Can NetFlow Analyzer report on layer2-switched flows?
Hi,
I've a Cisco 6500 that supports netflow of layer2 traffic. I've followed Cisco's steps for enabling this, but I only see flows associated with layer3 interfaces in the analyzer.
Is what I'm trying to do even possible with this tool?
Thanks,
Andy
From cisco.com:
Switch(config)#interface Vlan10
Switch(config-if)#ip address 10.10.10.1 255.255.255.0
Switch(config-if)#exit
Switch(config)#interface Vlan20
Switch(config-if)#ip address 10.10.20.1 255.255.255.0
Switch(config-if)#exit
Switch(config)#interface loopback 0
Switch(config-if)#ip address 10.10.1.1 255.255.255.255
Switch(config-if)#exit
Switch(config)#interface fastEthernet 3/1
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.10.200.1 255.255.255.0
Switch(config-if)#exit
!--- This configuration shows that
!--- the VLANs are configured with IP addresses.
!
Switch(config)#mls netflow
!--- Enables NetFlow on the PFC.
!
Switch(config)#mls flow ip full
!--- Configures flow mask on the PFC.
!--- In this example, flow mask is configured as full.
!
Switch(config)#interface Vlan10
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit
Switch(config)#interface Vlan20
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit
Switch(config)#interface fastEthernet 3/1
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit
!--- Enables NetFlow on the MSFC.
Switch(config)#ip flow ingress layer2-switched vlan 10,20
!--- Enables NetFlow for Layer 2-switched traffic on the PFC.
!--- It also enables the NDE for Layer 2-switched traffic on the PFC.
I've a Cisco 6500 that supports netflow of layer2 traffic. I've followed Cisco's steps for enabling this, but I only see flows associated with layer3 interfaces in the analyzer.
Is what I'm trying to do even possible with this tool?
Thanks,
Andy
From cisco.com:
Switch(config)#interface Vlan10
Switch(config-if)#ip address 10.10.10.1 255.255.255.0
Switch(config-if)#exit
Switch(config)#interface Vlan20
Switch(config-if)#ip address 10.10.20.1 255.255.255.0
Switch(config-if)#exit
Switch(config)#interface loopback 0
Switch(config-if)#ip address 10.10.1.1 255.255.255.255
Switch(config-if)#exit
Switch(config)#interface fastEthernet 3/1
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.10.200.1 255.255.255.0
Switch(config-if)#exit
!--- This configuration shows that
!--- the VLANs are configured with IP addresses.
!
Switch(config)#mls netflow
!--- Enables NetFlow on the PFC.
!
Switch(config)#mls flow ip full
!--- Configures flow mask on the PFC.
!--- In this example, flow mask is configured as full.
!
Switch(config)#interface Vlan10
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit
Switch(config)#interface Vlan20
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit
Switch(config)#interface fastEthernet 3/1
Switch(config-if)#ip route-cache flow
Switch(config-if)#exit
!--- Enables NetFlow on the MSFC.
Switch(config)#ip flow ingress layer2-switched vlan 10,20
!--- Enables NetFlow for Layer 2-switched traffic on the PFC.
!--- It also enables the NDE for Layer 2-switched traffic on the PFC.