in the path they could be being blocked.
Scott
The first thing that I would recommend is change the ip flow-cache timeout active to 1.
Then if you are not seeing flows hit the server in wireshark, determine what/where in the path they could be being blocked.
Scott
-
scottr - Posts: 64
- Joined: Mon Oct 05, 2009 12:22 pm
Re: Netflow Setup on Cisco 7204 VXR but not seen in Scrutini
by smthomas23 » Wed Jan 25, 2012 6:29 am
The value has been changed and I have other devices that have flows being exported with
No issues.
No issues.
- smthomas23
- Posts: 3
- Joined: Tue Jan 24, 2012 9:41 pm
Re: Netflow Setup on Cisco 7204 VXR but not seen in Scrutini
by scottr » Wed Jan 25, 2012 8:00 am
Hello,
You are going to have to determine what might be blocking those flows from reaching the Scrutinizer server.
Scott
You are going to have to determine what might be blocking those flows from reaching the Scrutinizer server.
Scott
-
scottr - Posts: 64
- Joined: Mon Oct 05, 2009 12:22 pm
Re: Netflow Setup on Cisco 7204 VXR but not seen in Scrutini
by hoffswell » Wed Jan 25, 2012 12:30 pm
Hi -
Don't forget to set the flow collection on the monitored interface:
Don't forget to set the flow collection on the monitored interface:
- Code: Select all
ip flow-cache timeout active 1
ip flow-export source GigabitEthernet0/1
ip flow-export version 5 peer-as
ip flow-export destination 1.2.3.4 2055
interface GigabitEthernet0/2
ip flow ingress
- hoffswell
- Posts: 6
- Joined: Wed Jan 11, 2012 3:05 pm
Re: Netflow Setup on Cisco 7204 VXR but not seen in Scrutini
by smthomas23 » Thu Jan 26, 2012 9:01 am
Yup!! Forgot about applying to the interface!! (Duh moment)
Working now!! Gr8 product for netflows!!!!
Working now!! Gr8 product for netflows!!!!
- smthomas23
- Posts: 3
- Joined: Tue Jan 24, 2012 9:41 pm
6 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests